Lucene search
K
GiteeMost viewed

1886 matches found

Gitee
Gitee
added 2021/04/27 2:33 p.m.16 views

Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat

PoC exploit for CVE-2017-12617, CVE-2017-12618, CVE-2017-12619, CVE-2017-12620, CVE-2017-12621, CVE-2017-12622, CVE-2017-12623, CVE-2017-12624, CVE-2017-12625, CVE-2017-12626, CVE-2017-12627, CVE-2017-12628, CVE-2017-12629, CVE-2017-12630, CVE-2017-12631, CVE-2017-12632, CVE-2017-12633,...

10CVSS7AI score0.99988EPSS
Exploits52
Gitee
Gitee
added 2021/04/12 3:30 p.m.16 views

Exploit for CVE-2013-0422

K8tools 20200118 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 扫描工具 Ladon 6.0 大型内网渗透扫描神器内置48个功能,支持Cobalt Strike + 扫描工具 Ladon 5.7...

10CVSS8.3AI score0.99913EPSS
Exploits164
Gitee
Gitee
added 2021/01/25 2:52 a.m.16 views

Exploit for Improper Access Control in Elasticsearch

欢迎各位大佬提BUG,当前版本 AssetScanV1.3 周期 初版:2019年11月28日 V1.0初版编写完成 修改1:2019年12月02日 感谢Shadow·J反馈kali下文件导入异常 修改2:2019年12月03日 V1.1发布,新增ARP存活检测(回滚,测bug) 修改3:2019年12月04日 V1.2发布,修复漏洞脚本异常,修复weblogic脚本 修改4:2019年12月05日 V1.2修改,感谢sevck提供设计思路以及代码不规范问题 修改5:2019年12月05日 V1.2修改,修复IP数据处理异常 修改6:2019年12月19日...

10CVSS7AI score0.99999EPSS
Exploits145
Gitee
Gitee
added 2020/10/10 6:21 p.m.16 views

Exploit for CVE-2020-1472

PoC exploit for CVE-2020-1472, a vulnerability in the Windows Netlogon service that allows for authentication bypass. The exploit uses the Impacket library to test the vulnerability and attempts to perform a Netlogon authentication bypass. The script will immediately terminate when successfully...

10CVSS7.5AI score0.99512EPSS
Exploits75
Gitee
Gitee
added 2020/09/26 9:18 p.m.16 views

Exploit for Path Traversal in Codiad

Exploit-Framework Exploits: |Vendor|Vulnerability|Effected Version|Description|Author| |:-:|:-:|:-:|:-:|:-:| |zblog|NOTCVE| https://github.com/WangYihang/Exploit-Framework/wiki Contribution: 1. Guidance of writing exploit module TODO: - 解析字符串 - 深层模块化 - 上下文栈维护 - 日志 - 自动补全 - Exploit 搜索 - Wiki -...

9.8CVSS9.2AI score0.98283EPSS
Exploits106
Gitee
Gitee
added 2020/05/02 2:33 p.m.16 views

Exploit for CVE-2018-8453

cve-2018-8453-exp cve-2018-8453 exp 本程序为cve-2018-8453的利用程序。 开发\测试平台:x86: windows 10 rs2 15063 x64: windos 10 rs2 16299 附: 使用Palette来读写内核 严重声明: 本工具仅用于技术研究学习。非法使用造成一切后果,均与本人无关。...

7.8CVSS7.1AI score0.69833EPSS
Exploits9
Gitee
Gitee
added 2020/03/04 10:46 p.m.16 views

Exploit for CVE-2013-0422

K8tools 20200118 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 扫描工具 Ladon 6.0 大型内网渗透扫描神器内置48个功能,支持Cobalt Strike + 扫描工具 Ladon 5.7...

10CVSS9AI score0.99913EPSS
Exploits164
Gitee
Gitee
added 2022/01/18 10:26 p.m.15 views

Exploit for Race Condition in Canonical Ubuntu_Linux

This is a PoC Proof of Concept exploit for CVE-2016-5195, also known as Dirty COW. The exploit relies on ptrace to patch the vDSO Virtual Dynamic Shared Object and create a TCP reverse shell to the attacker's machine. The target of the exploit is the Linux kernel, and the vulnerability class is a...

