1886 matches found
Exploit for CVE-2018-2893
CVE-2018-2893漏洞验证脚本 使用方法 python CVE-2018-2893.py 10.10.0.1 7001 分析预警 https://www.anquanke.com/post/id/152164 脚本来源 https://www.secfree.com/article-957.html...
Exploit for Path Traversal in Igniterealtime Openfire
PoC exploit for CVE-2019-18393 and CVE-2019-18394, which are related to MongoDB and Redis vulnerabilities. The repository contains information on how to exploit these vulnerabilities, including a demonstration of how an attacker can gain unauthorized access to a MongoDB database and a Redis serve...
Exploit for Code Injection in Microsoft
This repository contains a proof-of-concept PoC exploit for CVE-2017-8759, a vulnerability in the Windows Shell that allows for arbitrary code execution. The exploit is designed to weaponize the vulnerability, allowing an attacker to execute malicious code on a vulnerable system. The PoC is...
Exploit for Improper Encoding or Escaping of Output in F5 Nginx
It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID present in the provided context is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including ones for CVE-2016-9086, CVE-2017-1000353,...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
This is a proof-of-concept PoC exploit for CVE-2020-0796, also known as SMBGhost, a pre-authentication remote code execution vulnerability in Windows SMBv3. The exploit targets the SMBGhost vulnerability in Windows operating systems, specifically Windows 10 and Windows Server 2016 and 2019. The...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
This repository is an exploit module for the SMBGhost RCE vulnerability, identified as CVE-2020-0796. The exploit is a proof-of-concept PoC and is intended for demonstration purposes only. It has not been thoroughly tested outside of the author's lab environment and should not be used for any...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796 PoC aka CoronaBlue aka SMBGhost is a proof-of-concept exploit for a bug in Windows 10 1903/1909's new SMB3 compression capability. The bug is caused by a lack of bounds checking in the offset size of the SMB2CompressionTransformHeader, which leads to a buffer overflow and kernel cra...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796-SMB 该资源为CVE-2020-0796漏洞复现,包括Python版本和C++版本。主要是集合了github大神们的资源,希望您喜欢 C++ Python EXP POC 漏洞利用: - 本地EXP提权:https://github.com/danigargu/CVE-2020-0796 - 本地EXE提权: https://github.com/f1tz/CVE-2020-0796-LPE-EXP - POC版本提权: https://github.com/eerykitty/CVE-2020-0796-PoC -...
Exploit for Use After Free in Microsoft
This is an attempt to port existing PoCs Proof of Concept to actual exploits for the BlueKeep vulnerability CVE-2019-0708. The project is not actively maintained, but the author welcomes suggestions and opinions from the public. The goal is to achieve Remote Code Execution RCE on vulnerable hosts...
Exploit for Use After Free in Microsoft
微软3389远程漏洞CVE-2019-0708批量检测工具 0x001 Win下检测 https://github.com/robertdavidgraham/rdpscan C:\Users\K8team\Desktop\rdpscan-master\vs10\Release 的目录 2019/06/02 02:11 DIR . 2019/06/02 02:11 DIR .. 2019/06/02 01:55 2,582,016 libcrypto-11.dll 2019/06/02 01:57 619,520 libssl-11.dll 2019/06/02 02:04 172,03...
Exploit for Improper Input Validation in Joomla Joomla\!
CMS-Hunter 简介 Content Management System Vulnerability Hunter 说明:目前来看,本项目会进行长期维护,有修改的建议或者想法欢迎联系作者。 CMS 漏洞列表 Discuz - Discuz<3.4birthprovince前台任意文件删除 DedeCMS - DedeCMSv5.7shopsdelivery存储型XSS - DedeCMSv5.7carbuyaction存储型XSS - DedeCMSv5.7友情链接CSRFGetShell - DedeCMS V5.7 SP2后台存在代码执行漏洞 Drupal -...
Exploit for CVE-2020-2551
CVE-2020-2551 Weblogic IIOP 反序列化 测试环境 Weblogic10.3.6+jdk1.6 打包好的jar包 提取码:a6ob 漏洞利用 下载jar包,然后使用marshalsec起一个恶意的RMI服务,本地编译一个exp.java java package payload; import java.io.IOException; public class exp public exp String cmd = "curl http://172.16.1.1/success"; try...
