Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

CVE-2024-38063 Overview In August 2024, Microsoft release...

CVE-2023-51698

Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the target user opens a crafted document or clicks on a crafted link/URL using a maliciously crafted CB...

Archive any private memos + Delete any Shortcut + Edit any Shortcut from other users

Description User can archive any private memos, Delete any Shortcut and Edit any Shortcut from other users via api PATCH /api/memo/8 HTTP/1.1 "id":8,"rowStatus":"ARCHIVED" PATCH /api/shortcut/2 HTTP/1.1 "id":2,"title":"shortahihix","payload":"" DELETE /api/shortcut/2 Proof of Concept Login to...

View any content private memos from other users

Description User can view any content from private private memos from other users via api PATCH /api/memo/8 HTTP/1.1 "id":8,"rowStatus":"ARCHIVED" Proof of Concept Login to website in brower 1 with user A. Login to website in brower 2 with user B. Example: User B have private nemo with id 8. With...

Exploit for Path Traversal in Zimbra Collaboration

CVE-2022-41352 Zimbra Unauthenticated RCE CVE-2022-41352...

NGWAF - First Iteration Of ML Based Feedback WAF

The Motivation | What is the N3XT ST3P? With the explosive growth of web applications since the early 2000s, web-based attacks have progressively become more rampant. One common solution is the Web Application Firewall WAF. However, tweaking rules of current WAFs to improve the detection mechanis...

Gallia - Extendable Pentesting Framework

Gallia is an extendable pentesting framework with the focus on the automotive domain. The scope of gallia is conducting penetration tests from a single ECU up to whole cars, with the main focus on the UDS interface. Taking advantage of this modular design, the logging and archiving functionality...

in jsdecena/laracom

Description Hi there, I would like to report a vulnerability that allows a hacker to upload dangerous file type in jsdecena/laracom. Attacker must have an account with permission to Edit Product E.g. Clerk role. Then, he can upload malcious file with extensions such as html, svg,... which leads t...

Exploit for Incorrect Calculation in Google Android

BluefragCVE-2020-0022 This is a RCE bluetooth vulnerability o...

Microsoft Windows 10 AppXSvc Deployment Service - Arbitrary File Deletion Exploit

/ Author : Abdelhamid Naceri Discovered On : 13/08/2019 Description : An Elevation Of Privileges Exist when the microsoft AppXSvc Deployment Service Cannot Properly Handle The Folder Junction lead to an arbitrary file deletion from a low integrity user . Still Unpatched On 13/08/2019 Here Is A De...

Exploit for Use After Free in Microsoft

CVE-2019-0708 - BlueKeep RDP RDP Connection Sequence:...

Sn1per v7.0 - Automated Pentest Framework For Offensive Security Experts

Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security's premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage...

BruteX v1.9 - Automatically Brute Force All Services Running On A Target

Automatically brute force all services running on a target Open ports Usernames Passwords INSTALL: ./install.sh USAGE: brutex target DOCKER: docker build -t brutex . docker run -it brutex target DEMO VIDEO: Download BruteX...

imR0T - Send A Message To Your Whatsapp Contact And Protect Your Text By Encrypting And Decrypting (ROT13)

imR0T: Send a quick message with simple text encryption to your whatsapp contact and protect your text by encrypting and decrypting, basically in ROT13 with new multi encryption based algorithm on ASCII and Symbols Substitution. How To Use It's simple: Clone this repository git clone...

See my how-to the Apache fuzzing and dig to a value of 1500 knife of vulnerability-vulnerability warning-the black bar safety net

Target In the AFL in the view of the Apache httpd server's crash logs, I found a lot of problems. For example, some crash testing with example in fuzz testing tools internal collapse, but also affect the test program stability. In this article, I will talk to you to explain the test case to crash...

nWatch - Tool for Host Discovery, PortScanning and Operating System Fingerprinting

nWatch is a handy tool for host discovery, portscanning and operating system fingerprinting. Demo video Requirements nmap scapy colorama ctypes Installation and execution Install the requirements Then you can download nWatch by cloning the Git repository: git clone...

iOS 10 iMessage character crash Bug again-vulnerability warning-the black bar safety net

! Recently, hacker@vincedes3 found a from iOS 8 to iOS 10.2.1 b2 universal iMessage character crash Bug, the Bug also utilizes the iOS 8 iMessage SMS Bug of a similar technique, a section of malicious code sent to the victims, the victims in receiving SMS, browse SMS can be caught, then the SMS...

Appie v3 - Android Pentesting Portable Integrated Environment

Appie is a software package that has been pre-configured to function as an Android Pentesting Environment on any windows based machine without the need of a Virtual MachineVM or dualboot. It is completely portable and can be carried on USB stick or your smartphone. It is one of its kind Android...

ATOMYMAXSITE 2.5 SQL Injection

Exploit Title : ATOMYMAXSITE 2.5 SQL Injection Vulnerability Exploit Author : Persian Hack Team Vendor Homepage : http://www.ibizz.nl/ Google Dork : "Power by : ATOMYMAXSITE 2.5" OR Powered by ATOMYMAXSITE 2.5 Date: 2015/12/24 Version : 2.5 Demo:...

Microsoft Office 2007 - msxml5.dll Crash PoC

Exploit for windows platform in category dos / poc !/usr/bin/perl -w Title : Microsoft Office 2007 msxml5.dll - Crash Proof Of Concept Tested : Microsoft Office 2007 / Win7 DLL : msxml5.dll 5.20.1072.0 WINWORD.EXE version : 12.0.6612.1000 Author : Mohammad Reza Espargham Linkedin :...