📄 pfSense Ultimate Exploit Framework

This Python script is an exploitation framework targeting two authenticated remote code execution vulnerabilities in pfSense. One exploit vector is an unsafe deserialization in pfSense CE version 2.7.2 and another is related to XMLRPC execphp abuse in pfSense CE version 2.8.0...

📄 eNet SMART HOME 2.3.1 Privilege Escalation

The eNet Smart Home device firmware versions 2.3.1 build 46841 and 2.2.1 build 46056 exposes JSON‑RPC management methods that may allow authenticated low‑privileged users to perform unauthorized administrative actions. Improper server‑side authorization controls on the /jsonrpc/management endpoin...

📄 SAP NetWeaver 7.50 Visual Composer Metadata Shell Upload

SAP NetWeaver Visual Composer contains an unauthenticated file upload vulnerability in the metadata uploader component that allows attackers to upload arbitrary files including JSP web shells and WAR applications, leading to remote code execution on the SAP server. The vulnerability exists in the...

📄 motionEye 0.43.1b4 Remote Command Injection

A remote command injection vulnerability exists in motionEye versions up to and including 0.43.1b4. The issue arises from improper validation and sanitization of user‑supplied input within camera configuration parameters. Under certain conditions, authenticated users can inject crafted input that...

📄 ChurchCRM 6.8.0 Information Disclosure Tester

ChurchCRM versions 6.8.0 and earlier expose the installation setup endpoint without proper access restrictions. If the setup process remains accessible after deployment, it may allow unauthorized users to interact with configuration parameters. This misconfiguration increases the risk of...

Exploit for CVE-2018-19320

KernelMode - Advanced Windows Kernel Exploitation Toolkit...

Startup

Startup – Professional Write-up Platform: TryHackMe Tar...

mcp-csharp-cmdexe-poc

MCP C SDK cmd.exe Argument Injection PoC Proof of concept fo...

Exploit for Path Traversal in Owasp Enterprise_Security_Api

Enterprise Security API for Java Legacy ================= !...

Exploit for External Control of File Name or Path in Tandoor Recipes

CVE-2026-25964 PoC - Tandoor Recipes Authenticated LFI Proo...

CODTECH-Task2-Web-Vuln-Scanner

No d...

Exploit for CVE-1999-0368

🛡️ Advanced Penetration Testing & System Forensic Audit Mid...

securiclaw

🦞 Securiclaw AI-Powered Code Security Scanner Securiclaw...

Exploit for CVE-2025-4517

CVE-2025-4517-PoC VE-2025-451...

System-Exploitation-Privilege-Escalation

System Exploitation & Privilege Escalation Lab 📄 Project O...

security-research

Security Research This project hosts security advisories and...

poc-test-vulnerability

poc-test-vulnerab...

RainFall

No d...

ionic-spid-poc-crs

SPID SSO POC — Ionic React + Node.js + Signicat Sandbox A p...

Exploit for CVE-2025-4517

CVE-2025-4517-P...