7.2CVSS7.5AI score0.83524EPSS
Exploits81
Gitee
Gitee
added 2021/12/23 4:22 p.m.15 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

安全相关的测试 介绍 安全相关的测试,仅供学习! 1.log4j2 CVE-2021-44228漏洞问题复现...

10CVSS8.7AI score0.99999EPSS
Exploits351
Gitee
Gitee
added 2021/12/13 7:42 p.m.15 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

This repository is a proof-of-concept PoC exploit for CVE-2021-44228, a vulnerability in the Log4j logging library. The exploit targets the Log4j 2 library, which is a popular logging framework for Java applications. The exploit uses the JNDI Java Naming and Directory Interface protocol to inject...

10CVSS8.7AI score0.99999EPSS
Exploits351
Gitee
Gitee
added 2021/11/12 4:15 p.m.15 views

Exploit for OS Command Injection in Docker

CDK - Zero Dependency Container Penetration Toolkit English | 简体中文 Legal Disclaimer Usage of CDK for attacking targets without prior mutual consent is illegal. CDK is for security testing purposes only. Overview CDK is an open-sourced container penetration toolkit, designed for offering stable...

9.3CVSS8AI score0.9857EPSS
Exploits37
Gitee
Gitee
added 2021/09/03 11:29 p.m.15 views

Exploit for Use After Free in Linux Linux_Kernel

This is a collection of exploit code for various Linux kernel vulnerabilities, specifically CVE-2016-8655, CVE-2017-1000112, CVE-2017-7308, and CVE-2018-18955. The exploits are written in C and use various techniques such as AFPACKET race condition, UDP fragmentation offset, and Linux kernel...

7.8CVSS7.2AI score0.20797EPSS
Exploits64
Gitee
Gitee
added 2021/07/07 8:29 p.m.15 views

Exploit for CVE-2020-1472

PoC exploit for CVE-2020-1472, a vulnerability in the Windows Netlogon service that allows authentication bypass. The exploit uses the Impacket library to test the vulnerability and attempt to perform a Netlogon authentication bypass. It targets the Netlogon service on a domain controller and sen...

10CVSS7.5AI score0.99512EPSS
Exploits75
Gitee
Gitee
added 2020/12/09 3:19 p.m.15 views

Exploit for Out-of-bounds Write in Php

PoC exploit for CVE-2019-11043, an exploit for a bug in php-fpm. The exploit targets a vulnerability in certain nginx + php-fpm configurations, allowing a web user to execute code if the configuration is vulnerable. The exploit assumes that the nginx configuration has a location block that forwar...

9.8CVSS8.3AI score0.9947EPSS
Exploits54
Gitee
Gitee
added 2020/09/13 5:50 p.m.15 views

Exploit for CVE-2013-0422

K8tools 2020628 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 反弹工具 Ladon 6.6.6 反弹MSF/NC ShellTCP/HTTP/HTTPS + 扫描工具 Ladon 6.6 SMB漏洞检测 SMBGhost...

10CVSS6.5AI score0.99913EPSS
Exploits281
Gitee
Gitee
added 2020/01/14 8:53 p.m.15 views

Exploit for Use After Free in Linux Linux_Kernel

This repository contains various kernel exploits for Linux systems. The exploits target different vulnerabilities, including CVE-2016-8655, CVE-2017-1000112, CVE-2017-7308, and CVE-2018-18955, among others. The exploits are implemented in C and use various techniques, such as KASLR and SMEP/SMAP...

7.8CVSS7.1AI score0.20797EPSS
Exploits64
Gitee
Gitee
added 2023/11/13 5:50 a.m.14 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

This is a repository containing operational information regarding the vulnerability in the Log4j logging library CVE-2021-44228. The repository includes information on hunting for exploitation, indicators of compromise IoCs, mitigation, and scanning for the Log4j vulnerability. It also contains a...

