modDetective - Tool That Chronologizes Files Based On Modification Time In Order To Investigate Recent System Activity

modDetective is a small Python tool that chronologizes files based on modification time in order to investigate recent system activity. This can be used in CTF's in order to pinpoint where escalation and attack vectors may exist. To see the tool in its most useful form, try running the command as...

WindMill 路径遍历漏洞

WindMill is a free open source tool from the individual developers at Lukasavicus. It is used to control job execution in Python. A security vulnerability exists in WindMill version 1.0 and earlier versions, which stems from an incorrect call to Flask's sendfile function that results in absolute...

DroidDetective - A Machine Learning Malware Analysis Framework For Android Apps

A machine learning malware analysis framework for Android apps. DroidDetective is a Python tool for analysing Android applications APKs for potential malware related behaviour and configurations. When provided with a path to an application APK file Droid Detective will make a prediction using it'...

Exploit for Code Injection in Vmware Spring_Framework

Spring4shellbehinder What is it? A batch exploitation too...

CVRF-CSAF-Converter 代码问题漏洞

CVRF-CSAF-Converter is a Python tool from the German csaf-tools team. It is used to convert CSAF CVRF 1.2 documents to CSAF 2.0 documents. CVRF-CSAF-Converter 1.0.0-rc2 previously contained a security vulnerability that could be exploited by an attacker to disclose information from a system runni...

cve_tracking

cvetracking 介绍 cve 补丁自动获取工具，该工具将会根据 cve 和 rpm 包自动在上游社区查找补丁并反馈结果，同时也可以下载查找到的补丁以及验证补丁的可用性。 软件架构 python 可执行代码 安装教程 1. 下载代码 shell git clone https://gitee.com/openeuler/cve-manager.git 2. 进入工具执行目录 shell cd xxx上述代码下载目录/cve-manager/cve-agency-manager/cvetracking 3. 在 cve-tracking.yaml 的 authentication 中...

HikPwn

This is an offensive tool for Hikvision devices. The tool, named HikPwn, is a simple scanner written in Python 3.8 that performs basic vulnerability scanning capabilities. It was created by Ananke and is available on GitHub. The tool has several functions and characteristics, including passive an...

Kunyu

This is a Python-based tool called Kunyu, which is designed for more efficient corporate asset collection and network surveying and mapping. The tool is intended for security-related practitioners to use in their work. The tool's primary function is to identify and collect information about asset...

Gopherus

This is a Python script for a tool called Gopherus, which is used to exploit Server-Side Request Forgery SSRF vulnerabilities in various services. The tool can generate payloads for different services, including MySQL, PostgreSQL, FastCGI, Memcached, Redis, Zabbix, and SMTP. The script uses a...

Vxscan

This is a Python script named Vxscan, which is a comprehensive scanning tool for sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning, SQL injection, and other functions. The...

Exploit for Code Injection in Phpunit_Project Phpunit

laravel phpunit rce masscanner CVE-2017-9841 Masscanner for La...

Exploit for Code Injection in Phpunit_Project Phpunit

laravel phpunit rce masscanner CVE-2017-9841 Masscanner for La...

Exploit for Code Injection in Phpunit_Project Phpunit

laravel phpunit rce masscanner CVE-2017-9841 Masscanner for La...

Exploit for Code Injection in Phpunit_Project Phpunit

laravel phpunit rce masscanner CVE-2017-9841 Masscanner for La...

pentestdb

This is an offensive tool for penetration testing. It is a Python-based tool called "pentestdb" that provides a collection of tools and resources for penetration testing, including exploit development, vulnerability scanning, and password cracking. The tool is designed to be easy to use and...

WinPmem - The Multi-Platform Memory Acquisition Tool

The WinPmem memory acquisition driver and userspace WinPmem has been the default open source memory acquisition driver for windows for a long time. It used to live in the Rekall project, but has recently been separated into its own repository. Copyright This code was originally developed within...

wesng

This is an offensive tool for Windows vulnerability exploitation. It is a Python-based tool called Windows Exploit Suggester - Next Generation WES-NG, which provides a list of vulnerabilities the OS is vulnerable to, including any exploits for these vulnerabilities. The tool uses the output of...

Halogen - Automatically Create YARA Rules From Malicious Documents

Halogen is a tool to automate the creation of yara rules against image files embedded within a malicious document. Halogen help python3 halogen.py -h usage: halogen.py -h -f FILE -d DIR -n NAME --png-idat --jpg-sos Halogen: Automatically create yara rules based on images embedded in office...

pwntools

This repository is an offensive tool for binary exploitation. The primary vulnerability targeted by this tool is not explicitly stated in the provided context, but the tool is designed for binary exploitation, which suggests that it may be targeting a vulnerability that allows for code execution ...

Gopherus

This is a Python script for a tool called Gopherus, which is designed to exploit Server-Side Request Forgery SSRF vulnerabilities in various services. The tool can generate payloads for different services, including MySQL, PostgreSQL, FastCGI, Memcached, Redis, Zabbix, and SMTP. The script uses a...