1886 matches found
pikachu
It is an offensive tool for web application security training. The primary CVE ID is not explicitly stated, but the tool is designed to demonstrate various web application vulnerabilities, including but not limited to: Burt Force brute force, XSS cross-site scripting, CSRF cross-site request...
vulhub
This repository is an offensive tool for web application security training and testing. It is a collection of vulnerable web applications, each designed to demonstrate a specific web application security vulnerability. The repository includes various web applications, such as CouchDB, Git, and...
Exploit for SQL Injection in Zabbix
This repository is an offensive tool for vulnerability research and exploitation. It contains a collection of vulnerable environments and exploits for various software and frameworks, including CouchDB, FFmpeg, Git, and Oracle Java. The repository is maintained by phith0n and is hosted on GitHub...
redis-rce
PoC exploit for Redis RCE Remote Code Execution in Redis 4.x/5.x. The exploit is inspired by Redis post-exploitation techniques and is based on a modified version of the Redis Rogue Server. The exploit uses the RedisModules-ExecuteCommand library to load a custom Redis module, which allows for...
pikachu
It is an offensive tool for web application security training. The primary CVE ID is not explicitly stated, but the tool includes various web application vulnerabilities such as Burt Force brute force, XSS cross-site scripting, CSRF cross-site request forgery, SQL-Inject SQL injection, RCE remote...
pikachu
It is an offensive tool for web application security training. The primary CVE ID is not explicitly mentioned, but the tool is designed to demonstrate various web security vulnerabilities, including Burt Force, XSS, CSRF, SQL-Inject, RCE, Files Inclusion, Unsafe file downloads, Unsafe file upload...
vulhub
This is an offensive tool repository for vulnerability research and testing, specifically targeting various web applications and services. The repository contains a collection of exploits, proof-of-concept PoC code, and tools for identifying and exploiting vulnerabilities in software and systems...
HikPwn
This is an offensive tool for Hikvision devices. The tool, named HikPwn, is a simple scanner written in Python 3.8 that performs basic vulnerability scanning capabilities. It was created by Ananke and is available on GitHub. The tool has several functions and characteristics, including passive an...
vulhub1
This is a repository for a project called Vulhub, which appears to be a collection of vulnerable systems and applications for testing and learning purposes. The repository contains various files and directories, including: 1. .gitattributes: A file that specifies which files should be ignored by...
Exploit for Improper Input Validation in Drupal
PoC exploit for CVE-2018-7600, a remote code execution vulnerability in Drupal. The target product/service is Drupal, and the vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the 'user/register' page, and the exploit is typically invoked by running the...
OffensiveRust
This is a collection of Rust code snippets, each implementing a different type of exploit or malicious functionality. The code is organized into several subdirectories, each containing a specific exploit or tool. Here's a summary of the code and its functionality: 1. AllocateWithSyscalls: This co...
Kunyu
This is a Python-based tool called Kunyu, which is designed for more efficient corporate asset collection and network surveying and mapping. The tool is intended for security-related practitioners to use in their work. The tool's primary function is to identify and collect information about asset...
nuclei-templates
This repository is an offensive tool for nuclei templates, which are used to find security vulnerabilities in applications. The primary CVE ID present in the context is not explicitly mentioned, but the repository contains a workflow for CVE annotation. The target product/service or framework is...
ICSwiki
This is an offensive tool for ICS Industrial Control Systems testing. It is a collection of scripts and tools for identifying and exploiting vulnerabilities in ICS protocols, specifically IEC-60870-5-104 and IEC-61850-8-1. The tool is designed to send identify requests and extract vendor name,...
aflnet
It is an offensive tool for network protocols. The primary CVE ID is not explicitly stated in the provided context, but the tool is mentioned in a research paper that was accepted for publication at the IEEE International Conference on Software Testing, Verification and Validation ICST 2020. The...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Activemq
This is a Python script for exploiting a vulnerability in Apache ActiveMQ. The script is designed to upload a shell to the server using the PUT method. The vulnerability being exploited is CVE-2016-3088. The script requires the user to provide the URL of the ActiveMQ server, the username, and the...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2017-11882 43b 原脚本来自于 https://github.com/embedi/CVE-2017-11882 109b 原脚本来自于 https://github.com/unamer/CVE-2017-11882/ (膜一波,现在unamer的代码已经可以执行shellcode了) CVE-2017-11882: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ MITRE CVE-2017-11882: https://vulners.com/cve/CVE-2017-118...
HackTools
This is a web browser extension for penetration testing, called HackTools. It is a comprehensive toolset for web application security testing, providing various features such as: Dynamic shell generation PHP, Bash, Ruby, Python, Perl, Netcat XSS payload generation Common SQL injection payloads...
