1886 matches found
vulhub
This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is an offensive tool for testing and practicing vulnerability exploitation. The primary vulnerability targeted by this repository is not explicitly stated, but it includes various...
Exploit for CVE-2019-1003000
PoC exploit for CVE-2019-1003000, CVE-2019-1003001, CVE-2019-1003002: Script Security, Pipeline: Groovy, Pipeline: Declarative. This PoC allows users with Overall/Read permission and Job/Configure and optional Job/Build to bypass the sandbox protection and execute arbitrary code on the Jenkins...
dedecmscan
This is a Python-based vulnerability scanner for the DedeCMS platform. The scanner is designed to identify potential vulnerabilities in the platform, including SQL injection, cross-site scripting XSS, and other types of attacks. The scanner consists of several modules, each responsible for...
Exploit for CVE-2020-14756
This is an exploit module for the CVE-2020-14756 vulnerability in Oracle WebLogic. The vulnerability allows for remote code execution RCE due to a deserialization issue in the coherence.jar library. The exploit is written in Python and uses the socket library to establish a connection to the...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
This is a proof-of-concept PoC exploit for CVE-2020-0796, also known as SMBGhost, a pre-authentication remote code execution vulnerability in Windows SMBv3. The exploit is written in Python and uses the SMB protocol to inject shellcode into the Windows kernel. The shellcode is generated from a...
JNDIExploit
JNDIExploit 一款用于 JNDI注入 利用的工具,大量参考/引用了 Rogue JNDI 项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。 使用说明 使用 java -jar JNDIExploit.jar -h 查看参数说明,其中 --ip 参数为必选参数 Usage: java -jar JNDIExploit.jar options Options: -i, --ip Local ip address -l, --ldapPort Ldap bind port default: 1389 -p,...
Exploit for Improper Input Validation in Apache Unomi
PoC exploit for CVE-2020-13942, an unauthenticated RCE vulnerability through MVEL and OGNL injection in Apache Unomi. The exploit targets the context.js/json endpoint exposed by the Unomi server, allowing an attacker to execute arbitrary OS commands. Two RCE vectors are available: MVEL injection...
Exploit for CVE-2020-14882
CVE-2020–14882 Weblogic Unauthorized bypass RCE bypass patch with CVE-2020–14882 private static final String IllegalUrl = new String";", "%252E%252E", "%2E%2E", "..", "%3C", "%3E", ""; list %252E%252E %2E%2E .. %3E %3C ; lower "%252E%252E%252F".lower '%252e%252e%252f' %252E%252E%252F to...
shellcode-x86_x64
This repository contains a collection of assembly code examples for a 64-bit Linux system, primarily focusing on basic instructions and operations. The code is written in NASM Netwide Assembler and covers various topics such as arithmetic, logical operations, string manipulation, and stack...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Advantech Webaccess
This is a proof-of-concept PoC exploit for a vulnerability in the bwconn.dll library, which is a Windows RPC client library. The vulnerability is identified as CVE-2016-0856. The PoC exploit is written in Python and uses the ctypes library to interact with the bwconn.dll library. The exploit...
Exploit for SQL Injection in Joomla Joomla\!
CyberspaceSecurityLearning 在学习CTF、网络安全路上整合博客和一些资料,持续更新 置顶tips:如果你也有自己学习路上收集的一些好资料,或者愿意展示自己的优质博客给大家欢迎fork pull request给我(联系邮箱[email protected]) 最新更新时间:2018/3/13 更新内容: 任意用户密码重置(五):重置凭证可暴破 一些有趣的代码审计“小”题目为CTF-Web-dog提供一些套路 了解SSRF,这一篇就足够了 知识技能表 知道创宇技能表 CTF练习 Writeup 这是我自己从最早入门开始练习的一些题目往下排列的,可能很多当时写的writ...
