Lucene search
K
GiteeMost viewed

1886 matches found

Gitee
Gitee
added 2020/02/18 11:55 p.m.6 views

Exploit for CVE-2017-0213

windows-kernel-exploits 简介 windows-kernel-exploits 漏洞列表 Security Bulletin KB Description Operating System - MS17-017 KB4013081 GDI Palette Objects Local Privilege Escalation windows 7/8 - CVE-2017-8464 LNK Remote Code Execution Vulnerability windows 10/8.1/7/2016/2010/2008 - CVE-2017-0213...

9.3CVSS8.3AI score0.90026EPSS
Exploits47
Gitee
Gitee
added 2020/02/18 11:55 p.m.6 views

Exploit for CVE-2016-0728

This repository is an offensive tool for Linux kernel exploitation. It contains exploits for various real-world kernel vulnerabilities, including CVE-2016-0728. The primary vulnerability being targeted is a REFCOUNT overflow/Use-After-Free in keyrings. The repository includes two exploit modules:...

7.8CVSS7.2AI score0.03646EPSS
Exploits14
Gitee
Gitee
added 2020/02/14 11:51 p.m.6 views

PowerTools

This repository is an offensive tool for PowerShell exploitation. It contains a collection of scripts that utilize a common pattern to host a script on a PowerShell webserver, invoke the IEX download cradle to download/execute the target code and post the results back to the server, and then...

7.2AI score
Exploits0
Gitee
Gitee
added 2020/02/10 10:6 p.m.6 views

exploit-database

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains exploits, shellcodes, and papers for various vulnerabilities in different software and systems. The exploits are categorized by operating system, software, and vulnerability...

7AI score
Exploits0
Gitee
Gitee
added 2020/01/24 12:38 p.m.6 views

XXEinjector

This is an exploit module/toolkit targeting XXE XML eXternal Entity vulnerabilities. The primary CVE ID is not explicitly stated, but the tool is designed to automate exploitation of XXE vulnerabilities using direct and out-of-band methods. The target product/service is likely web applications,...

7.9AI score
Exploits0
Gitee
Gitee
added 2020/01/22 8:8 p.m.6 views

Exploit for Improper Certificate Validation in Microsoft

PoC exploit for CVE-2020-0601, a vulnerability in the signature verification of certificates using elliptic curve cryptography ECC in Windows 10. The exploit targets the MicrosoftECCProductRootCertificateAuthority.cer, a trusted root certificate authority CA using ECC. The vulnerability allows an...

8.1CVSS8.3AI score0.89436EPSS
Exploits14
Gitee
Gitee
added 2020/01/10 1:32 a.m.6 views

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not specified, but the environments are designed to be vulnerable to various attacks. The probable entry points include docker-compose build and run commands. Notable...

7.9AI score
Exploits0
Gitee
Gitee
added 2019/12/25 8:52 a.m.6 views

Shiro-721

This is a vulnerability analysis of a Shiro RCE Remote Code Execution exploit via Padding Oracle Attack. Here's a summary of the key points: Vulnerability Overview The Shiro framework is a popular open-source security framework that provides identity, authentication, authorization, encryption, an...

7.1AI score
Exploits0
Gitee
Gitee
added 2019/12/21 10:55 a.m.6 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2017-11882 43b 原脚本来自于 https://github.com/embedi/CVE-2017-11882 109b 原脚本来自于 https://github.com/unamer/CVE-2017-11882/ (膜一波,现在unamer的代码已经可以执行shellcode了) CVE-2017-11882: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ MITRE CVE-2017-11882: https://vulners.com/cve/CVE-2017-118...

9.3CVSS7AI score0.99945EPSS
Exploits33
Gitee
Gitee
added 2019/12/20 11:44 a.m.6 views

Exploit for Out-of-bounds Write in Adobe Acrobat

How2pwn Author: Wenhuo - github仅作为仓库使用,个人新博客已迁移至:https://fandazh.cn 。老域名已关闭网站,CTF系列可能不会再更新了,现在主要更新how2CVE。...

10CVSS7.1AI score0.99966EPSS
Exploits42
Gitee
Gitee
added 2019/12/12 10:51 p.m.6 views

vulhub123

It is an offensive tool for web application security training. The target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector is not...

7.6AI score
Exploits0
Gitee
Gitee
added 2019/12/09 11:14 p.m.6 views

icsmaster

This repository, 'icsmaster', is an ICS/SCADA security resource collection. It contains various tools and scripts for identifying and exploiting vulnerabilities in industrial control systems. The repository includes a list of dorks search terms for finding vulnerable systems, as well as a...

7.1AI score
Exploits0
Gitee
Gitee
added 2019/12/03 12:2 a.m.6 views

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to be vulnerable to various attacks. The probable entry points are not specified, but the environments are likely to be...

