MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner', 'Description' = %q This module is based on et's HTTP Directory Scanner module, with...

JetBackup < 2.0.9.9 - Directory Listing Exposing Backups

Description The plugin doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files. A partial fix was released in 2.0.9.6, removing the ability to list the directory but still allowing direct...

Exploit for Path Traversal in Grafana

PoC para CVE-2021-43798 Grafana es una plataforma de código a...

Zeebsploit - Web Scanner / Exploitation / Information Gathering

zeebsploit is a tool for hacking searching for web information and scanning vulnerabilities of a web Installation & Usage apt-get install git git clone https://github.com/jaxBCD/Zeebsploit.git cd Zeebsploit chmod +x install ./install python3 zeebsploit.py type 'help' for show modules and follow...

Web Application Scanning Consolidation / Info Reporting

The script consolidates and reports various information for web application formerly called SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH SPDX-FileCopyrightText: New / improved code since 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

[FGscanner] Find hidden contents using dictionary-like attack

FGscanner is a completely rewritten version of littlescanner script. FGscanner is an opensource advanced web directory scanner to find hidden contents on a web server using dictionary-like attack with proxy and tor support. Quick reference for switches Usage: ./fgscan.pl --host=hostname...

eXtplorer Detection

Detection of eXtplorer. The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

HTTP Directory Scanner

This module identifies the existence of interesting directories in a given directory path. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'thread' class MetasploitModule 'HTTP Directory Scanner', 'Description...

HTTP File Same Name Directory Scanner

This module identifies the existence of files in a given directory path named as the same name of the directory. Only works if PATH is different than '/'. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner

This module is based on et's HTTP Directory Scanner module, with one exception. Where authentication is required, it attempts to bypass authentication using the WebDAV IIS6 Unicode vulnerability discovered by Kingcope. The vulnerability appears to be exploitable where WebDAV is enabled on the IIS...