AutoXSScheckTool

No d...

Exploit for Untrusted Pointer Dereference in Microsoft

CV...

Exploit for CVE-2026-29000

CVE-2026-29000 — pac4j-jwt Library-Level PoC Lab TL;DR Th...

Exploit for CVE-2026-30952

CVE-2026-30952: LiquidJS Path Traversal PoC This repository c...

AutoPwn

/ \ | | | ...

Exploit for CVE-2026-27540

CVE-2026-27540-WordPress-Explo...

Exploit for Deserialization of Untrusted Data in Kentico Xperience

CVE-2019-10...

Exploit for CVE-2026-20131

CVE-2026-20131 — Cisco Secure FMC Remote Code Execution Java...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Safari

Vue-After-Free A PlayStation Vue userland code execution e...

Exploit for Improper Control of Dynamically-Managed Code Resources in Apache Airflow_Providers_Http

CVE-2025-69219 — Apache Airflow Providers HTTP RCE via Unsafe...

Exploit for CVE-2026-30944

🔓 CVE-2026-30944 StudioCMS Privilege Escalation via Insecure...

📄 BuptLab DNS Relay Server 1.0 Buffer Underflow

This is a proof of concept exploit that leverages a remote heap buffer underflow denial of service vulnerability in BuptLab DNS Relay Server version 1.0.0 that was recently discovered by Antonius...

📄 BuptLab DNS Relay Server 1.0 Denial of Service

A remote denial of service vulnerability exists in BuptLab DNS Relay Server version 1.0 due to improper validation of DNS label length during query parsing. An attacker can send a specially crafted DNS request containing an invalid label length field that exceeds the actual payload size. When the...

📄 Nginx UI 2.3.3 Unauthenticated Backup Disclosure / Decryption

This Python proof‑of‑concept demonstrates an unauthenticated information disclosure vulnerability in Nginx UI tracked as CVE-2026-27944. The vulnerability allows a remote attacker to access the /api/backup endpoint without authentication and retrieve a backup archive of the server configuration...

📄 Easy Grade Pro 4.1 Malformed .EGP File Denial of Service

This Python script generates a malformed .EGP gradebook file designed to trigger a crash in Easy Grade Pro 4.1 by corrupting data at a specific offset within the file...

📄 WatchGuard Firebox Default SSH Credentials

This is a python script to detect whether or not WatchGuard Firebox devices allow unauthorized access via default credentials admin:readwrite on port 4118. =============================================================================================================================================...

📄 Vvveb CMS 1.0.5 Command Injection

Proof of concept exploit for a remote command injection vulnerability in Vvveb CMS version 1.0.5 via configuration files. Upon further analysis, the researcher has also discovered that this affects version 1.0.7.3...

📄 FreeFloat FTP Server 1.0 Buffer Overflow

Proof of concept exploit for a buffer overflow vulnerability in FreeFloat FTP Server version 1.0. The exploit works by sending an overly long payload through the NOOP FTP command, which overflows the server's buffer and allows control of the EIP Extended Instruction Pointer...

📄 Nginx UI 2.3.3 Backup Decryption Mass Scanner

This Python tool is a multi‑threaded scanner and exploitation utility designed to identify and validate the vulnerability CVE-2026-27944 affecting Nginx UI versions 2.3.2 and below. The script supports scanning single hosts, CIDR ranges, or target lists, and checks multiple common web service...

rami-kali-MCP

Red Team MCP Server MCP Model Context Protocol server that...