Lucene search
K

22 matches found

Metasploit
Metasploit
added 4 days ago12 views

Dword XOR Encoder (Tag-based)

Dword XOR encoder for RISC-V 32-bit Little Endian using a tag-based terminator rather than an encoded length. The decoder loop XORs each dword and stops when the result is zero the sentinel. This avoids encoding the payload length in the stub, eliminating a source of bad character conflicts. Note...

6.1AI score
Exploits0
Metasploit
Metasploit
added 4 days ago12 views

Byte XORi Encoder

Byte XOR encoder for RISC-V 32-bit Little Endian. Encodes the payload byte-by-byte with a 1-byte XOR key using the xori instruction. Useful when R-type XOR instruction bytes 0x33 are bad characters. Module Options msf use encoder/riscv32le/bytexori msf encoderbytexori show actions ...actions... m...

6.1AI score
Exploits0
Metasploit
Metasploit
added 4 days ago28 views

XOR Encoder

Dword XOR encoder for RISC-V 64-bit Little Endian. Encodes the payload with a 4-byte XOR key. Module Options msf use encoder/riscv64le/longxor msf encoderlongxor show actions ...actions... msf encoderlongxor set ACTION msf encoderlongxor show options ...show and set options... msf encoderlongxor...

6.1AI score
Exploits0
Metasploit
Metasploit
added 4 days ago12 views

Byte XORi Encoder

Byte XOR encoder for RISC-V 64-bit Little Endian. Encodes the payload byte-by-byte with a 1-byte XOR key using the xori instruction. Useful when R-type XOR instruction bytes 0x33 are bad characters. Module Options msf use encoder/riscv64le/bytexori msf encoderbytexori show actions ...actions... m...

6.1AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/22 1:38 p.m.2 views

CVE-2019-25612 Admin Express 1.2.5.485 Local SEH Buffer Overflow via Folder Path

Admin Express 1.2.5.485 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an alphanumeric encoded payload in the Folder Path field. Attackers can trigger the vulnerability through the System Compare...

8.5CVSS6.4AI score0.00144EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/11 6:23 p.m.1 views

CVE-2019-25467

Verypdf docPrint Pro 8.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized alphanumeric encoded payload in the User Password or Master Password fields. Attackers can craft a malicious payload with...

8.6CVSS6.3AI score0.00113EPSS
Exploits0References4Affected Software1
GithubExploit
GithubExploit
added 2025/12/26 2:6 p.m.163 views

cl-cybersec-pysxss

XSS WAF Lab – Payload Generator This project studies how Web...

6.3AI score
Exploits0
GithubExploit
GithubExploit
added 2025/11/19 11:16 p.m.209 views

Exploit for Deserialization of Untrusted Data in Laravel

CVE-2018-15133-PoC Este script Python implementa un exploit d...

8.1CVSS7.1AI score0.76814EPSS
Exploits11
Code423n4
Code423n4
added 2023/10/06 12:0 a.m.12 views

Incorrect functionID will not trigger fallback

Lines of code Vulnerability details Impact When encoding a payload for settlement of multiple tokens, the fallback flag is not set when it should be. This will cause no fallback to be triggered even though the user has paid enough to cover the additional costs that are required. Proof of Concept ...

7AI score
Exploits0
GithubExploit
GithubExploit
added 2022/03/31 3:43 p.m.369 views

Exploit for Code Injection in Vmware Spring_Framework

Spring Framework RCE exploitation Quick pentest notes...

9.8CVSS8.9AI score0.99677EPSS
Exploits102
Exploit DB
Exploit DB
added 2022/01/12 12:0 a.m.391 views

Microsoft Windows Defender - Detections Bypass

Exploit Title: Microsoft Internet Explorer / ActiveX Control - Security Bypass Exploit Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERDETECTIONBYPASS.txt twitter.com/hyp3rlinx ISR: ApparitionSec Vendor...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2021/07/18 12:30 p.m.78 views

DNSStager - Hide Your Payload In DNS

DNSStager is an open-source project based on Python used to hide and transfer your payload using DNS. DNSStager will create a malicious DNS server that handles DNS requests to your domain and return your payload as a response to specific record requests such as AAAA or TXT records after splitting...

7.6AI score
Exploits0References3
Kitploit
Kitploit
added 2020/07/13 12:30 p.m.31 views

Padding-Oracle-Attacker - CLI Tool And Library To Execute Padding Oracle Attacks Easily

CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI. Install Make sure Node.js is installed, then run $ npm install --global padding-oracle-attacker or $ yarn global add padding-oracle-attacker CLI Usage Usage $...

7.7AI score
Exploits0References7
FireEye
FireEye
added 2019/10/21 12:0 a.m.36 views

Shikata Ga Nai Encoder Still Going Strong

One of the most popular exploit frameworks in the world is Metasploit. Its vast library of pocket exploits, pluggable payload environment, and simplicity of execution makes it the de facto base platform. Metasploit is used by pentesters, security enthusiasts, script kiddies, and even malicious...

0.1AI score
Exploits0References4
Kitploit
Kitploit
added 2015/03/11 3:30 p.m.28 views

XSSYA v2.0 - Cross Site Scripting Scanner & Vulnerability Confirmation

XSSYA Cross Site Scripting Scanner & Vulnerability Confirmation written in python scripting language confirm the XSS Vulnerability in two method first work by execute the payload encoded to bypass Web Application Firewall which is the first method request and responseif it respond 200 it turn...

6.2AI score
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

FSD 2.052/3.000 sysuser.cc sysuser::exechelp Function HELP Command Remote Overflow

No description provided by source. source: http://www.securityfocus.com/bid/25883/info FSD is prone to multiple remote buffer-overflow vulnerabilities because the application fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit these issues to execute arbitrary...

7.1AI score
Exploits0
Metasploit
Metasploit
added 2014/02/16 10:12 a.m.30 views

Sub Encoder (optimised)

Encodes a payload using a series of SUB instructions and writing the encoded value to ESP. This concept is based on the known SUB encoding approach that is widely used to manually encode payloads with very restricted allowed character sets. It will not reset EAX to zero unless absolutely necessar...

7.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/01/14 12:0 a.m.3 views

JavaScript Payload Encoding

Certain JavaScript obfuscation schemes can be used to circumvent security software. These methods could allow attackers to execute arbitrary code on a target machine...

7.7AI score
Exploits0
exploitpack
exploitpack
added 2012/04/27 12:0 a.m.21 views

CPE17 Autorun Killer 1.7.1 - Local Stack Buffer Overflow (Metasploit)

CPE17 Autorun Killer 1.7.1 - Local Stack Buffer Overflow Metasploit CPE17 Autorun Killer 'CPE17 Autorun Killer %q readfile function is vulnerable it can be overflow , 'Author' = 'Xelenonz' , 'Version' = '0.1', 'Payload' = 'EncoderType' = Msf::Encoder::Type::AlphanumMixed, 'EncoderOptions' =...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/04/27 12:0 a.m.26 views

CPE17 Autorun Killer 1.7.1 Buffer Overflow

CPE17 Autorun Killer 'CPE17 Autorun Killer %q readfile function is vulnerable it can be overflow , 'Author' = 'Xelenonz' , 'Version' = '0.1', 'Payload' = 'EncoderType' = Msf::Encoder::Type::AlphanumMixed, 'EncoderOptions' = 'BufferRegister'='ECX', , 'DefaultOptions' = 'DisablePayloadHandler' =...

1.6AI score
Exploits0
Rows per page
Query Builder