Lucene search
K

7426 matches found

Gitee
Gitee
added 2025/09/14 4:20 p.m.89 views

Exploit for Out-of-bounds Read in Openssl

It is an exploit module/toolkit targeting OpenSSL versions vulnerable to CVE-2014-0160, also known as the Heartbleed vulnerability. The tool, ssltest.py, scans multiple hosts for this vulnerability in an efficient multi-threaded manner without exploiting the server. The probable entry point is th...

7.5CVSS6.8AI score0.99999EPSS
Exploits87
Gitee
Gitee
added 2025/09/14 4:16 p.m.91 views

scripts

This repository contains a collection of scripts written by AverageSecurityGuy for use in penetration testing engagements. The scripts are categorized into various folders, each containing a specific type of script, such as password brute forcing, cloud interaction, database testing, enumeration,...

7AI score
Exploits0
Gitee
Gitee
added 2025/09/14 1:55 p.m.107 views

offensiveinterview

It is an offensive tool for penetration testing and red teaming. The repository contains a collection of interview questions to screen offensive red team/pentest candidates, categorized into open-ended, knowledge-based, and scenario-based questions. The questions cover various topics such as...

7.1AI score
Exploits0
Gitee
Gitee
added 2025/09/14 12:2 p.m.184 views

wazuh

This repository is an open-source security platform called Wazuh, which provides unified XDR and SIEM protection for endpoints and cloud workloads. The repository contains various files and templates for issue reporting, testing, and integration with external services. The probable entry points f...

7.2AI score
Exploits0
Gitee
Gitee
added 2025/09/14 4:41 a.m.80 views

sinatra

This is a Sinatra repository, a DSL for creating web applications in Ruby with minimal effort. The repository contains various files, including a .github/workflows/test.yml file that defines a GitHub Actions workflow for testing, and a Gemfile that lists dependencies for the project. The Gemfile...

6.9AI score
Exploits0
Gitee
Gitee
added 2025/09/14 2:0 a.m.86 views

disable_eval

This is a Ruby gem called "disableeval" that provides a method to protect against eval-related security vulnerabilities. The gem is designed to prevent remote code execution RCE attacks by disabling the eval method and its variants. The gem provides two main components: 1. A Rack middleware that...

8.1AI score
Exploits0
Gitee
Gitee
added 2025/09/13 5:46 p.m.113 views

hackingtool

This is an offensive tool for penetration testing and hacking. It is a collection of various tools for different types of attacks, including information gathering, web attacks, SQL injection, phishing, and more. The tool is written in Python and is designed to be run on Linux systems, including...

7.5AI score
Exploits0
Gitee
Gitee
added 2025/09/13 5:45 p.m.145 views

JNDIExploit

This is a Java-based exploit tool for JNDI Java Naming and Directory Interface injection vulnerabilities. The tool is designed to inject a payload into the JNDI repository, allowing an attacker to execute arbitrary code on the target system. The tool is based on the Rogue JNDI project and support...

8.7AI score
Exploits0
GithubExploit
GithubExploit
added 2025/09/13 11:50 a.m.1003 views

Exploit for CVE-2007-2447

Internship Project 2 — Penetration Testing on Metasploitable2...

10CVSS7.2AI score0.96184EPSS
Exploits42
Gitee
Gitee
added 2025/09/13 3:4 a.m.121 views

marshalsec

It is an offensive tool for Java deserialization vulnerabilities. The repository contains a Java tool called "marshalsec" that exploits Java object deserialization vulnerabilities, allowing for remote code execution. The tool includes payload generators for various Java serialization libraries,...

8.9AI score
Exploits0
Gitee
Gitee
added 2025/09/13 1:8 a.m.129 views

Pikachu

This is a proof-of-concept PoC exploit for a vulnerable web application system called Pikachu. The system contains a variety of common web security vulnerabilities, including SQL injection, cross-site scripting XSS, cross-site request forgery CSRF, remote code execution RCE, and more. The...

7.7AI score
Exploits0
Gitee
Gitee
added 2025/09/13 1:2 a.m.124 views

wazuh

This repository is an issue template for Wazuh, a free and open-source platform for threat prevention, detection, and response. The repository contains various templates for reporting bugs, making feature requests, and testing integration and component tests. The templates are organized by...

7AI score
Exploits0
Gitee
Gitee
added 2025/09/13 12:31 a.m.126 views

K8tools

It is an offensive tool for web application exploitation. The repository, K8tools, contains a collection of tools for various purposes, including internal penetration, privilege escalation, remote overflow, vulnerability exploitation, scanning, password cracking, and evasion. The primary focus is...

7.2AI score
Exploits0
Gitee
Gitee
added 2025/09/13 12:21 a.m.93 views

metasploit-framework

This repository is an offensive tool for Metasploit Framework. It is a collection of files and workflows used to build and test the Metasploit Framework, a penetration testing tool. The repository contains various templates for reporting issues, suggesting new features, and submitting pull...

8.1AI score
Exploits0
GithubExploit
GithubExploit
added 2025/09/12 10:20 p.m.332 views

Exploit for CVE-2025-31125

🔐 Vite/Vue JS Exploitation Toolkit =============================...

5.3CVSS7AI score0.58765EPSS
Exploits9
GithubExploit
GithubExploit
added 2025/09/11 7:30 p.m.275 views

Exploit for Incorrect Authorization in Vercel Next.Js

CVE-2025-29927 Research and Safe Testing Framework This repos...

9.1CVSS6.7AI score0.99621EPSS
Exploits58
Packet Storm News
Packet Storm News
added 2025/09/11 12:0 a.m.5 views

IoTFuzzSentry: a Protocol Guided Mutation Based Fuzzer for Automatic Vulnerability Testing in Commercial IoT Devices

Protocol fuzzing is a scalable and cost-effective technique for identifying security vulnerabilities in deployed Internet of Things devices. During their operational phase, IoT devices often run lightweight servers to handle user interactions, such as video streaming or image capture in smart...

9.8CVSS7AI score0.00643EPSS
Exploits1
OSV
OSV
added 2025/09/10 7:48 p.m.7 views

GHSA-R4H8-HFP2-GGMF Hoverfly is vulnerable to Remote Code Execution through an insecure middleware implementation

Summary It has been discovered that the middleware functionality in Hoverfly is vulnerable to command injection through its /api/v2/hoverfly/middleware endpoint due to insufficient validation and sanitization in user input. Details The vulnerability exists in the middleware management API endpoin...

9.8CVSS9.5AI score0.10543EPSS
Exploits7References9
Positive Technologies
Positive Technologies
added 2025/09/10 12:0 a.m.5 views

PT-2025-46612

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the f2fs file system related to handling page cache during inode destruction. Specifically, the issue arises in the f2fs truncate function where...

5.5CVSS5.4AI score0.00178EPSS
Exploits0
GithubExploit
GithubExploit
added 2025/09/09 9:57 a.m.194 views

Exploit for CVE-2024-28397

CVE-2024-28397 js2py Sandbox Escape Exploit - CodePartTwo - H...

5.3CVSS6.1AI score0.04548EPSS
Exploits22
Rows per page
Query Builder