1886 matches found
Exploit for CVE-2020-16898
PoC exploit for CVE-2020-16898, a Windows TCP/IP Remote Code Execution Vulnerability. The exploit targets the Windows TCP/IP stack and uses a specially crafted IPv6 packet to trigger a buffer overflow, leading to remote code execution. The exploit is implemented in Python using the Scapy library...
ctf
This repository contains a writeup for the CSAW CTF 2015. The writeup includes descriptions of various challenges, including web, exploit, crypto, reversing, and forensics challenges. The writeup is organized into sections, with each section describing a specific challenge. The challenges include...
Exploit for Absolute Path Traversal in Rarlab Winrar
This is a PoC exploit for CVE-2018-20250. The exploit targets a vulnerability in the Microsoft Visual C++ compiler, specifically in the way it handles certain types of code. The vulnerability allows for arbitrary code execution. The exploit is likely to be used to demonstrate the vulnerability an...
Exploit for SQL Injection in Drupal
vulnerability-list 常见漏洞快速检测,目前包含以下漏洞。 Tomcat: - CVE201712615 / CVE201712617 - tomcatweakpassword - examplevulnerability检测tomcat的examples等目录是否存在 moon.py -u tomcat http://xx.xx.xx.xx:xxxx Fckeditor - 获取版本及常见上传页面检测 - fck moon.py -u fck http://xx.xx.xx.xx/fckxx Weblogic - CVE201710271...
Exploit for CVE-2018-2894
Weblogic任意文件上传漏洞(CVE-2018-2894) 最近大家都在说这个漏洞,大家都注意到config.do这里发生了问题,但是其实根据 https://mp.weixin.qq.com/s/y5JGmM-aNaHcs6P9a-gRQ 这里的信息,begin.do也是有问题。少扯淡,下面给出具体利用方法: 问题就出现下下面这个页面。 上传时候,修改name的值就可以了 避免大家麻烦,给出来: /../../../../../../wlserver/server/lib/consoleapp/webapp/framework/skins/wlsconsole/images/ 然后...
Exploit for CVE-2018-2894
CVE-2018-2894 CVE-2018-2894 WebLogic 未授权访问致任意文件上传/RCE漏洞 检查脚本...
Exploit for Deserialization of Untrusted Data in Redhat Jboss_Enterprise_Application_Platform
This is a PoC exploit for CVE-2017-12149, a remote code execution vulnerability in JBoss. The exploit is written in Python and uses the requests library to send a crafted request to the target JBoss server. The exploit payload is encoded in hexadecimal and is injected into the request as a crafte...
Exploit for Improper Input Validation in Joomla Joomla\!
CMS-Hunter 简介 Content Management System Vulnerability Hunter 说明:目前来看,本项目会进行长期维护,有修改的建议或者想法欢迎联系作者。 CMS 漏洞列表 Discuz - Discuz<3.4birthprovince前台任意文件删除 DedeCMS - DedeCMSv5.7shopsdelivery存储型XSS - DedeCMSv5.7carbuyaction存储型XSS - DedeCMSv5.7友情链接CSRFGetShell - DedeCMS V5.7 SP2后台存在代码执行漏洞 Drupal -...
Exploit for CVE-2014-7911
This is a local root exploit for Nexus5 Android 4.4.4KTU84P. The exploit is based on the CVE-2014-7911 vulnerability, which is a privilege escalation vulnerability in the Android operating system. The exploit is designed to gain root access on the device. The exploit is implemented in Java and us...
exploit-database
This is the official Exploit Database repository, a collection of public exploits and vulnerable software. The repository is maintained by Offensive Security and is updated daily with new submissions. The database contains a wide range of exploits, including remote code execution, privilege...
isf
This is an offensive tool for ICS exploitation. It is a Python-based framework for exploiting Industrial Control Systems ICS, similar to Metasploit. The framework, known as ICSSploit, is a fork of the routersploit project and is designed for ICS exploitation. It includes various modules for...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Google Android
This repository is a proof-of-concept PoC exploit for CVE-2017-0474. The exploit targets a vulnerability in the Windows SMBv1 protocol, which allows an attacker to execute arbitrary code on a vulnerable system. The exploit is written in Python and uses the Metasploit framework to deliver the...
Vxscan
This is a Python script for a comprehensive scanning tool called Vxscan. The tool is designed to perform various scans on a target, including sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password...
pocsuite3-1
This is a PoC Proof of Concept framework for vulnerability testing and penetration testing, developed by the Knownsec 404 Team. The framework is called pocsuite3. The framework has a powerful proof-of-concept engine and many features for penetration testers and security researchers. It supports...
