IBM Websphere Application Server - Network Deployment Untrusted Data Deserialization Exploit

This Metasploit module exploits untrusted serialized data processed by the WAS DMGR Server and Cells in the IBM Websphere Application Server. NOTE: There is a required 2 minute timeout between attempts as the neighbor being added must be reset. This module requires Metasploit:...

metasploit-framework

This is the Metasploit Framework repository. It is an offensive tool for penetration testing and vulnerability assessment. The primary vulnerability class/vector targeted by this framework is exploitation of vulnerabilities in various software and systems, which can lead to remote code execution,...

Flashsploit - Exploitation Framework For ATtiny85 Based HID Attacks

Flashsploit is an Exploitation Framework for Attacks using ATtiny85 HID Devices such as Digispark USB Development Board, flashsploit generates Arduino IDE Compatible .ino Scripts based on User Input and then Starts a Listener in Metasploit-Framework if Required by the Script, in Summary : Automat...

CVE-2019-5624

Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level...

CVE-2019-5624

Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level...

CVE-2019-5624 Rapid7 Metasploit Framework Zip Import Directory Traversal

Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level...

PT-2019-17785 · Rapid7 · Metasploit Framework

Name of the Vulnerable Software and Affected Versions: Rapid7 Metasploit Framework versions 4.14.0 and prior versions Description: The issue is related to improper limitation of a pathname to a restricted directory, also known as a path traversal vulnerability, in the Zip import function of...

metasploit-framework

This is a repository for the Metasploit Framework, a penetration testing tool. The repository contains various files and directories related to the project, including configuration files, documentation, and test scripts. The Metasploit Framework is a powerful tool for testing the security of...

Linux Nested User Namespace idmap Limit Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux Nested User Namespace idmap Limit Local Privilege Escalation', 'Description' = %q This module exploits a vulnerability in Linux kernels...

Androspy - Backdoor Crypter & Creator With Automatic IP Poisener

Androspy : is Backdoor Crypter & Creator with Automatic IP Poisener Coded By Belahsan Ouerghi Dependencies keytool jarsigner Apache2 Metasploit-Framework xterm Installation sudo apt-get install git git clone https://github.com/TunisianEagles/Androspy.git cd Androspy chmod +x setup.sh sudo...

CVE-2012-6610

creationtimestamp| type| source ---|---|--- 2018-11-05 22:04:13+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/misc/polycomhdxauthbypass.rb 2025-10-23 21:12:57+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

WebEx Remote Command Execution Utility

This module enables the execution of a single command as System by exploiting a remote code execution vulnerability in Cisco's WebEx client software. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

WinSpy - A Windows Reverse Shell Backdoor Creator With An Automatic IP Poisener

WinSpy: Windows Reverse Shell Backdoor Creator With ip poisener. Dependencies 1 - metasploit-framework 2 - xterm 3 - apache2 4 - whiptail Installation sudo apt-get install git git clone https://github.com/TunisianEagles/winspy.git cd winspy chmod +x setup.sh ./setup.sh chmod +x winspy.sh...

NodeXP - Detection and Exploitation Tool for Node.js Services

NodeXP is an intergrated tool, written in Python 2.7, capable of detecting possible vulnerabilities on Node.js services as well as exploiting them in an automated way, based on ServerSideJavascriptInjection attack! Getting Started - Installation & Usage Download NodeXP by cloning the Git...

LocalTapiola: F5 BigIP Backend Cookie Disclosure

Basic report information Summary: The Same issue was reported on www.myynti.lahitapiolarahoitus.fi by another reporter. It was fixed for that. But when I test the same issue on lahitapiolarahoitus.fi. It is also causing leakage of information. Description: I just identify F5 BigIP load balancers...

Data exfiltration techniques

Data exfiltration is the last stage of the kill chain in a generally targeted attack on an organisation. Whilst many excellent papers and tools are available for various techniques this is our attempt to pull all these together. This could also be used as a crib sheet for fellow pen testers who a...

CVE-2010-20112

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/amlibwebwebquerydllapp.rb 2025-10-23 21:12:56+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

CVE-2017-20198

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/dcosmarathon.rb 2025-10-23 21:12:58+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

CVE-2018-9059

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/easyfilesharingseh.rb 2025-10-23 21:12:58+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

CVE-2025-34118

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/linknatvostraversal.rb 2025-10-23 21:13:04+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...