PocCollect
This is a Python-based proof-of-concept POC collection repository. The repository contains a variety of POCs for different vulnerabilities, including Struts2, Heartbleed, and Java Deserialization. The POCs are designed to be used for educational purposes only and should not be used for malicious...
Exploit for Path Traversal in Apache Http_Server
CVE-2021-41773 复现 https://www.tenable.com/blog/cve-2021-41773-path-traversal-zero-day-in-apache-http-server-exploited v2.4.49 apache 独有漏洞,早期版本中并没有 apnormalizepath 这个函数,该函数是在v2.4.49版本中引入的,正是这个函数导致了 目录穿越,在 v2.4.50 被修复了 环境 https://github.com/1nhann/CVE-2021-41773 本环境中,加载了 cgi 模块: ini LoadModule...
Exploit for Path Traversal in Microsoft
This repository is an exploit module for CVE-2021-40444, a remote code execution vulnerability in Microsoft Office Word. The repository contains a Python script exploit.py that generates a malicious docx document, a Windows DLL calc.dll that pops a calc.exe when executed, and a server script...
ctf
It is an offensive tool for reverse engineering. The repository contains a binary decompiler for a "Magic Word" challenge, which appears to be a reverse engineering exercise. The code is written in C++ and utilizes the basicstring class from the C++ Standard Library. The decompiled main function ...
Red-Teaming-Toolkit
This is a collection of open source and commercial tools that aid in red team operations. The repository includes tools for reconnaissance, weaponization, delivery, command and control, lateral movement, establishing a foothold, escalating privileges, data exfiltration, and miscellaneous...
PrintNightmare
This is a PoC Proof of Concept exploit for the Print Nightmare vulnerability, which affects Windows Print Spooler service. The repository contains a Visual Studio solution file EXP/POC.sln that includes a C++ project POC with a main function. The project uses the RPC Remote Procedure Call client...
Exploit for OS Command Injection in Dlink Dir-859_Firmware
IoT-vulhub 受 Vulhub 项目的启发,希望做一个 IoT 版的固件漏洞复现环境。 安装 在 Ubuntu 20.04 下安装 docker 和 docker-compose: sh 安装 pip $ curl -s https://bootstrap.pypa.io/get-pip.py | python3 安装最新版 docker $ curl -s https://get.docker.com/ | sh 启动 docker 服务 $ systemctl start docker 安装 docker-compose $ python3 -m pip install...
Exploit for CVE-2021-1675
C and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527...
Exploit for CVE-2013-6026
PoC exploit for CVE-2013-6026 Joel's Backdoor in D-Link routers. The target product/service is D-Link routers, and the vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the administration panel of the router, which can be accessed without authentication due to t...
Exploit for CVE-2021-3129
It is an exploit module for CVE-2021-3129. The target product/service is Laravel, a PHP web framework. The vulnerability class/vector is a remote code execution RCE vulnerability. The probable entry point is the Laravel application itself, likely through a web interface. Not specified...
vulhub
This repository is an offensive tool for building vulnerable environments based on Docker-Compose. It contains a collection of vulnerable applications and services, including CouchDB, FFmpeg, Git, and Jenkins, among others. The repository is maintained by phith0n and is licensed under the MIT...
Exploit for Path Traversal in Microsoft
This repository is a proof-of-concept PoC exploit for CVE-2021-40444, a Microsoft Office Word remote code execution vulnerability. The PoC is a malicious docx generator that creates a document that, when opened, will execute arbitrary code on the victim's system. The PoC consists of several files...
Exploit for Out-of-bounds Write in Linux Linux_Kernel
PoC exploit for CVE-2021-22555, a heap out-of-bounds write affecting Linux since v2.6.19-rc1, discovered in net/netfilter/xtables.c. This allows an attacker to gain privileges or cause a DoS via heap memory corruption through user namespace. The exploit is tested on Ubuntu 5.8.0-48-generic and CO...
probench_aflnet
It is an offensive tool for network protocols. The primary CVE ID is not explicitly mentioned in the provided context; however, the tool is designed to fuzz network protocols, which may lead to the discovery of vulnerabilities. The target product/service or framework is network protocols, and the...
CDK
This is an open-sourced container penetration toolkit called CDK, designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs to help escape container and takeover K8s cluster easily. The toolkit i...
POChouse
Based on the provided context, here is a summary of the analysis: Classification: Apache Flink 1.9.x has a vulnerability that allows for arbitrary command execution and reverse shell through malicious JAR package upload. Affected Version: = 1.9.1 POC: The proof-of-concept POC code is written in...
