550 matches found
Paragon - Red Team Engagement Platform With The Goal Of Unifying Offensive Tools Behind A Simple UI
Paragon is a Red Team engagement platform. It aims to unify offensive tools behind a simple UI, abstracting much of the backend work to enable operators to focus on writing implants and spend less time worrying about databases and css. The repository also provides some offensive tools already...
vulhub
This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is an offensive tool for various areas, including web application security, penetration testing, and vulnerability research. The primary purpose of Vulhub is to provide a convenie...
vulhub
This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is an offensive tool for various areas, including web application security, penetration testing, and vulnerability research. The primary purpose of Vulhub is to provide a convenient and...
vulhub
This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is an offensive tool for web application security testing and education. The primary vulnerability class/vector targeted by this collection is not explicitly stated, but it likely...
Exploit for SQL Injection in Zabbix
This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary CVE IDs present in the context are CVE-2016-10134, CVE-2017-2824, and CVE-2020-11800. The target product/service or framework is not explicitly...
Exploit for Improper Encoding or Escaping of Output in F5 Nginx
It is an offensive tool for various areas. The repository contains a collection of vulnerable docker environments, including: CouchDB FFmpeg Git InfluxDB Jenkins Nginx Oracle Java Apache HTTP Server GitLab FastJSON Jenkins Electron The vulnerabilities include: CVE-2016-9086 GitLab CVE-2016-10134...
Rocket.Chat: Pre-Auth Blind NoSQL Injection leading to Remote Code Execution
Summary: The getPasswordPolicy method is vulnerable to NoSQL injection attacks and does not require authentication/authorization. It can be used to take over accounts by leaking password reset tokens. Taking over an admin account leads to Remote Code Execution. Description: The getPasswordPolicy...
vulhub
It is an offensive tool for vulnerable environments. The repository contains pre-built vulnerable environments based on Docker-Compose. The tool is designed to provide a simple way to create and manage vulnerable environments for testing and training purposes. The target product/service or...
Writehat - A Pentest Reporting Tool Written In Python
WriteHat is a reporting tool which removes Microsoft Word and many hours of suffering from the reporting process. Markdown -- HTML -- PDF. Created by penetration testers, for penetration testers - but can be used to generate any kind of report. Written in Django Python 3. Features: Effortlessly...
BugBountyScanner - A Bash Script And Docker Image For Bug Bounty Reconnaissance
A Bash script and Docker image for Bug Bounty reconnaissance, intended for headless use. Low on resources, high on information output. Helpful? BugBountyScanner helped you net a bounty? Description Note: Using the script over a VPN is highly recommended. It's recommended to run BugBountyScanner...
Exploit for SQL Injection in Zabbix
This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary CVEs mentioned in the repository are CVE-2016-10134, CVE-2017-2824, and CVE-2020-11800. The target product/service or framework is not explicitl...
vulhub
This repository is an open-source collection of pre-built vulnerable Docker environments, known as Vulhub. It is an offensive tool for testing and demonstrating vulnerabilities in various software and systems. The primary vulnerability class targeted by Vulhub is not explicitly stated, but it...
vulhub1
This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is a collection of vulnerable environments for testing and learning purposes, with no pre-existing knowledge of docker required. The repository contains a variety of vulnerable...
vulhub
This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is an offensive tool for web application security testing and vulnerability research. The primary vulnerability targeted by this repository is not explicitly stated, but it contai...
Exploit for CVE-2021-3129
CVE-2021-3129 Laravel Debug RCE How to use Run docke...
Exploit for Cross-site Scripting in Squid-Cache Squid
CVE-2018-19131 is a proof-of-concept exploit for a vulnerability in Squid, a caching and proxy server. The exploit is built using a Docker Compose application and is designed to demonstrate the vulnerability. The vulnerability is in the Squid version 3.5.27, which is the version used in the...
vulhub
It is an offensive tool for web application security training. The primary vulnerability is not explicitly stated, but the repository contains a variety of vulnerable docker environments, including those for web applications, databases, and other services. The environments are designed to be...
vulhub_v2
It is an offensive tool for web application security training. The repository contains a collection of vulnerable Docker environments for web application security training. The tool is designed to be easy to use, requiring only two simple commands to set up a vulnerable environment. The tool is n...
vulhub
It is an offensive tool for Docker environments. The repository contains a collection of vulnerable Docker environments, which can be used for testing and training purposes. The environments are pre-built and can be easily deployed using Docker and Docker Compose. The repository includes a variet...
vulhub2
It is an offensive tool for web application security training. The primary vulnerability targeted by this tool is not explicitly stated, but based on the provided code and metadata, it appears to be a web application vulnerability. The tool is designed to test the security of web applications, an...