PayloadsAllTheThings
This repository is an offensive tool for Web Application Security and Pentest/CTF. It contains a list of useful payloads and bypass for various web application security testing and penetration testing purposes. The primary vulnerability class targeted by this repository is CRLF Carriage Return an...
PowerSploit
This is an offensive tool for Windows PowerShell. It is a module for PowerSploit, a PowerShell framework for penetration testing and red teaming. The module contains several functions for code execution, including reflective DLL injection and DLL injection into a process. The functions can be use...
Exploit for Use After Free in Google Chrome
PoC exploit for CVE-2019-5786, a FileReader Use-After-Free UAF vulnerability in Chrome 72.0.3626.119 stable for Windows 7 x86. The exploit uses site-isolation to brute-force the vulnerability. The target is the FileReader object, which is used to read files from the local file system. The exploit...
Exploit for Path Traversal in Citrix Application_Delivery_Controller_Firmware
Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway CVE-2019-19781...
PowerShell-Suite
This repository is an offensive tool for Windows UAC User Account Control bypass. The tool, named "Bypass-UAC," provides a framework to perform UAC bypasses based on auto-elevating IFileOperation COM object method calls. It rewrites PowerShell's PEB Portable Executable Binary to give it the...
Win2016LPE
Win2016LPE Windows10 & Windows Server 2016 LPE Exploit 利用 schedsvc!SchRpcSetSecurity 漏洞 目录说明 bin-x86 为支持Win10 x86系统的Bin bin-x64 为支持Win10 x64 、 Win2016系统的Bin Win2016LPE 为提权主程序 ALPC-TaskSched-LPE 漏洞利用DLL ExpDLL exploit dll 编译生成之后放置于ALPC-TaskSched-LPE\resource目录 更新历史 2018-09-28...
Exploit for CVE-2020-1938
This is a proof-of-concept PoC exploit for CVE-2020-1938, a vulnerability in Apache Tomcat's AJP protocol. The exploit is written in Python 2.7 and uses the ajpy library to interact with the AJP protocol. The exploit is designed to perform a Local File Inclusion LFI attack on the target Tomcat...
maltrail
Maltrail is a malicious traffic detection system that utilizes publicly available blacklists containing malicious and/or generally suspicious trails. It also uses optional advanced heuristic mechanisms to help in discovery of unknown threats. The system can be configured to ignore certain events...
Exploit for CVE-2013-0422
K8tools 20190324 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 博客: https://www.cnblogs.com/k8gege 下载: https://github.com/k8gege/K8tools 密码: k8gege k8team K8team PS: 不定期更新,文件比较大,可按需下载。 提权工具均可在远控cmd或WebShell下运行,大部份经过修改重新编译兼容性稳定性比网上要好 综合工具 + 综合工具 K8飞刀Final.rar 提权工具 + 提权工具 iislpe.exe IIS全版本提权仅限IIS帐户、服务帐户 + 提权工具 pr.exe...
PowerSploit
This is an offensive tool for Windows PowerShell exploitation. It is a PowerShell post-exploitation framework called PowerSploit, which includes various modules for code execution, DLL injection, and antivirus bypass. The framework is designed to be used by penetration testers and red teamers to...
shadowbroker
This repository, bahuwang/shadowbroker, contains a collection of exploits and tools leaked by the Shadow Brokers, a group known for releasing sensitive information. The repository includes a README file that lists the contents of the repository, which includes various exploit modules and tools...
Exploit for CVE-2014-7911
Security-Data-Analysis-and-Visualization 2018-2020青年安全圈-活跃技术博主/博客 Why - 最初目的:个人日常安全阅读资源不足,需要从博客、Github、Twitter等多个数据源补充。 - 延续目的:以人为核心,系统化收集博客、Github、当前主要研究方向、所属安全组织、学校、公司、RSS、知乎、微博、Email等信息,缩小安全圈的范围。 - 信息检索:通过关键字检索,方便找人,缩小人与人之间的交流障碍。比如通过高校关键字,可以快速找到校友,通过网络ID快速找到博主。 -...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab
It is an offensive tool for Docker environments. The primary CVE ID is not explicitly mentioned, but the repository contains various vulnerable environments based on Docker-Compose, including CVE-2016-9086 and CVE-2017-1000353. The target product/service or framework is Docker, and the...
