kog-bonds-poc

KOG Bonds POC Agent Complete proof-of-concept demonstrating e...

PT-2025-52322

Name of the Vulnerable Software and Affected Versions GLPI version 9.5.7 Description The software contains a flaw in the password recovery process that allows for username enumeration. An attacker can validate email addresses by submitting requests to the password reset functionality and observin...

web-app-vulnerability-scanner

web-app-vulnerability-scanner A Python-based Web Application V...

PT-2025-29438 · Otrs Ag · Otrs

Name of the Vulnerable Software and Affected Versions: OTRS versions 7.0.X OTRS versions 8.0.X OTRS versions 2023.X OTRS versions 2024.X OTRS versions 2025.X Description: A flaw in the External Interface of OTRS allows attackers to determine the existence of user accounts by analyzing different...

Exploit for SQL Injection in Mayurik Best_Salon_Management_System

CVE-2025-6860 Exploit Tool A proof‑of‑concept command‑line to...

Exploit for Improper Input Validation in Atlassian Confluence_Data_Center

CVE-2023-22515-NSE This repository provides a tool to check f...

OpenCart CMS 4.0.2.2 Brute Force Vulnerability

Exploit Title: OpenCart CMS v4.0.2.2 Login Vulnerability Category: Web Application CMS Exploit Author: Rajdip Dey Sarkar Version: 4.0.2.2 Tested on: Windows/Kali CVE: CVE-2023-40834 Description: ---------------- OpenCart CMS version 4.0.2.2 is susceptible to login brute-force attacks, where...

Email enumeration via reset password functionality

Description User enumeration is when a malicious actor can use brute-force techniques to either guess or confirm valid users in a system. The malicious actor is looking for differences in the server's response based on the validity of submitted credentials. The differences can be inside the...

U.S. Dept Of Defense: ██████████ vulnerable to CVE-2022-22954

I found that one of the targets belongs to DOD vulnerable to CVE-2022-22954 where an attacker may be able to execute any malicious code like escalating Remote code execution is also possible Technical Summary: CVE-2022-22954 is a server-side template injection vulnerability in the VMware Workspac...

GitLab Community Edition (CE) 13.10.3 - (Sign_Up) User Enumeration Vulnerability

Exploit Title: GitLab Community Edition CE 13.10.3 - 'SignUp' User Enumeration Exploit Author: @4D0niiS https://github.com/4D0niiS Vendor Homepage: https://gitlab.com/ Version: 13.10.3 Tested on: Kali Linux 2021.1 INFO: An unauthenticated attacker can remotely enumerate the existence of different...

Burrowing ideas | account to attack of a several common techniques-vulnerability warning-the black bar safety net

web security incidents, the account, is usually presented to the attacker's first point of contact with account-related functions if there is a defect, an attacker can obtain the key information and important features, such as, the login fails, the error message can determine whether the because...

Open Source Database Fuzzing: FuzzDB

FuzzDB is the most comprehensive Open Source database of malicious inputs, predictable resource names, greppable strings for server response messages, and other resources like web shells. It’s like an application security scanner, without the scanner. What’s in FuzzDB? Predictable Resource...

[fuzzdb] Attack and Discovery Pattern Database for Application Fuzz Testing

fuzzdb aggregates known attack patterns, predictable resource names, server response messages, and other resources like web shells into the most comprehensive Open Source database of malicious and malformed input test cases. What's in fuzzdb? Predictable Resource Locations - Because of the...

cache_control

This plugin analyzes every HTTPS response and reports instances of incorrect cache control which might lead the users browser to cache sensitive contents on their system. The expected headers for HTTPS responses are: Pragma: No-cache Cache-control: No-store Plugin type Grep Options This plugin...

strange_reason

Analyze HTTP response reason messages sent by the remote web application and report uncommon findings. Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand...

http-waf-fingerprint NSE Script

Tries to detect the presence of a web application firewall and its type and version. This works by sending a number of requests and looking in the responses for known behavior and fingerprints such as Server header, cookies and headers values. Intensive mode works by sending additional WAF specif...

http-form-brute NSE Script

Performs brute force password auditing against http form-based authentication. This script uses the unpwdb and brute libraries to perform password guessing. Any successful guesses are stored in the nmap registry, using the creds library, for other scripts to use. The script automatically attempts...

The third trick is to determine the WWW service type-bug warning-the black bar safety net

Invasion of the target before there is a analysis target host stage, so now on to talk about the invasion front of the server is to how to analysis each other-that is, pre-invasion information gathering, of course, gathering the information, the more detailed the help the better, although now som...

Service Detection (HELP Request)

It was possible to identify the remote service by its banner or by looking at the error message it sends when it receives a 'HELP' request. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11153; scriptversion"1.318"; scriptsetattributeattribute:"pluginmodificationdate...