Vxscan
This is a Python-based comprehensive scanning tool called Vxscan, which is used for sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning, SQL injection, and other functions. The...
Exploit for Observable Discrepancy in Linux Linux_Kernel
PoC exploit for CVE-2021-34556 This repository contains a proof-of-concept exploit for a vulnerability in a specific product/service. The exploit targets a vulnerability in the product's framework, allowing for remote code execution. Exploit module/toolkit targeting The exploit module targets a...
PowerSploit
This is a PowerShell post-exploitation framework called PowerSploit. It is a collection of PowerShell scripts that can be used to perform various malicious activities, such as code execution, DLL injection, and reflective PE injection. The framework is designed to be portable and can be used on...
Exploit for Improper Input Validation in Jenkins
hackUtils It is a hack tool kit for pentest and web security research, which is based on BeautifulSoup bs4 module http://www.crummy.com/software/BeautifulSoup/bs4/. Usage: hackUtils.py options Options: -h, --help Show basic help message and exit -b keyword, --baidu=keyword Fetch URLs from Baidu...
Vulmap
This is an open-source online local vulnerability scanner project called Vulmap. It consists of online local vulnerability scanning programs for Windows and Linux operating systems. The project is designed to scan installed software on the host, query the Vulmon API for vulnerabilities, and print...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab
It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID present in the provided context is CVE-2016-9086. The target product/service or framework is GitLab. The vulnerability class/vector is not explicitly stated, but it is likely related to the mentioned...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab
It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID present in the context is CVE-2016-9086. The target product/service or framework is GitLab. The vulnerability class/vector is not explicitly stated, but the context suggests it is related to a GitLab...
Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager
PoC exploit for CVE-2020-5902, a vulnerability in F5 Networks BIG-IP TMUI web interface. The exploit targets a remote command execution vulnerability in the 'tmui/login.jsp' endpoint, allowing an attacker to read arbitrary files on the system. The vulnerability is exploited by sending a specially...
Exploit for Cross-site Scripting in Google Chrome
It is an exploit module for CVE-2017-5124, a Chrome UXSS vulnerability. The target product/service is Google Chrome, and the vulnerability class/vector is User Interface UI Scripting UXSS. The probable entry point is the PoC.mht file, which is a MHTML file containing a malicious XML stylesheet th...
Exploit for CVE-2020-2551
CVE-2020-2551 Weblogic IIOP 反序列化 测试环境 Weblogic10.3.6+jdk1.6 打包好的jar包 提取码:a6ob 漏洞利用 下载jar包,然后使用marshalsec起一个恶意的RMI服务,本地编译一个exp.java java package payload; import java.io.IOException; public class exp public exp String cmd = "curl http://172.16.1.1/success"; try...
K8tools
It is an offensive tool for web application exploitation. The repository, K8tools, contains a collection of tools for various purposes, including internal penetration, privilege escalation, remote overflow, vulnerability exploitation, scanning, password cracking, and anti-kill tools. The primary...
shadowbroker
This repository, xftx/shadowbroker, contains a collection of exploits and tools leaked by the Shadow Brokers. The repository includes a README.md file that provides information on the contents of the repository, including the exploits and tools it contains. The exploits and tools are organized in...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796 PoC aka CoronaBlue aka SMBGhost is a proof-of-concept exploit for a bug in Windows 10 1903/1909's new SMB3 compression capability. The bug is caused by a lack of bounds checking in the offset size of the SMB2CompressionTransformHeader, which can lead to a buffer overflow and crash t...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
PoC exploit for CVE-2020-0796 - SMBv3 RCE. The target product/service is SMB Server Message Block protocol, specifically SMBv3. The vulnerability class/vector is Remote Code Execution RCE. The probable entry point is the scanner.py script, which sends a specially crafted SMB negotiate request to...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796 Windows SMBv3 LPE Exploit Authors Daniel García Gutiérrez @danigargu Manuel Blanco Parajón @dialluvioso Exploit analysis POC Analysis by SungLin Knownsec 404 Team Writeup+PoC by @ZecOps References https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796...