7.3AI score
Exploits0
Gitee
Gitee
added 2019/12/02 1:26 p.m.6 views

Exploit for Use After Free in Microsoft

This is a PoC Proof of Concept exploit for CVE-2019-0708, a vulnerability in Microsoft Windows Remote Desktop Services. The repository contains a scanner that can detect if a host is vulnerable to this vulnerability by binding the MST120 channel outside of its normal slot and sending non-DoS...

10CVSS8.2AI score0.99999EPSS
Exploits123
Gitee
Gitee
added 2019/12/02 9:28 a.m.6 views

Exploit for Improper Input Validation in Microsoft

CVE-2019-0708 批量检测 0x01 前言 CVE-2019-0708 Windows RDP 远程命令执行漏洞 Windows系列服务器于2019年5月15号,被爆出高危漏洞,该漏洞影响范围较广,windows2003、windows2008、windows2008 R2、windows xp 系统都会遭到攻击,该服务器漏洞利用方式是通过远程桌面端口3389,RDP协议进行攻击的...

10CVSS7.1AI score0.99999EPSS
Exploits123
Gitee
Gitee
added 2019/11/21 12:43 p.m.6 views

POC-T

This is a Python-based penetration testing framework called POC-T. It is a concurrent framework that allows users to perform various types of attacks, including vulnerability verification, file upload, weak password cracking, and more. The framework has a modular design, with each module...

7AI score
Exploits0
Gitee
Gitee
added 2019/11/19 9:33 a.m.6 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2017-11882 43b 原脚本来自于 https://github.com/embedi/CVE-2017-11882 109b 原脚本来自于 https://github.com/unamer/CVE-2017-11882/ (膜一波,现在unamer的代码已经可以执行shellcode了) CVE-2017-11882: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ MITRE CVE-2017-11882: https://vulners.com/cve/CVE-2017-118...

9.3CVSS7AI score0.99945EPSS
Exploits33
Gitee
Gitee
added 2019/10/27 5:30 p.m.6 views

Exploit for Improper Input Validation in Microsoft

cve-2019-0604 SharePoint RCE exploit...

9.8CVSS7AI score0.99913EPSS
Exploits29
Gitee
Gitee
added 2019/10/27 5:27 p.m.6 views

Exploit for CVE-2013-0422

K8tools 20191024 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 下载: https://github.com/k8gege/K8tools PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 扫描工具 K8Cscan5.4 大型内网渗透扫描器内置28个功能,支持Cobalt Strike + 综合工具 K8飞刀Final.rar + K8data.mdb K8飞刀漏洞数据库20190402 +...

10CVSS6.5AI score0.99913EPSS
Exploits116
Gitee
Gitee
added 2019/10/16 5:5 p.m.6 views

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The target product/service or framework is docker and docker-compose. The vulnerability class/vector is not explicitly stated, but the environments are designed to be vulnerable to various attacks. The probable entry...

7.2AI score
Exploits0
Gitee
Gitee
added 2019/10/16 8:48 a.m.6 views

Exploit for OS Command Injection in Dlink Dir-655_Firmware

This is a PoC exploit for CVE-2019-16920, a vulnerability in D-Link routers. The exploit is implemented in two Python scripts: CVE-2019-16920.py and CVE-2019-16920-MassPwn3r.py. The scripts send arbitrary input to a "PingTest" device common gateway interface, which can lead to command injection a...

10CVSS8.7AI score0.99996EPSS
Exploits5
Gitee
Gitee
added 2019/10/11 12:3 a.m.6 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID is not explicitly stated, but the repository contains various vulnerable environments and exploits for different vulnerabilities, including CVE-2016-9086, CVE-2017-1000353, and CVE-2018-1000006. The...

9.8CVSS8.2AI score0.99686EPSS
Exploits53
Gitee
Gitee
added 2019/09/19 3:47 p.m.6 views

Exploit for Unrestricted Upload of File with Dangerous Type in Apache Activemq

This repository is an offensive tool for ActiveMQ. It is a proof-of-concept PoC exploit for CVE-2016-3088. The tool is designed to upload a shell to the ActiveMQ server and execute it, allowing for remote code execution. The tool is written in Python and uses the urlparse and urlunparse modules t...

9.8CVSS8.9AI score0.98518EPSS
Exploits19
Gitee
Gitee
added 2019/08/09 3:36 p.m.6 views

Exploit for Race Condition in Canonical Ubuntu_Linux

This is a PoC exploit for CVE-2016-5195, a vulnerability in the Linux kernel that allows for a local privilege escalation. The exploit is implemented in C++ and has been ported to Go and a legacy version without C++11 features. The exploit modifies the /etc/passwd file, forcing the password...

