charlotte

This is a C++ shellcode launcher, fully undetected as of May 13th, 2021. It dynamically invokes Windows API functions, XOR encrypts shellcode and function names, and uses random XOR keys and variables per run. The code is designed to be stealthy and evade detection. The code is written in C++ and...

pwnshop

pwnshop Notes, cheatsheets, shellcode and exploits. Progress: - Utility - Object/Executable file to shellcode converter script: code - Utility - Assembly and link script : code - Utility - Shellcode testing skeleton generator : code - Exit syscall asm: code - Write syscall "Hello world!": code -...

binary-exploitation

Binary Exploitation Guide Learning binary exploitation from b...

Linux Distros Unpatched Vulnerability : CVE-2020-24361

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknowntrapexec. CVE-2020-24361 Note that Nessus relies on the presence of the...

Exploit for CVE-2017-0144

This repository is an offensive tool for Windows. It is an implementation of the DoublePulsar backdoor in C/C++. The tool includes a suite of exploits and detectors for various vulnerabilities, including the EternalBlue vulnerability CVE-2017-0144. The tool can be used to upload a DLL to a...

easy-linux-pwn

This is a set of Linux binary exploitation tasks for beginners on various architectures. The tasks are designed to be solved using a suggested approach, even if there are other easier ways. The tasks assume a dynamically linked libc with a known binary and require the use of ROP Return-Oriented...

ZigStrike 2.0

ZigStrike is a robust shellcode loader developed in Zig, offering a variety of injection techniques and anti-sandbox features. It leverages compile-time capabilities for efficient shellcode allocation, demonstrating proven success in bypassing advanced security solutions. ZigStrike includes a...

Exploit for Improper Initialization in Linux Linux_Kernel

Dirty Pipe Exploit CVE-2022-0847 Overview This reposito...

General Device Manager 2.5.2.2 Buffer Overflow

General Device Manager version 2.5.2.2 remote buffer overflow exploit that provides a reverse shell. Based on a discovery made in 2024 by Ahmet Ümit Bayram. ============================================================================================================================================...

Ollama 0.5.11 Code Execution

Ollama version 0.5.11 suffers from a code execution vulnerability. ============================================================================================================================================= | Title : Ollama 0.5.11 Code Injection Vulnerability | | Author : indoushka | | Tested o...

Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation

Cybersecurity researchers have disclosed three security flaws in Planet Technology's WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices. "These switches are widely used in building and home automation systems for a varie...

Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization Apps

Cybersecurity researchers are warning that a command-and-control C&C framework called Winos is being distributed within gaming-related applications like installation tools, speed boosters, and optimization utilities. "Winos 4.0 is an advanced malicious framework that offers comprehensive...

Linux Reboot

A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/linux/riscv64le/reboot msf payloadreboot show actions ...actions... msf payloadreboot set ACTION msf...

Linux Reboot

A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/linux/riscv32le/reboot msf payloadreboot show actions ...actions... msf payloadreboot set ACTION msf...

Linux Execute Command

Execute an arbitrary command Module Options msf use payload/linux/riscv64le/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... msf payloadexec run This module requires Metasploit: https://metasploit.com/download Curre...

Linux Execute Command

Execute an arbitrary command Module Options msf use payload/linux/riscv32le/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... msf payloadexec run This module requires Metasploit: https://metasploit.com/download Curre...

Exploit for CVE-2024-0311

CVE-2024-0311 ? This is a PoC for what I believe is CVE-...

SAS CTF and the many ways to persist a kernel shellcode on Windows 7

On May 18, 2024, Kaspersky's Global Research & Analysis Team GReAT, with the help of its partners, held the qualifying stage of the SAS CTF, an international competition of cybersecurity experts held as part of the Security Analyst Summit conference. More than 800 teams from all over the world to...

Cisco ASA Authentication Bypass (EXTRABACON)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco ASA Authentication Bypass EXTRABACON', 'Description' = %q This module patches the authentication functions of a Cisco ASA to allow...

Multi-Stage ValleyRAT Targets Chinese Users with Advanced Tactics

Chinese-speaking users are the target of an ongoing campaign that distributes a malware known as ValleyRAT. "ValleyRAT is a multi-stage malware that utilizes diverse techniques to monitor and control its victims and deploy arbitrary plugins to cause further damage," Fortinet FortiGuard Labs...