POC-T
This is a Python-based penetration testing framework called POC-T. It is designed to facilitate concurrent testing and provides a variety of features for vulnerability scanning and exploitation. The framework includes a range of built-in scripts for testing various vulnerabilities, including SQL...
Exploit for CVE-2013-0422
K8tools 20191024 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 下载: https://github.com/k8gege/K8tools PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 扫描工具 K8Cscan5.4 大型内网渗透扫描器内置28个功能,支持Cobalt Strike + 综合工具 K8飞刀Final.rar + K8data.mdb K8飞刀漏洞数据库20190402 +...
Exploit for Use After Free in Microsoft
It is an exploit module for CVE-2019-0708. The target product/service or framework is Windows 10. The vulnerability class/vector is RCE Remote Code Execution via Windows Remote Desktop Service. Notable dependencies/tooling include the Windows Remote Desktop Service. The execution context is a...
Exploit for CVE-2019-0803
这个漏洞属于未正确处理GDI对象导致的UAF类型本地权限提升漏洞 看雪地址 复现环境 1. Windows 7 sp1 64位操作系统 2. 编译环境Visual Studio 2013 引用 360分析 看雪分析 Poc 分析 关于漏洞的成因,以上两篇引用文章对漏洞的成因已经介绍的很详细,这里不再赘述.本文主要分析漏洞复现的调试过程,和漏洞利用方式的讨论. 在poc中先创建大小为0x350的AcceleratorTable,计算公式为: ACCEL WINAPI CreateAcceleratorTableW InreadscAccel LPACCEL paccel,In int...
Exploit for CVE-2018-9995
This is an exploit module for a DVR Digital Video Recorder vulnerability, specifically CVE-2018-9995. The exploit is designed to obtain exposed credentials from the DVR. The module is written in Python and uses the requests library to send HTTP requests to the DVR. The exploit targets a...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab
This repository is an offensive tool for a vulnerability environment. It is a Docker-Compose file for a vulnerability environment. The repository contains a .gitignore file, a README.md file, and several other files that are used to configure the environment. The .gitignore file contains a list o...
Exploit for CVE-2005-2006
This is an open-source application server attack toolkit called clusterd. It automates the fingerprinting, reconnaissance, and exploitation phases of an application server attack. The toolkit currently supports six different application server platforms, including JBoss, ColdFusion, and WebLogic...
Exploit for CVE-2017-8570
The provided repository is an exploit toolkit for CVE-2017-8570, a vulnerability in Microsoft Office PPSX files. The toolkit is designed to generate malicious PPSX files that can deliver payloads to a target system. The payloads can be either local or remote, depending on the user's preference. T...
Exploit for Buffer Underflow in Microsoft
github 军火库 web,安全,渗透,军火库 漏洞及渗透练习平台: WebGoat漏洞练习环境 https://github.com/WebGoat/WebGoat https://github.com/WebGoat/WebGoat-Legacy Damn Vulnerable Web Application漏洞练习平台 https://github.com/RandomStorm/DVWA 数据库注入练习平台 https://github.com/Audi-1/sqli-labs 用node编写的漏洞练习平台,like OWASP Node Goat...
Exploit for CVE-2017-8570
PoC exploit for CVE-2017-8570. The exploit toolkit, CVE-2017-8570, is a Python script designed to generate malicious PPSX files that can deliver payloads to users. It can be used in two scenarios: delivering local payloads or remote payloads. To deliver local payloads, the script generates a...
pwncli
This is an offensive tool for binary exploitation. The primary vulnerability targeted is not explicitly stated, but the code and documentation suggest that it is a buffer overflow vulnerability in a binary named "stackoverflownopie" and "stackoverflowpie". The tool, named "pwncli", is designed to...
pocsuite3
This is a Python-based framework for remote vulnerability testing and proof-of-concept development, called pocsuite3. It is developed by the Knownsec 404 Team and is designed for penetration testers and security researchers. The framework comes with a powerful proof-of-concept engine and various...