Exploit for Use After Free in Microsoft
This is a Metasploit module for exploiting the BlueKeep vulnerability CVE-2019-0708 in Microsoft Remote Desktop. The module is designed to check a range of hosts for the vulnerability by binding the MST120 channel outside of its normal slot and sending non-DoS packets which respond differently on...
Exploit for CVE-2020-16898
CVE-2020-16898 CVE-2020-16898 Windows TCP/IP远程代码执行漏洞 EXP&POC 复现 forforever:https://www.cnblogs.com/forforever/p/13846077.html poc CVE-2020-16898Checker-poc 命令: 管理员启动powershell/CMD Powershell.exe -ExecutionPolicy UnRestricted -File .\CVE-2020-16898-poc.ps1 exp cve-2020-16898-exp2...
pikachu
It is an offensive tool for web application security training. The primary CVE ID is not explicitly mentioned, but the tool is designed to simulate various web application vulnerabilities, including but not limited to, Burt Force 暴力破解漏洞, XSS 跨站脚本漏洞, CSRF 跨站请求伪造, SQL-Inject SQL注入漏洞, RCE 远程命令/代码执行,...
isf
This is an offensive tool for ICS exploitation. It is a Python-based framework for ICS exploitation, similar to Metasploit. The framework is based on the open-source project "routersploit" and is designed for exploitation of industrial control systems ICS. The tool provides a range of features,...
Exploit for CVE-2018-9995
This is a PoC exploit for CVE-2018-9995, a vulnerability in DVR systems that allows for the exposure of credentials. The exploit is written in Python and uses the requests library to send HTTP requests to the DVR system. The exploit targets various DVR systems, including Novo, CeNova, QSee, Pulni...
Exploit for Improper Input Validation in Joomla Joomla\!
CMS-Hunter 简介 Content Management System Vulnerability Hunter 说明:目前来看,本项目会进行长期维护,有修改的建议或者想法欢迎联系作者。 CMS 漏洞列表 Discuz - Discuz<3.4birthprovince前台任意文件删除 DedeCMS - DedeCMSv5.7shopsdelivery存储型XSS - DedeCMSv5.7carbuyaction存储型XSS - DedeCMSv5.7友情链接CSRFGetShell - DedeCMS V5.7 SP2后台存在代码执行漏洞 Drupal -...
Exploit for CVE-2020-16898
PoC exploit for CVE-2020-16898, a Windows TCP/IP Remote Code Execution Vulnerability. The exploit targets the Windows TCP/IP stack and uses a specially crafted IPv6 packet to trigger a buffer overflow, leading to remote code execution. The exploit is implemented in Python using the Scapy library...
ctf
This repository contains a writeup for the CSAW CTF 2015. The writeup includes descriptions of various challenges, including web, exploit, crypto, reversing, and forensics challenges. The writeup is organized into sections, with each section describing a specific challenge. The challenges include...
Exploit for Absolute Path Traversal in Rarlab Winrar
This is a PoC exploit for CVE-2018-20250. The exploit targets a vulnerability in the Microsoft Visual C++ compiler, specifically in the way it handles certain types of code. The vulnerability allows for arbitrary code execution. The exploit is likely to be used to demonstrate the vulnerability an...
Exploit for SQL Injection in Drupal
vulnerability-list 常见漏洞快速检测,目前包含以下漏洞。 Tomcat: - CVE201712615 / CVE201712617 - tomcatweakpassword - examplevulnerability检测tomcat的examples等目录是否存在 moon.py -u tomcat http://xx.xx.xx.xx:xxxx Fckeditor - 获取版本及常见上传页面检测 - fck moon.py -u fck http://xx.xx.xx.xx/fckxx Weblogic - CVE201710271...
Exploit for CVE-2018-2894
Weblogic任意文件上传漏洞(CVE-2018-2894) 最近大家都在说这个漏洞,大家都注意到config.do这里发生了问题,但是其实根据 https://mp.weixin.qq.com/s/y5JGmM-aNaHcs6P9a-gRQ 这里的信息,begin.do也是有问题。少扯淡,下面给出具体利用方法: 问题就出现下下面这个页面。 上传时候,修改name的值就可以了 避免大家麻烦,给出来: /../../../../../../wlserver/server/lib/consoleapp/webapp/framework/skins/wlsconsole/images/ 然后...
