CDK

This is an open-sourced container penetration toolkit called CDK, designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs to help escape container and takeover K8s cluster easily. The toolkit i...

CamPhish - Grab Cam Shots From Target'S Phone Front Camera Or PC Webcam Just Sending A Link.

Grab cam shots from target's phone front camera or PC webcam just sending a link. What is CamPhish? CamPhish is techniques to take cam shots of target's phone fornt camera or PC webcam. CamPhish Hosts a fake website on in built PHP server and uses ngrok & serveo to generate a link which we will...

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

This is an open-source collection of vulnerable web applications and environments for security testing and education. The repository is maintained by phith0n and is available on GitHub. It contains a variety of vulnerable applications, including web servers, databases, and other systems, to help...

Raider - Web Authentication Testing Framework

This is a framework designed to test authentication for web applications. While web proxies like ZAProxy and Burpsuite allow authenticated tests, they don't provide features to test the authentication process itself, i.e. manipulating the relevant input fields to identify broken authentication...

Exploit for Improper Access Control in Xen

kernel-exploit-factory Keep updating...... Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore. This repository is to extract all Linux kernel exploit and relative debug environment. You can use Qem...

CVE-2021-37705 Improper Authorization and Origin Validation Error in OneFuzz

OneFuzz is an open source self-hosted Fuzzing-As-A-Service platform. Starting with OneFuzz 2.12.0 or greater, an incomplete authorization check allows an authenticated user from any Azure Active Directory tenant to make authorized API calls to a vulnerable OneFuzz instance. To be vulnerable, a...

When One Door Opens, Keep It Open: A New Tool for Physical Security Testing

As penetration testers, we spend most of our time working with different types of networks, applications, and hardware devices. Physical security is another fun area we get to work in during physical social engineering penetration tests and red team engagements, which sometimes includes attempts ...

jwtXploiter - A Tool To Test Security Of Json Web Token

A tool to test security of JSON Web Tokens. Test a JWT against all known CVEs; Tamper with the token payload: changes claims and subclaims values. Exploit known vulnerable header claims kid, jku, x5u Verify a token Retrieve the public key of your target's ssl connection and try to use it in a key...

Chikitsa 2.0.0 Cross Site Scripting

Exploit Title: XSS-Stored - Brutal PWNED on Chikitsa 2.0.0 parameter "firstname" Author: nu11secur1ty Testing and Debugging: nu11secur1ty $ g3ck0dr1v3r Date: 08.09.2021 Vendor: https://chikitsa.net/ Link: https://sourceforge.net/projects/chikitsa/ CVE: CVE-2021-38152 + Exploit Source:...

Reforming the UK’s Computer Misuse Act

The UK Home Office recently ran a Call for Information to investigate the Computer Misuse Act 1990 CMA. The CMA is the UK’s anti-hacking law, and as Rapid7 is active in the UK and highly engaged in public policy efforts to advance security, we provided feedback on the issues we see with the...

COVID19 Testing Management System 1.0 SQL Injection

Exploit Title: COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection Google Dork: intitle: "COVID19 Testing Management System" Date: 09/08/2021 Exploit Author: Ashish Upsham Vendor Homepage: https://phpgurukul.com Software Link:...

COVID19 Testing Management System 1.0 - (searchdata) SQL Injection Vulnerability

Exploit Title: COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection Google Dork: intitle: "COVID19 Testing Management System" Exploit Author: Ashish Upsham Vendor Homepage: https://phpgurukul.com Software Link:...

COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection

Exploit Title: COVID19 Testing Management System 1.0 - 'searchdata' SQL Injection Google Dork: intitle: "COVID19 Testing Management System" Date: 09/08/2021 Exploit Author: Ashish Upsham Vendor Homepage: https://phpgurukul.com Software Link:...

Fuzz Off: How to Shake Up Code to Get It Right – Podcast

LAS VEGAS – In 2014, two teams of security researchers independently started fuzz testing OpenSSL. Within days, the advanced black-box software technique led to an exploitable vulnerability in OpenSSL: namely, the Heartbleed vulnerability. What is fuzzing? That’s what the FuzzCon event is all...

Chaos Ransomware: A Proof of Concept With Potentially Dangerous Applications

Since June 2021, we’ve been monitoring an in-development ransomware builder called Chaos, which is being offered for testing on an underground forum...

Use 3rd-party plugins at your own risk

SonarQube has always had a rich plugin Marketplace, with much of SonarQubes functionality originally delivered as plugins and many additional needs being met by community-maintained plugins. But since October 2019, all SonarSource-provided functionality is bundled with SonarQube. That means any...

The vulnerability of the Networking component of the Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to gain access to data for reading purposes.

The vulnerability of the Networking component of the Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine exists due to insufficient testing of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to data for...

vulhub111

This repository is an offensive tool for vulnerability research and exploitation. It contains a collection of vulnerable environments and exploits for various software and frameworks, including CouchDB, FFmpeg, Git, and more. The repository is maintained by Vulhub, a community-driven project for...

How to Protect Your CRM Information from Security Threats

By ghostadmin Encryption, accreditation, security compliance audits, and penetration testing are just some of the ways an IR service protects your CRM data. Let's dig deeper. This is a post from HackRead.com Read the original post: How to Protect Your CRM Information from Security Threats...

Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition

✍️ Description Attacker is able to change a user profile state to hidden if a logged in user visits attacker website. 🕵️‍♂️ Proof of Concept 1.when you logged in open this POC.html in a browser 2.you can check your profile state changed to hidden history.pushState'', '', '/' document.forms0.submit;...