Y2X

Y2eXploit Y2X --- Overview Y2eXploit Y2X is an a...

Microsoft Windows Service Binary Misconfiguration Tester

This document and included Metasploit module analyze the security risks associated with improper Windows service configurations, specifically focusing on writable service binary paths that may lead to privilege escalation. Note that this condition does not occur on a default Windows installation...

MAL-2025-191930 Malicious code in wei516-ppa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1d5a85017b397970606b9d2d5150a6f6ee8f71fdbd810fe6b0a8f34c577d76d1 Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

Malicious code in wei516-enconly (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3e40931688b41ac8340ab8f27604ba32f1ea6e364df1e614343cbc4cf0df50e8 Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

Malicious code in wayspiritmcp-ppa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 efa23f0b46a88dcde4aa71c67cba31f46d0f8a9eef555daa0cbe4f2bd54d7a38 Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

MAL-2025-191924 Malicious code in wayspiritmcp-enconly (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b075eb7116e55dd48db0e026ce51a42ec4e7e1e100b4b68c8a42d4b35411f749 Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

wesng

This is an offensive tool for Windows vulnerability exploitation. It is a Python-based tool called Windows Exploit Suggester - Next Generation WES-NG, which provides a list of vulnerabilities the OS is vulnerable to, including any exploits for these vulnerabilities. The tool uses the output of...

ysoserial

This is a Java-based tool called ysoserial, which generates payloads that exploit unsafe Java object deserialization. The tool is designed to create payloads that can be used to attack vulnerable Java applications. The tool uses a variety of payloads, including CommonsCollectionsK1,...

Exploit for CVE-2018-8453

cve-2018-8453-exp cve-2018-8453 exp 本程序为cve-2018-8453的利用程序。 开发\测试平台：x86: windows 10 rs2 15063 x64: windos 10 rs2 16299 附： 使用Palette来读写内核 严重声明： 本工具仅用于技术研究学习。非法使用造成一切后果，均与本人无关。...

BD FACSLyric (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: Becton, Dickinson and Company BD Equipment: FACSLyric Vulnerability: Improper Access Control 2. UPDATE INFORMATION This updated medical device advisory is a follow-up to the original advisory titled ICSMA-19-029-02 BD...

VUPEN Security Research - Microsoft Internet Explorer "CIframeElement" Object Use-after-free Vulnerability (CVE-2010-2558)

VUPEN Security Research - Microsoft Internet Explorer "CIframeElement" Object Use-after-free Vulnerability CVE-2010-2558 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as part of the...