7.2CVSS7AI score0.83524EPSS
Exploits81
Gitee
Gitee
added 2019/07/19 6:50 p.m.6 views

icsmaster

This repository is an offensive tool for ICS Industrial Control Systems security research and exploitation. It contains a collection of resources, including papers, exploits, firmware, Nmap scripts, and tools, related to ICS security. The repository is maintained by GeneBlue and appears to be a...

6.9AI score
Exploits0
Gitee
Gitee
added 2019/07/17 8:59 a.m.6 views

vulhub

It is an offensive tool for Vulnerability Research. The repository, vulhub, is a collection of pre-built vulnerable environments based on Docker-Compose. It is designed to be used for vulnerability research and testing, allowing users to easily create and manage vulnerable environments without...

7.8AI score
Exploits0
Gitee
Gitee
added 2019/07/03 2:45 p.m.6 views

icsmaster

This is a collection of resources for ICS/SCADA security, including papers, exploit scripts, firmware, Nmap scripts, protocol libraries, and tools. The repository is organized into several categories, including: Papers: A collection of research papers on ICS/SCADA security, including topics such ...

7.1AI score
Exploits0
Gitee
Gitee
added 2019/05/13 10:53 a.m.6 views

ATSCAN

This is a tool called ATSCAN, a mass exploitation scanner. It is a Perl script that can be used to scan for various types of vulnerabilities, including XSS, LFI/RFI, and SQL injection. The tool can also be used to filter WordPress and Joomla sites, find admin pages, and perform other tasks. The...

8AI score
Exploits0
Gitee
Gitee
added 2019/05/06 10:2 p.m.6 views

Scanners-Box

This is a collection of open-source scanning tools and wordlists for web application security testing. The repository, Scanners-Box, is a collection of tools from various contributors, including lijiejie, ringzero, and others. The tools are categorized into subdomains, database vulnerability...

6.8AI score
Exploits0
Gitee
Gitee
added 2019/04/08 9:33 a.m.6 views

Exploit for CVE-2013-0422

K8tools 20190403 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 博客: https://www.cnblogs.com/k8gege 下载: https://github.com/k8gege/K8tools 密码: k8gege k8team K8team PS: 不定期更新,文件比较大,可按需下载。 提权工具均可在远控cmd或WebShell下运行,大部份经过修改重新编译兼容性稳定性比网上要好 综合工具 + 综合工具 K8飞刀Final.rar + K8data.mdb K8飞刀漏洞数据库20190402 + K8expList.txt K8飞刀漏洞利用列表...

10CVSS9.1AI score0.99448EPSS
Exploits97
Gitee
Gitee
added 2018/11/13 10:27 a.m.6 views

vulhub

It is an offensive tool for Web Application. The repository contains a collection of pre-built vulnerable docker environments, including a web application vulnerable to various attacks. The tool is designed to help developers and security researchers test and demonstrate the effectiveness of web...

7AI score
Exploits0
Gitee
Gitee
added 2018/08/16 6:0 p.m.6 views

PowerSploit

This is an offensive tool for Windows PowerShell exploitation. It is a collection of PowerShell scripts that can be used to exploit vulnerabilities in Windows systems. The repository contains several modules, including AntivirusBypass, CodeExecution, and others. The AntivirusBypass module contain...

7.6AI score
Exploits0
Gitee
Gitee
added 2018/07/10 5:52 p.m.6 views

exploit-database-bin-sploits

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The aim is to serve as the most...

7.8AI score
Exploits0
Gitee
Gitee
added 2017/12/04 10:30 p.m.6 views

Exploit for Race Condition in Linux Linux_Kernel

This is a PoC exploit for CVE-2017-1000405, also known as the Huge Dirty Cow vulnerability. The target product/service is the Linux kernel, and the vulnerability class/vector is a use-after-free bug in the handling of transparent huge pages. The probable entry point is the main.c file, which...

7CVSS6.5AI score0.02841EPSS
Exploits9
Gitee
Gitee
added 2017/03/24 4:7 p.m.6 views

metasploit-framework

This is the Metasploit Framework repository, a comprehensive collection of exploit modules and tools for penetration testing and vulnerability assessment. The framework is written in Ruby and is widely used by security professionals and researchers. The repository contains a large number of...

6.9AI score
Exploits0
Gitee
Gitee
added 2016/11/17 11:31 a.m.6 views

exploit-database

This is the official Exploit Database repository, a collection of public exploits and vulnerable software gathered through direct submissions, mailing lists, and other public sources. The repository is updated daily with the most recently added submissions. It includes a search utility called...

6.9AI score
Exploits0
Gitee
Gitee
added 2023/11/12 6:48 p.m.5 views

Exploit for CVE-2005-1125

PoC exploit for CVE-2005-1125. The exploit targets a vulnerability in the Libsafe library, which is a safety net for applications to prevent buffer overflows. The exploit is designed to bypass the Libsafe protection and execute arbitrary code. The repository contains a Makefile that builds the...