Exploit for CVE-2018-2894
CVE-2018-2894 CVE-2018-2894 WebLogic 未授权访问致任意文件上传/RCE漏洞 检查脚本...
Exploit for Deserialization of Untrusted Data in Redhat Jboss_Enterprise_Application_Platform
This is a PoC exploit for CVE-2017-12149, a remote code execution vulnerability in JBoss. The exploit is written in Python and uses the requests library to send a crafted request to the target JBoss server. The exploit payload is encoded in hexadecimal and is injected into the request as a crafte...
Exploit for CVE-2014-7911
This is a local root exploit for Nexus5 Android 4.4.4KTU84P. The exploit is based on the CVE-2014-7911 vulnerability, which is a privilege escalation vulnerability in the Android operating system. The exploit is designed to gain root access on the device. The exploit is implemented in Java and us...
ios-resources
PoC exploit for iOS device. The primary CVE ID is not explicitly mentioned, but the repository contains resources for iOS hacking, including ARMv8 instruction set documentation and assembly language crash course. The target product/service is the iOS operating system, and the vulnerability...
isf
This is an offensive tool for ICS exploitation. It is a Python-based framework for exploiting Industrial Control Systems ICS, similar to Metasploit. The framework, known as ICSSploit, is a fork of the routersploit project and is designed for ICS exploitation. It includes various modules for...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Google Android
This repository is a proof-of-concept PoC exploit for CVE-2017-0474. The exploit targets a vulnerability in the Windows SMBv1 protocol, which allows an attacker to execute arbitrary code on a vulnerable system. The exploit is written in Python and uses the Metasploit framework to deliver the...
Vxscan
This is a Python script for a comprehensive scanning tool called Vxscan. The tool is designed to perform various scans on a target, including sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password...
Pocsuite
This project, Pocsuite, is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec Security Team. It comes with a powerful proof-of-concept engine and many niche features for penetration testers and security researchers. The framework...
pocsuite3-1
This is a PoC Proof of Concept framework for vulnerability testing and penetration testing, developed by the Knownsec 404 Team. The framework is called pocsuite3. The framework has a powerful proof-of-concept engine and many features for penetration testers and security researchers. It supports...
Vxscan
This is a Python-based comprehensive scanning tool called Vxscan, which is used for sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning, SQL injection, and other functions. The...
Exploit for Observable Discrepancy in Linux Linux_Kernel
PoC exploit for CVE-2021-34556 This repository contains a proof-of-concept exploit for a vulnerability in a specific product/service. The exploit targets a vulnerability in the product's framework, allowing for remote code execution. Exploit module/toolkit targeting The exploit module targets a...
PowerSploit
This is a PowerShell post-exploitation framework called PowerSploit. It is a collection of PowerShell scripts that can be used to perform various malicious activities, such as code execution, DLL injection, and reflective PE injection. The framework is designed to be portable and can be used on...
Exploit for Improper Input Validation in Jenkins
hackUtils It is a hack tool kit for pentest and web security research, which is based on BeautifulSoup bs4 module http://www.crummy.com/software/BeautifulSoup/bs4/. Usage: hackUtils.py options Options: -h, --help Show basic help message and exit -b keyword, --baidu=keyword Fetch URLs from Baidu...
Exploit for Improper Resource Shutdown or Release in Microsoft
Web-Security-Note Record some common Web security sites 由于平常读过的文章以及遇到的比较好的开源项目都被渐渐遗忘了,所以利用这个项目来记录一下,以便查阅。 目录: - CTF - Online-Tools - 漏洞环境 - 信息搜集 - 工具 - 面经 - BypassWAF - WEB安全 - 漏洞挖掘 - 渗透测试 - 内网渗透 - 扫描器开发 - 开发 - 运维 CTF + CTF Time + Pwnhub + CTF论剑场 + 南京邮电大学CTF平台 + Whale CTF + JarvisOJ + Hackme CTF ...