Exploit for Code Injection in Apache Solr
This is a PoC exploit for CVE-2019-0193, a vulnerability in the Windows operating system. The exploit is written in C and uses the Metasploit framework to target the Windows kernel. The exploit code is not provided, but it is likely that it uses a buffer overflow vulnerability to execute arbitrar...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
This repository is an exploit module for CVE-2020-0796, a Windows SMBv3 LPE Local Privilege Escalation vulnerability. The exploit is written in C++ and utilizes the Windows API to achieve privilege escalation. The exploit targets the SMBv3 server on a Windows system and exploits a vulnerability i...
kernel_exploit_series
This is a collection of files related to a vulnerable driver, specifically targeting the Linux kernel. The files are part of a repository called "povcfe/kernelexploitseries". The files include: 1. 1-heapsprayUAF/easyuaf.c: This file appears to be a simple example of a heap spray vulnerability,...
exploitdb
The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...
vmware_escape
This is an exploit module for VMware Workstation prior to version 12.5.5. The exploit targets a vulnerability in the way VMware handles certain types of memory access, allowing an attacker to execute arbitrary code on the host system. The exploit is designed to be used by an attacker who has gain...
Exploit for Path Traversal in Citrix Application_Delivery_Controller_Firmware
Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway CVE-2019-19781...
Exploit for OS Command Injection in Cacti
The official exploit for Cacti v1.2.8 Remote Code Execution CVE-2020-8813...
PSKernel-Primitives
This repository contains a collection of PowerShell primitives for exploitation, specifically targeting Windows systems. The code is written in PowerShell and utilizes various Windows APIs to achieve its goals. The repository includes several functions, each with a specific purpose: 1...
Exploit for Injection in Oracle Agile_Plm
CVE-2019-2725 CVE-2019-2725CNVD-C-2019-48814、WebLogic wls9-async 命令回显 10.3.6 12.1.3 ResultBaseExec.java 用于测试defineClass,将把恶意类从base64还原出来,执行代码,主要是比较方便(可用可不用)。 JDK7u21.java 会生成weblogic-2019-272512.1.3命令执行.txt中的xml,请使用jdk6编译。 CVE-2019-2725.py 检测命令是否会执行。...
Exploit for Deserialization of Untrusted Data in Oracle Weblogic_Server
CVE-2018-2628 is a remote command execution vulnerability in Oracle WebLogic Server. The exploit code is written in Python and uses the CVE-2018-2628 Weblogic GetShell.py script to exploit the vulnerability. The script sends a specially crafted request to the vulnerable server, which allows an...
Exploit for Improper Input Validation in Microsoft
It is an exploit module for CVE-2019-0604, a remote code execution vulnerability in SharePoint. The target product/service is SharePoint, and the vulnerability class/vector is RCE. The probable entry point is not specified, but the usage link suggests it may be invoked via a web interface...
cve_2019_0708_bluekeep_rce
bluekeep exploit...
vulhub
It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to be vulnerable to various types of attacks. The probable entry points are not specified, but the environments are likel...
vulhub
It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability is not explicitly stated, but the repository contains various vulnerable environments, including ones related to Flask, Apache, Nginx, and more. The repository is maintained by phith0n and is...
Exploit for CVE-2019-15231
This repository contains a collection of exploits for various vulnerabilities, including unauthenticated remote command execution RCE and directory traversal. The exploits are written in Python and utilize various libraries such as requests and pymongo. The repository includes exploits for the...
pikachu
This is an offensive tool for Web application security testing. It is a web application that contains various web security vulnerabilities, including Burt Force brute-force, XSS cross-site scripting, CSRF cross-site request forgery, SQL-Inject SQL injection, RCE remote code execution, Files...
lua-resty-waf
This repository is an exploit module/toolkit targeting OpenResty, a high-performance web server built on the Nginx core. The primary vulnerability class/vector is not explicitly stated, but based on the code and metadata, it appears to be a remote code execution RCE vulnerability. The probable...
shadowbroker
This repository, Zam-0703/shadowbroker, contains a collection of exploits and tools for various vulnerabilities. The repository was created by the Shadow Brokers, a group known for releasing stolen NSA hacking tools. The repository includes exploits for several vulnerabilities, including:...
msf_module
msf-module wooyun还在的时候根据别人的审计写的一些msf插件,有几个还是挺好用的 module列表 auxiliary + zoomeye-search.rb exploits + Dswjcms-upload-wooyun-2015-0160899.rb + Lotapp-exec-wooyun-2015-0133750.rb + OEM-exec-wooyun-2010-0192732.rb + ZTE-exec-wooyun-2016-190343.rb + discuz-ssrf-wooyun-2011-0151179.rb +...
Exploit for Use After Free in Microsoft
This repository is a PoC Proof of Concept scanner for the CVE-2019-0708 vulnerability, also known as "BlueKeep", which is a remote code execution RCE vulnerability in Microsoft Windows Remote Desktop Services. The scanner is a fork of the rdesktop client, a Remote Desktop Protocol client, and is...
Vxscan
This is a Python script called Vxscan, which is a comprehensive scanning tool for sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning, SQL injection, and other functions. The...