5.1CVSS7.8AI score0.06739EPSS
Exploits2
Gitee
Gitee
added 2023/11/05 11:41 a.m.5 views

黑客工具测试

This is an offensive tool for a comprehensive hacking toolkit. The primary vulnerability class targeted is RCE Remote Code Execution, with various tools and modules available for different attack vectors, including SQL injection, phishing, web attacks, post-exploitation, and more. The tool is...

7.9AI score
Exploits0
Gitee
Gitee
added 2023/03/09 1:44 p.m.5 views

CVEfixes-db

This repository is an offensive tool for collecting and processing CVE Common Vulnerabilities and Exposures data. It is a Python-based tool that collects CVE data from various sources, including the National Vulnerability Database NVD and GitHub, and stores it in a SQLite database. The tool is...

7.6AI score
Exploits0
Gitee
Gitee
added 2023/02/28 3:51 p.m.5 views

渗透字典

This repository is an offensive tool for Bug Bounty research and exploitation. The primary CVE ID is not explicitly mentioned, but it appears to be a collection of exploits and techniques for various vulnerabilities. The repository contains a wide range of exploits and techniques, including: 1...

6.9AI score
Exploits0
Gitee
Gitee
added 2023/01/13 5:29 p.m.5 views

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

This repository is an offensive tool for web application exploitation. The primary vulnerability targeted is CVE-2022-30525, a server-side request forgery SSRF vulnerability in a web application. The tool is designed to exploit this vulnerability by sending a specially crafted request to the targ...

10CVSS7.8AI score0.99938EPSS
Exploits27
Gitee
Gitee
added 2022/11/17 10:49 a.m.5 views

firejail

This repository is an open-source project for the Firejail tool, which is a Linux security tool that allows users to sandbox applications and restrict their access to system resources. The repository contains various files and directories related to the project, including configuration files,...

7.2AI score
Exploits0
Gitee
Gitee
added 2022/09/14 12:59 a.m.5 views

Exploit for SQL Injection in Zabbix

This is a comprehensive and well-structured vulnerability hub repository. Here's a concise analysis of the provided information: Classification: It is an offensive tool for various vulnerability exploitation and testing purposes. CVE IDs: The repository contains references to several CVE IDs,...

9.8CVSS7.1AI score0.83284EPSS
Exploits28
Gitee
Gitee
added 2022/06/20 3:19 p.m.5 views

vulhub

This repository is an open-source collection of vulnerable web applications and environments for security research and training. It is maintained by phith0n and hosted on GitHub. The repository contains a variety of vulnerable applications, including web servers, databases, and other systems, to...

7.1AI score
Exploits0
Gitee
Gitee
added 2022/05/26 5:31 a.m.5 views

vulhub

This repository is an offensive tool for web application security training and testing. It is a collection of vulnerable web applications and tools for testing and training purposes. The repository contains a variety of vulnerable applications, including web servers, databases, and other web-base...

8AI score
Exploits0
Gitee
Gitee
added 2022/05/19 10:50 a.m.5 views

exploitdb

The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...

6.7AI score
Exploits0
Gitee
Gitee
added 2022/04/24 4:27 p.m.5 views

pikachu

It is an offensive tool for web application security training. The primary CVE ID is not explicitly stated, but the tool is designed to demonstrate various web application vulnerabilities, including but not limited to: Burt Force brute force, XSS cross-site scripting, CSRF cross-site request...

6.4AI score
Exploits0
Gitee
Gitee
added 2022/04/18 5:23 p.m.5 views

vulhub

This repository is an offensive tool for web application security training and testing. It is a collection of vulnerable web applications, each designed to demonstrate a specific web application security vulnerability. The repository includes various web applications, such as CouchDB, Git, and...

7.1AI score
Exploits0
Gitee
Gitee
added 2022/04/08 11:20 a.m.5 views

Exploit for SQL Injection in Zabbix

This repository is an offensive tool for vulnerability research and exploitation. It contains a collection of vulnerable environments and exploits for various software and frameworks, including CouchDB, FFmpeg, Git, and Oracle Java. The repository is maintained by phith0n and is hosted on GitHub...

9.8CVSS7.2AI score0.83284EPSS
Exploits60
Gitee
Gitee
added 2022/01/30 10:53 a.m.5 views

redis-rce

PoC exploit for Redis RCE Remote Code Execution in Redis 4.x/5.x. The exploit is inspired by Redis post-exploitation techniques and is based on a modified version of the Redis Rogue Server. The exploit uses the RedisModules-ExecuteCommand library to load a custom Redis module, which allows for...

8.4AI score
Exploits0
Total number of security vulnerabilities1886