10CVSS8.4AI score0.99999EPSS
Exploits351
Gitee
Gitee
added 2022/01/23 6:42 p.m.14 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Safari

Awesome Web Security 🐶 Curated list of Web Security materials and resources. Needless to say, most websites suffer from various types of bugs which may eventually lead to vulnerabilities. Why would this happen so often? There can be many factors involved including misconfiguration, shortage of...

10CVSS8.4AI score0.99964EPSS
Exploits63
Gitee
Gitee
added 2022/01/10 6:10 p.m.14 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

PoC exploit for CVE-2021-44228, a remote code execution vulnerability in Apache Log4j. The target product/service is Apache Log4j, and the vulnerability class/vector is remote code execution RCE. The probable entry point is the Log4j2ExploitTest.java file, which contains the exploit code. The...

10CVSS9.3AI score0.99999EPSS
Exploits351
Gitee
Gitee
added 2021/12/17 3:16 p.m.14 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4Shell(CVE-2021-44228)related attacks IOCs 源IP使用Apache Log4j RCE尝试攻击,其中包含很大部分Tor节点,详见Attack-IP.md 利用log4j漏洞传播的恶意程序、Botnet等IOC详见IOC-C2.md Snort检测规则详见Snort.md Suricata规则详见Suricata.md...

10CVSS8.7AI score0.99999EPSS
Exploits351
Gitee
Gitee
added 2021/11/22 10:46 a.m.14 views

Exploit for Improper Authentication in Dahuasecurity Ipc-Hum7Xxx_Firmware

This is a PoC exploit for CVE-2021-33044, an authentication bypass vulnerability in Dahua IPC, VTH, and VTO devices. The exploit targets the login process of these devices, allowing attackers to bypass device identity authentication by constructing malicious data packets. The exploit is implement...

10CVSS8.4AI score0.99871EPSS
Exploits12
Gitee
Gitee
added 2021/04/20 10:15 a.m.14 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

This is a proof-of-concept PoC exploit for CVE-2020-0796, also known as SMBGhost, a pre-authentication remote code execution RCE vulnerability in the SMBv3 protocol. The exploit is written in Python and uses the SMB protocol to inject shellcode into the target system. The exploit targets Windows...

10CVSS8.6AI score0.9981EPSS
Exploits125
Gitee
Gitee
added 2021/02/01 10:21 p.m.14 views

Exploit for Improper Handling of Exceptional Conditions in Sudo_Project Sudo

PoC exploit for CVE-2019-14287, a vulnerability in Sudo before 1.8.28. The exploit targets the ability of an attacker with access to a Runas ALL sudoer account to bypass certain policy blacklists and session PAM modules, and cause incorrect logging, by invoking sudo with a crafted user ID. The...

9CVSS8.1AI score0.63917EPSS
Exploits10
Gitee
Gitee
added 2020/12/08 8:37 p.m.14 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 提权 Windows SMBv3 LPE Exploit Authors Daniel García Gutiérrez @danigargu Manuel Blanco Parajón @dialluvioso References https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796 https://www.synacktiv.com/posts/exploit/im-smbghost-daba-dee-daba-da.html...

10CVSS7.1AI score0.9981EPSS
Exploits125
Gitee
Gitee
added 2020/10/09 8:46 p.m.14 views

Exploit for CVE-2019-13272

No description...

7.8CVSS7AI score0.52199EPSS
Exploits21
Gitee
Gitee
added 2020/09/21 2:36 p.m.14 views

Exploit for Improper Access Control in Elasticsearch

欢迎各位大佬提BUG,当前版本 AssetScanV1.3 周期 初版:2019年11月28日 V1.0初版编写完成 修改1:2019年12月02日 感谢Shadow·J反馈kali下文件导入异常 修改2:2019年12月03日 V1.1发布,新增ARP存活检测(回滚,测bug) 修改3:2019年12月04日 V1.2发布,修复漏洞脚本异常,修复weblogic脚本 修改4:2019年12月05日 V1.2修改,感谢sevck提供设计思路以及代码不规范问题 修改5:2019年12月05日 V1.2修改,修复IP数据处理异常 修改6:2019年12月19日...

