Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Gitee
Giteeadded 2025/09/28 8:46 p.m.91 views

discover

This is a collection of custom bash scripts used to automate various penetration testing tasks, including reconnaissance, scanning, enumeration, and malicious payload creation using Metasploit. The scripts are designed to be used with Kali Linux. The scripts are organized into several categories,...

6.7AI score
Exploits0
Gitee
Giteeadded 2025/09/14 5:14 p.m.127 views

fimap

fimap is a Python tool designed to find, prepare, audit, exploit, and even automatically Google for local and remote file inclusion LFI/RFI bugs in web applications. It can identify and exploit file inclusion bugs, including include, includeonce, require, and requireonce functions. The tool has a...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blogadded 2023/08/11 3:22 p.m.76 views

Metasploit weekly wrap-up

New module content 1 Metabase Setup Token RCE Authors: Maxwell Garrett, Shubham Shah, and h00die Type: Exploit Pull request: 18232 contributed by h00die Path: exploits/linux/http/metabasesetuptokenrce AttackerKB reference: CVE-2023-38646 Description: This adds a module for an unauthenticated RCE...

10CVSS9AI score0.99343EPSS
Exploits65
Kitploit
Kitploitadded 2019/12/13 11:30 a.m.145 views

Exploitivator - Automate Metasploit Scanning And Exploitation

This has only been tested on Kali. It depends on the msfrpc module for Python, described in detail here: https://www.trustwave.com/Resources/SpiderLabs-Blog/Scripting-Metasploit-using-MSGRPC/ Install the necessary Kali packages and the PostgreSQL gem for Ruby: apt-get install postgresql libpq-dev...

7.4AI score
Exploits0References1
ThreatPost
ThreatPostadded 2019/10/01 5:40 p.m.142 views

Hackers Turn to OpenDocument Format to Avoid AV Detection

Attackers have a new obfuscation technique that uses the OpenDocument file format for sneaking payloads past antivirus software. Past macro-based attacks have relied on malware hitching a ride with .docx, .zip, .jar and many other file formats. But researchers at Cisco Talos said that because the...

7.1AI score
Exploits0References5
Kitploit
Kitploitadded 2018/01/22 8:35 p.m.1353 views

FakeImageExploiter - Use a Fake image.jpg (hide known file extensions) to exploit targets

This module takes one existing image.jpg and one payload.ps1 input by user and builds a new payload agent.jpg.exe that if executed it will trigger the download of the 2 previous files stored into apache2 image.jpg + payload.ps1 and execute them. This module also changes the agent.exe Icon to matc...

7.1AI score
Exploits0References4
Metasploit
Metasploitadded 2012/11/02 1:56 a.m.54 views

Microsoft SQL Server Database Link Crawling Command Execution

This module can be used to crawl MS SQL Server database links and deploy Metasploit payloads through links configured with sysadmin privileges using a valid SQL Server Login. If you are attempting to obtain multiple reverse shells using this module we recommend setting the "DisablePayloadHandler"...

7.8AI score
Exploits0
Rows per page
Query Builder