Vulmap
This is an open-source online local vulnerability scanner project called Vulmap. It consists of online local vulnerability scanning programs for Windows and Linux operating systems. The project is designed to scan installed software on the host, query the Vulmon API for vulnerabilities, and print...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab
It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID present in the provided context is CVE-2016-9086. The target product/service or framework is GitLab. The vulnerability class/vector is not explicitly stated, but it is likely related to the mentioned...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab
It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID present in the context is CVE-2016-9086. The target product/service or framework is GitLab. The vulnerability class/vector is not explicitly stated, but the context suggests it is related to a GitLab...
Exploit for Cross-site Scripting in Google Chrome
It is an exploit module for CVE-2017-5124, a Chrome UXSS vulnerability. The target product/service is Google Chrome, and the vulnerability class/vector is User Interface UI Scripting UXSS. The probable entry point is the PoC.mht file, which is a MHTML file containing a malicious XML stylesheet th...
Exploit for CVE-2020-2551
CVE-2020-2551 Weblogic IIOP 反序列化 测试环境 Weblogic10.3.6+jdk1.6 打包好的jar包 提取码:a6ob 漏洞利用 下载jar包,然后使用marshalsec起一个恶意的RMI服务,本地编译一个exp.java java package payload; import java.io.IOException; public class exp public exp String cmd = "curl http://172.16.1.1/success"; try...
shadowbroker
This repository, xftx/shadowbroker, contains a collection of exploits and tools leaked by the Shadow Brokers. The repository includes a README.md file that provides information on the contents of the repository, including the exploits and tools it contains. The exploits and tools are organized in...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796 PoC aka CoronaBlue aka SMBGhost is a proof-of-concept exploit for a bug in Windows 10 1903/1909's new SMB3 compression capability. The bug is caused by a lack of bounds checking in the offset size of the SMB2CompressionTransformHeader, which can lead to a buffer overflow and crash t...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
PoC exploit for CVE-2020-0796 - SMBv3 RCE. The target product/service is SMB Server Message Block protocol, specifically SMBv3. The vulnerability class/vector is Remote Code Execution RCE. The probable entry point is the scanner.py script, which sends a specially crafted SMB negotiate request to...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796 Windows SMBv3 LPE Exploit Authors Daniel García Gutiérrez @danigargu Manuel Blanco Parajón @dialluvioso Exploit analysis POC Analysis by SungLin Knownsec 404 Team Writeup+PoC by @ZecOps References https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796...
Exploit for Code Injection in Apache Solr
This is a PoC exploit for CVE-2019-0193, a vulnerability in the Windows operating system. The exploit is written in C and uses the Metasploit framework to target the Windows kernel. The exploit code is not provided, but it is likely that it uses a buffer overflow vulnerability to execute arbitrar...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
This repository is an exploit module for CVE-2020-0796, a Windows SMBv3 LPE Local Privilege Escalation vulnerability. The exploit is written in C++ and utilizes the Windows API to achieve privilege escalation. The exploit targets the SMBv3 server on a Windows system and exploits a vulnerability i...
kernel_exploit_series
This is a collection of files related to a vulnerable driver, specifically targeting the Linux kernel. The files are part of a repository called "povcfe/kernelexploitseries". The files include: 1. 1-heapsprayUAF/easyuaf.c: This file appears to be a simple example of a heap spray vulnerability,...
exploitdb
The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...
vmware_escape
This is an exploit module for VMware Workstation prior to version 12.5.5. The exploit targets a vulnerability in the way VMware handles certain types of memory access, allowing an attacker to execute arbitrary code on the host system. The exploit is designed to be used by an attacker who has gain...