10CVSS8AI score0.99999EPSS
Exploits145
Gitee
Gitee
added 2020/08/05 2:46 p.m.14 views

Exploit for CVE-2013-0422

K8tools 2020628 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 反弹工具 Ladon 6.6.6 反弹MSF/NC ShellTCP/HTTP/HTTPS + 扫描工具 Ladon 6.6 SMB漏洞检测 SMBGhost...

10CVSS6.5AI score0.99913EPSS
Exploits281
Gitee
Gitee
added 2020/06/02 11:19 a.m.14 views

Exploit for Out-of-bounds Write in Php

This is an exploit module for a bug in php-fpm CVE-2019-11043. The bug is possible to trigger from the outside in certain nginx + php-fpm configurations, allowing a web user to execute code if the vulnerable configuration is present. The exploit targets PHP 7+ and works by appending a specially...

9.8CVSS7.4AI score0.9947EPSS
Exploits54
Gitee
Gitee
added 2020/01/04 8:24 a.m.14 views

Exploit for CVE-2013-0422

K8tools 20191130 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 下载: https://github.com/k8gege/K8tools PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 扫描工具 Ladon 5.7 大型内网渗透扫描神器内置40个功能,支持Cobalt Strike + 扫描工具 K8Cscan5.4 大型内网渗透扫描器内置30个功能,支持Cobalt Strike +...

10CVSS6.5AI score0.99913EPSS
Exploits153
Gitee
Gitee
added 2019/12/22 12:15 p.m.14 views

Exploit for CVE-2013-0422

K8tools 20191130 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 下载: https://github.com/k8gege/K8tools PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 扫描工具 Ladon 5.7 大型内网渗透扫描神器内置40个功能,支持Cobalt Strike + 扫描工具 K8Cscan5.4 大型内网渗透扫描器内置30个功能,支持Cobalt Strike +...

10CVSS6.5AI score0.99913EPSS
Exploits153
Gitee
Gitee
added 2022/01/26 10:17 p.m.13 views

Exploit for OS Command Injection in Docker

The repository is a proof-of-concept PoC exploit for CVE-2019-5736, a container escape vulnerability in Docker. The PoC is written in Go and is designed to overwrite the /bin/sh binary in a container with a malicious interpreter path, allowing for code execution on the host system. The exploit...

9.3CVSS7.9AI score0.9857EPSS
Exploits33
Gitee
Gitee
added 2021/12/22 4:58 p.m.13 views

Exploit for OS Command Injection in Docker

CVE-2019-5736 is a container escape vulnerability in Docker. The PoC Proof of Concept exploit for this vulnerability is available in the repository sekla/CVE-2019-5736-PoC. The exploit works by overwriting and executing the host system's runc binary from within the container. The exploit has two...

9.3CVSS7.7AI score0.9857EPSS
Exploits33
Gitee
Gitee
added 2021/12/12 9:5 p.m.13 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-4428 复现 本DEMO是针对Log4j2 超高危RCE漏洞CVE-2021-4428的复现DEMO,目的是认识该漏洞的危害性并根据您系统的情况做出针对性的防御。 警告 本DEMO只是针对技术层面的研究,不涉及恶意远程计算机侵入方面的相关脚本。请勿利用漏洞进行非法侵入他人计算机的违法活动。否则您将可能承担以下侵权责任: 1. 根据《中华人民共和国治安管理处罚法》第二十九条 对违反国家规定,侵入计算机信息系统,造成危害的,处五日以下拘留;情节较重的,处五日以上十日以下拘留。 2...

