Lucene search
K
GiteeMost viewed

1886 matches found

Gitee
Gitee
added 2019/07/02 8:39 p.m.5 views

pwn_step_in

This is a collection of C code and Python scripts that demonstrate various heap exploitation techniques. The code is organized into several directories, each containing a specific example. The "heap" directory contains a C program called "forceofhouse" that demonstrates a heap overflow...

7.6AI score
Exploits0
Gitee
Gitee
added 2019/05/19 10:44 a.m.5 views

Exploit for Improper Input Validation in Redhat Openshift

This is a pre-built vulnerable environment based on Docker-Compose, provided by the Vulhub project. The project is designed to help users learn about vulnerabilities and improve their defensive skills. The repository contains a collection of vulnerable environments, each with its own Docker-Compo...

9.8CVSS7AI score0.38191EPSS
Exploits4
Gitee
Gitee
added 2019/05/10 12:36 p.m.5 views

Pocsuite

This is an open-sourced remote vulnerability testing framework developed by the Knownsec Security Team. It is a Python-based framework that supports both Python and JSON formats for proof-of-concept PoC development. The framework provides a powerful proof-of-concept engine and various niche...

7AI score
Exploits0
Gitee
Gitee
added 2019/02/05 7:21 p.m.5 views

exploit

This is an offensive tool for Exploits & Shellcodes. It is a repository of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The repository is a collection of exploits, shellcodes, and papers gathered through direct...

7AI score
Exploits0
Gitee
Gitee
added 2019/01/17 3:39 p.m.5 views

exploitdbddd

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit Database is an...

7.2AI score
Exploits0
Gitee
Gitee
added 2018/10/04 10:50 p.m.5 views

exploitdb-bin-sploits

This repository is an official collection of exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. It is a valuable resource for those who need actionable data right away. The repository is updated daily with the most recently adde...

7.6AI score
Exploits0
Gitee
Gitee
added 2018/08/06 10:51 a.m.5 views

maltrail

Maltrail is a malicious traffic detection system that utilizes publicly available blacklists containing malicious and/or generally suspicious trails. It can detect various types of malicious activity, including domain name, URL, IP address, and HTTP User-Agent header value. Maltrail also uses...

7AI score
Exploits0
Gitee
Gitee
added 2018/07/21 12:40 p.m.5 views

2016PilotOneClick

This is a collection of utilities and scripts to gain root access on a 2016 model Honda Pilot head unit and simplify the installation of third-party non-Honda apps. The scripts implement a dirtyCOW exploit to gain root access and use a bash script to automate the installation process. The scripts...

7.2AI score
Exploits0
Gitee
Gitee
added 2016/07/18 6:34 p.m.5 views

penetration

相信很多小伙伴都知道XSS测试,至于如何更加有效地插入载荷是一件重复性的高强度劳动工作, 在此本文介绍了一款自动进行插入XSS,并且可以自定义攻击载荷。 这些载荷从几十条到几百条甚至几千条。该脚本也同时包含了一些绕过各种WAF的语句。 0×01 BruteXSS BruteXSS是一个非常强大和快速的跨站点脚本暴力注入。它用于暴力注入一个参数。 该BruteXSS从指定的词库加载多种有效载荷进行注入并且使用指定的载荷和扫描检查这些参数很容易受到XSS漏洞。 得益于非常强大的扫描功能。在执行任务时,BruteXSS是非常准确而且极少误报。...

6AI score
Exploits0
Gitee
Gitee
added 2024/03/05 12:45 p.m.4 views

metasploit-framework

This is the Metasploit Framework repository, a comprehensive collection of tools and resources for penetration testing and vulnerability assessment. The repository is maintained by Rapid7 and is used by security professionals to identify and exploit vulnerabilities in computer systems and network...

7.1AI score
Exploits0
Gitee
Gitee
added 2023/12/22 10:2 p.m.4 views

Exploit for Expression Language Injection in Vmware Spring_Cloud_Gateway

开源工具 SpringBoot-Scan 的GUI图形化版本,对你有用的话麻烦点个Star哈哈 注意:本工具内置相关漏洞的Exp,杀软报毒属于正常现象! 新版本工具使用 python3 main.py VulHub 漏洞测试环境搭建 git clone https://github.com/vulhub/vulhub.git 安装Docker环境 sudo apt-get install docker.io sudo apt install docker-compose 搭建CVE-2022-22965 cd /vulhub/CVE-2022-22965 sudo...