Exploit for Incorrect Authorization in Vmware Spring_Security
CVE-2022-22978 POC environment CVE-2022-22978 Spring-Security bypass Demo 在Spring Security中使用RegexRequestMatcher且规则中包含带点号的正则表达式时,攻击者可以通过构造恶意数据包绕过身份认证 影响范围 Spring Security 5.5.x http://localhost:8080/admin/index%0a Docker docker pull s0cke3t/cve-2022-22978:latest...
Exploit for OS Command Injection in Sonatype Nexus_Repository_Manager
CVE-2019-5475 CVE-2019-5475 与 CVE-2019-15588 靶场: RCE 命令注入漏洞 ------ 0x00 背景 CVE-2019-5475 是 Nexus 关于内置插件 Yum Repository 的 RCE 命令注入漏洞,其最早被披露于 hackerone,但因官方第一次修复不完整,故又衍生出了 CVE-2019-15588 漏洞。 这两个漏洞都需要以 admin 身份登录后才可以利用,但是 nexus 默认管理员密码 admin123 经常被忽略修改,很容易就被利用了。 0x10 靶场环境 0x20 目录结构 CVE-2019-5475 ├──...
vulhub
This is a collection of vulnerable web applications and tools for testing and learning about web application security. The repository contains a variety of applications, including CouchDB, FFmpeg, Git, and Jenkins, each with its own set of vulnerabilities. The applications are designed to be used...
Exploit for Out-of-bounds Write in Linux Linux_Kernel
This is a PoC exploit for CVE-2022-0995, a heap out-of-bounds write in the watchqueue Linux kernel component. The exploit targets Ubuntu 21.10 with kernel 5.13.0-37. It uses the same technique described in a Google Security Research writeup for CVE-2021-22555. The exploit is not 100% reliable and...
Exploit for Open Redirect in Git-Scm Git
CVE-2017-1000117 借鉴使用github平台的AnonymKing/CVE-2017-1000117仓库 项目简介 + CVE-2017-1000117 漏洞的复现(PoC+Exp) + Git2.12.1 + SSH 漏洞简介: + 漏洞名称: Git命令注入漏洞 + CNNVD编号:CNNVD-201708-670 + 危害等级:中危 + CVE编号:CVE-2017-1000117 + 漏洞类型:命令注入 + 发布时间:2017-08-16...
nuclei-templates
This is a GitHub repository for a community-curated list of templates for the Nuclei engine to find security vulnerabilities in applications. The repository contains various templates for the scanner provided by the team and contributed by the community. The templates are stored in the...
exploitdb
The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...
Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager
CVE-2020-5902 is a vulnerability in BIG-IP, a load balancer and application delivery controller. The vulnerability is a remote code execution RCE flaw that allows an attacker to execute arbitrary code on the BIG-IP system. The vulnerability exists in the BIG-IP web interface, specifically in the...
vulhub
This is an open-source collection of vulnerable systems and applications for educational purposes. The repository is maintained by phith0n and is available on GitHub. It contains a variety of vulnerable systems and applications, including web applications, databases, and operating systems. The...
vulhub
This repository is an open-source collection of vulnerable systems and applications for educational purposes, specifically for learning and practicing penetration testing and vulnerability assessment. It is maintained by phith0n and hosted on GitHub. The repository contains various vulnerable...
Exploit for Use After Free in Microsoft
CVE-2021-40449-Exploit olny worker on windows 10 14393,and windows 10 17763 Use Palette to Spay and RtlSetAllBits to Write...
Exploit for OS Command Injection in Zabbix
This is a Python script that exploits a vulnerability in the Zabbix web application. The script is designed to send a malicious payload to the Zabbix server, which will execute the payload and potentially allow an attacker to gain unauthorized access to the system. Here is a breakdown of the...
php_code_audit_project
The provided code snippet appears to be a PDF document containing a vulnerability report for ThinkPHP, a PHP framework. The report describes a request function vulnerability that allows for remote code execution. The code snippet is a PDF document with a single page containing a table with severa...