10CVSS8.6AI score0.99999EPSS
Exploits351
Gitee
Gitee
added 2021/11/21 1:53 p.m.13 views

Exploit for Incorrect Conversion between Numeric Types in Linux Linux_Kernel

CVE-2020-27194 my exp for CVE-2020-27194, tested on linux kernel 5.8.14. More details : https://ama2in9.top/2020/12/14/CVE-2020-27194/ reference CVE-2020-8835 pwn2own 2020 ebpf 提权漏洞分析 CVE-2020-8835 pwn2own 2020 ebpf 通过任意读写提权分析...

7.8CVSS7.2AI score0.0606EPSS
Exploits11
Gitee
Gitee
added 2021/10/17 12:0 a.m.13 views

Active-Directory-Exploitation-Cheat-Sheet

This is a cheat sheet for Windows Active Directory exploitation, containing common enumeration and attack methods. The repository is a collection of PowerShell scripts and modules that can be used to perform various attacks on Active Directory, including domain enumeration, lateral movement, and...

7AI score
Exploits0
Gitee
Gitee
added 2021/10/16 11:58 p.m.13 views

Exploit for SQL Injection in Djangoproject Django

CVE-2020-7471 这个仓库提供 CVE-2020-7471 Potential SQL injection via StringAggdelimiter 漏洞的环境和 POC 受影响的 django 版本 - 1.11 到 1.11.28(不含) - 2.2 到 2.2.10(不含) - 3.0 到 3.0.3(不含) 下载使用前需要如下操作: 1. 安装 django 漏洞版本,我测试用的是 python pip install django==3.0.2 -i https://pypi.tuna.tsinghua.edu.cn/simple 2. 参考...

9.8CVSS9.3AI score0.65336EPSS
Exploits9
Gitee
Gitee
added 2021/09/20 11:12 p.m.13 views

Exploit for Out-of-bounds Write in Php

This is an exploit module for a bug in php-fpm CVE-2019-11043. The exploit targets a vulnerability in certain nginx + php-fpm configurations, allowing a web user to execute code if the configuration is vulnerable. The exploit works by appending a specially crafted URL to the web server, which...

9.8CVSS7.7AI score0.9947EPSS
Exploits54
Gitee
Gitee
added 2021/04/29 9:43 p.m.13 views

Exploit for CVE-2020-1472

CVE-2020-1472 is a vulnerability in the Windows Netlogon service that allows an attacker to authenticate as the computer account password. The vulnerability is a buffer overflow in the Netlogon service, which can be exploited by sending a specially crafted request to the service. The exploit code...

10CVSS9.1AI score0.99512EPSS
Exploits75
Gitee
Gitee
added 2021/04/15 8:29 p.m.13 views

Exploit for SQL Injection in Zabbix

This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary CVE IDs present in the context are CVE-2016-10134, CVE-2017-2824, and CVE-2020-11800. The target product/service or framework is not explicitly...

9.8CVSS6.8AI score0.83284EPSS
Exploits28
Gitee
Gitee
added 2020/12/08 4:32 p.m.13 views

Exploit for CVE-2020-1472

PoC exploit for CVE-2020-1472, a vulnerability in the Windows Netlogon service that allows for authentication bypass. The exploit uses the Impacket library to test the vulnerability and attempts to perform a Netlogon authentication bypass. The script will immediately terminate when successfully...

10CVSS7.5AI score0.99512EPSS
Exploits75
Gitee
Gitee
added 2020/11/24 4:49 p.m.13 views

Exploit for Path Traversal in Codiad

Exploit-Framework Exploits: |Vendor|Vulnerability|Effected Version|Description|Author| |:-:|:-:|:-:|:-:|:-:| |zblog|NOTCVE| https://github.com/WangYihang/Exploit-Framework/wiki Contribution: 1. Guidance of writing exploit module TODO: - 解析字符串 - 深层模块化 - 上下文栈维护 - 日志 - 自动补全 - Exploit 搜索 - Wiki -...

9.8CVSS6.9AI score0.98283EPSS
Exploits106
Gitee
Gitee
added 2020/08/31 1:22 a.m.13 views

Exploit for CVE-2020-2551

sgysoserial Description clone ysoserial Modifications and enhancements fix | Exploit - Payload | 说明 | | :---------------------------------------- | -------------------------------------------------: | | ysoserial.exploit.IIOPRegistryExploit | Weblogic CVE-2020-2551 利用, 修改 wlfullclient.jar | |...