SpringBootVulExploit
This repository is an offensive tool for exploiting Spring Boot vulnerabilities. It contains a collection of exploits and techniques for various Spring Boot versions, including: 1. Spring Boot 1.0 - 1.4: Exposes actuators by default without any parameters, making it vulnerable to RCE Remote Code...
Exploit-Writeups
The repository whuadmin/Exploit-Writeups is a collection of writeups for various CTF Capture The Flag challenges. The writeups cover a range of topics, including reverse engineering, pwnables, and cryptography. The first challenge is "crackme01" from EncryptCTF-2019, which is a reverse engineerin...
Exploit for CVE-2020-14882
CVE-2020-14882ALL CVE-2020-14882ALL综合利用工具,支持命令回显检测、批量命令回显、外置xml无回显命令执行等功能。 需要模块:requests、http.client (工具仅用于授权的安全测试,请勿用于非法使用,违规行为与作者无关。) 选项 功能一:命令回显 python3 CVE-2020-14882ALL.py -u http://1.1.1.1:7001 -c "net user" python3 CVE-2020-14882ALL.py -u http://1.1.1.1:7001 -c "whoami" 功能二:批量命令回显 python3...
vulhub
It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability is not explicitly stated, but the collection includes various vulnerable environments, such as flask/ssti, which is a vulnerable Flask web application with a Server-Side Template Injection SSTI...
impacket1472
This is a Python library called Impacket, which provides a collection of classes for working with network protocols. The library is focused on providing low-level programmatic access to the packets and for some protocols e.g. SMB1-3 and MSRPC the protocol implementation itself. The library includ...
Exploit for Unrestricted Upload of File with Dangerous Type in Pi-Hole
PoC exploit for CVE-2020-11108; an RCE and privilege escalation in Pi-hole. The exploit targets Pi-hole = 4.4 and must be run with root privileges. The primary entry point is the cve-2020-11108-rce.py script, which will give a shell as the www-data user, and the root-cve-2020-11108-rce.py script,...
vulhub
This repository is an offensive tool for vulnerability research and exploitation, specifically targeting various web applications and frameworks. The primary vulnerability class/vector targeted by this repository is not explicitly stated, but based on the code and metadata, it appears to be a...
marshalsec
This is a Java-based tool for exploiting Java object deserialization vulnerabilities, specifically targeting BlazeDS AMF Action Message Format versions 0, 3, and X. The tool, named "marshalsec," is designed to test and demonstrate the exploitation of these vulnerabilities, which can lead to remot...
POChouse
Based on the provided information, the vulnerability is a remote code execution RCE vulnerability in Apache Flink 1.9.x. The vulnerability allows an attacker to upload a malicious JAR package, which can be executed by the JobManager process, leading to RCE. The affected versions of Apache Flink a...
charlotte
This is a C++ shellcode launcher, fully undetected as of May 13th, 2021. It dynamically invokes Win32 API functions, XOR encrypts shellcode and function names, and uses random XOR keys and variables per run. The code is designed to be stealthy and difficult to detect. The code is written in C++ a...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
This is a proof-of-concept POC exploit for CVE-2020-0796, a vulnerability in the SMBv3 protocol. The exploit is implemented in Python and uses the Impacket library to interact with the SMB protocol. The exploit targets the SMBv3 protocol's signing requirement, which can be bypassed to allow for...
vulhub
This repository is an open-source collection of vulnerable web applications and environments for testing and learning purposes. It is maintained by phith0n and hosted on GitHub. The repository contains a variety of applications, including web servers, databases, and other services, that are...
pentestdb
This is an offensive tool for penetration testing. It is a Python-based tool called "pentestdb" that provides a collection of tools and resources for penetration testing, including exploit development, vulnerability scanning, and password cracking. The tool is designed to be easy to use and...
charlotte
It is an offensive tool for Windows. The repository contains a Python script, charlotte.py, which is a fully undetected shellcode launcher. The script uses XOR encryption to encrypt the shellcode and function names. The script is designed to be used with the Metasploit framework, and it can be us...
vulhub
This is a pre-built vulnerable environment based on Docker-Compose, maintained by Vulhub. The repository contains various vulnerable environments, including CouchDB, FFmpeg, Git, InfluxDB, and more. The environments are designed to be easily reproducible and can be used for testing and training...
awesome-windows-exploitation
This is a curated list of Windows exploitation resources and tools. The repository is a collection of articles, tutorials, and tools for Windows exploitation, including stack overflows, heap overflows, and kernel-based Windows overflows. The list includes resources such as articles from Phrack, a...