📄 libvips 8.19.0 VIPS Image Extraction Crash / Auditor

This Python script performs a comprehensive security and stability audit of the vips image processing binary. It tests the extractarea function using extreme int32 and uint32 values as well as normal ranges to detect crashes, memory corruption, or buffer overflows. The audit automates setup,...

CVE-2026-27509 Unitree Go2 Missing DDS Authentication Enables Adjacent RCE

Unitree Go2 firmware versions V1.1.7 through V1.1.9, and V1.1.11 EDU do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programmingactuator/request handled by actuatormanager.py. A network-adjacent, unauthenticated attacker can join DDS domain 0 and publi...

RTSP Unauthenticated Stream Exposure Checker

This Python script uses the OpenCV library cv2 to test whether an IP camera exposes its RTSP stream without authentication. It attempts to connect to the default RTSP endpoint rtsp://:554/default and checks if the stream can be opened and a video frame retrieved successfully. If the connection...

Splunk Enterprise 9.3.0 < 9.3.9, 9.4.0 < 9.4.8, 10.0.0 < 10.0.3 (SVD-2026-0208)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0208 advisory. - In Splunk Enterprise for Windows versions below 10.2.0, 10.0.3, 9.4.8, and 9.3.9, a lowprivileged Windows user that can creat...

ClickFix added nslookup commands to its arsenal for downloading RATs

ClickFix malware campaigns are all about tricking the victim into infecting their own machine. Apparently, the criminals behind these campaigns have figured out that mshta and Powershell commands are increasingly being blocked by security software, so they have developed a new method using...

scan-exploit

pyt...

Exploit for CVE-2025-2304

🚀 CVE-2025-2304 - Simple Privilege Escalation Tool 📦 Downl...

Syntecxhub_SQLi_Scanner

SyntecxhubSQLiScanner How do we ensure web applications are...

Exploit for Reliance on Untrusted Inputs in a Security Decision in Microsoft

Detections for the CVE-2026-21509 vulnerability in MS Office...

Exploit for CVE-2026-24061

CVE-2...

CVE-2021-33509

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script...

Exploit for Injection in Dlink Dns-320_Firmware

CVE-2024-10914POC PoC para explota...

Exploit for Deserialization of Untrusted Data in Facebook React

💥 React2Shell-POC 💥 !pythonhttps://img.shields.io/badge/py...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Exploit A simple python script that exploits t...

📄 Abacre Restaurant Point of Sale 15.0.0.1656 Memory Scanner

Abacre Restaurant Point of Sale version 15.0.0.1656 memory scanner for sensitive data detection. This Python script is an advanced Windows memory scanning tool designed to detect sensitive data leaks within running processes. It performs deep memory analysis to identify patterns resembling produc...

Exploit for Prototype Pollution in Datatables Datatables.Net

CVE-2020-28458 Affected versions of this package are vulnerabl...

CVE-2025-41736

A low privileged remote attacker can upload a new or overwrite an existing python script by using a path traversal of the target filename in php resulting in a remote code execution...

XSS-

It is an offensive tool for web application security testing. Th...

CVE-2025-41736

A low privileged remote attacker can upload a new or overwrite an existing python script by using a path traversal of the target filename in php resulting in a remote code execution...

CVE-2025-41736

A low privileged remote attacker can upload a new or overwrite an existing python script by using a path traversal of the target filename in php resulting in a remote code execution...