9.8CVSS7.1AI score0.93168EPSS
Exploits18
Gitee
Gitee
added 2020/08/10 10:6 a.m.13 views

Exploit for Use After Free in Microsoft

System-Vulnerability 实时更新较好用最新漏洞EXP,仅供已授权渗透测试使用 --- Windows --2019.9.20 CVE-2019-0708 Blue Keep Rce --2019.11.20 CVE-2019-1388 UAC 提权 --2020.3 CVE-2020-0796 - SMBv3 poc --2020.4 CVE-2020-0796 - SMBv3 提权 --2020.5 全版本窃取令牌提权 --2020.6 CVE-2020-0796 - SMBv3 getshell Linux --2019.11 CVE-2019-14287 sudo...

10CVSS8AI score0.99999EPSS
Exploits257
Gitee
Gitee
added 2020/07/26 11:5 p.m.13 views

Exploit for CVE-2013-0422

K8tools 2020628 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 反弹工具 Ladon 6.6.6 反弹MSF/NC ShellTCP/HTTP/HTTPS + 扫描工具 Ladon 6.6 SMB漏洞检测 SMBGhost...

10CVSS6.5AI score0.99913EPSS
Exploits281
Gitee
Gitee
added 2020/04/26 9:31 a.m.13 views

Exploit for CVE-2017-0144

PoC exploit for CVE-2017-0144, a remote code execution vulnerability in SMBv1. The exploit targets Windows 7 and 2008 R2 systems. The probable entry point is the eternalblue.py script, which is a Python implementation of the NSA EternalBlue SMB exploit. Not specified how it is typically invoked...

9.3CVSS8.7AI score0.9923EPSS
Exploits55
Gitee
Gitee
added 2020/03/11 5:41 p.m.13 views

Exploit for CVE-2013-0422

K8tools 20200118 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 扫描工具 Ladon 6.0 大型内网渗透扫描神器内置48个功能,支持Cobalt Strike + 扫描工具 Ladon 5.7...

10CVSS8.1AI score0.99913EPSS
Exploits164
Gitee
Gitee
added 2023/11/12 5:8 a.m.12 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

PoC exploit for CVE-2021-4034, a Local Privilege Escalation Vulnerability in polkit’s pkexec. The exploit is implemented in Python and utilizes the PwnKit vulnerability to gain elevated privileges. The code creates a malicious shared object SO that, when loaded by pkexec, executes a setuid0 and...

7.8CVSS7.4AI score0.94921EPSS
Exploits151
Gitee
Gitee
added 2023/09/07 11:56 a.m.12 views

canTot

This is a Python-based CLI framework called "canTot" that is designed for CAN Bus hacking and exploitation. It is similar to an exploit framework but focused on known CAN Bus vulnerabilities or "fun CAN Bus hacks." The framework is made up of several modules, each with its own specific...

7.3AI score
Exploits0
Gitee
Gitee
added 2023/02/28 4:14 p.m.12 views

Exploit for Double Free in Linux Linux_Kernel

This is a repository containing a proof-of-concept PoC exploit for a vulnerability in a Linux kernel module. The PoC is for CVE-2021-22600, a vulnerability in the Linux kernel's packet socket implementation that allows an attacker to bypass certain security restrictions. The exploit is implemente...

7.2CVSS7AI score0.05918EPSS
Exploits2
Gitee
Gitee
added 2023/01/15 1:57 p.m.12 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

PoC exploit for CVE-2021-4034, a privilege escalation vulnerability in the polkit package. The target product/service is polkit, a Linux system policy kit. The vulnerability class/vector is a privilege escalation vulnerability. The probable entry points are the gconv-modules file and the...

7.8CVSS7.6AI score0.94921EPSS
Exploits151
Total number of security vulnerabilities1886