10CVSS8.3AI score0.99939EPSS
Exploits183
Gitee
Gitee
added 2023/08/04 2:53 p.m.4 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

水泽-信息收集自动化工具 郑重声明:文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用,任何人不得将其用于非法用途以及盈利等目的,否则后果自行承担。 0x01 介绍 作者:Ske 团队:0x727,未来一段时间将陆续开源工具,地址:https://github.com/0x727 定位:协助红队人员快速的信息收集,测绘目标资产,寻找薄弱点 语言:python3开发 功能:一条龙服务,只需要输入根域名即可全方位收集相关资产,并检测漏洞。也可以输入多个域名、C段IP等,具体案例见下文。...

9.8CVSS8.9AI score0.99999EPSS
Exploits45
Gitee
Gitee
added 2023/03/20 3:31 p.m.4 views

vulhub

This repository is an offensive tool for a variety of areas, including web application security, container security, and more. It contains a collection of vulnerable environments and tools for testing and learning about various security vulnerabilities. The repository includes a range of tools an...

7.7AI score
Exploits0
Gitee
Gitee
added 2023/03/17 1:53 a.m.4 views

cyber-range-scenarios

This repository is an offensive tool for cloud-based cyber ranges, specifically for training scenarios. It contains a collection of scripts and configurations for simulating various cyber attacks and vulnerabilities, including Shell Shock and libfutex privilege escalation. The repository uses...

8AI score
Exploits0
Gitee
Gitee
added 2022/10/10 10:55 p.m.4 views

pocsuite3_pocs

一些pocsuite3的脚本 shirokeybrute 把ShiroAttack2的检测和爆破key逻辑抠出来。用于批量测试shiro key是否可爆破。 使用步骤: 1.把shirokeys.txt放入pocsuite3\data目录 2.修改pocsuite3\lib\core\common.py setpaths函数中添加paths.SHIROKEYS = os.path.joinpaths.POCSUITEDATAPATH, "shirokeys.txt" 2.2或者直接修改poc中getwordlist函数所打开的文件地址 cve20220540 jira越权...

7.2AI score
Exploits0
Gitee
Gitee
added 2022/09/02 10:48 p.m.4 views

面向嵌入式设备的典型pwn漏洞检测与利用系统

This is a PoC exploit for various router vulnerabilities. The repository contains multiple modules for different router types, including D-Link, Huawei, Netcore, and TP-Link. Each module is designed to exploit a specific vulnerability in the corresponding router model. The modules are written in...

7.8AI score
Exploits0
Gitee
Gitee
added 2022/08/30 11:27 a.m.4 views

frankenstein

This is a Python-based framework called Frankenstein, designed to provide a virtual environment for fuzzing wireless firmwares. The framework is currently optimized for the CYW20735 Bluetooth evaluation board but also supports the CYW20819A1 evaluation board. The framework allows users to attach ...

7.2AI score
Exploits0
Gitee
Gitee
added 2022/08/25 9:11 p.m.4 views

Exploit for CVE-2022-21907

CVE-2022-21907 使用说明 git clone https://gitee.com/lutixiaya/cve-2022-21907.git pip install -r requirements.txt 修改py脚本中的ip地址 python CVE-2022-21907.py...

10CVSS9.7AI score0.9279EPSS
Exploits21
Gitee
Gitee
added 2022/06/15 5:15 p.m.4 views

vulhub

This is an open-source vulnerability training platform. It is a collection of vulnerable environments for training and testing purposes, allowing users to practice their penetration testing and vulnerability assessment skills in a safe and controlled environment. The platform is maintained by the...

6.9AI score
Exploits0
Gitee
Gitee
added 2022/04/22 4:10 p.m.4 views

afrog

PoC exploit for CNVD-2021-09650, a vulnerability in the 锐捷网络股份有限公司NBR路由器EWEB网管系统. The exploit targets the system's web interface, allowing an attacker to gain unauthorized access. The vulnerability is a high-severity issue, and the exploit demonstrates how an attacker can bypass authentication an...

7.2AI score
Exploits0
Gitee
Gitee
added 2022/04/07 10:22 a.m.4 views

exploitdb

This is an offensive tool for Exploits. It is a repository of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The repository contains a collection of exploits for various operating systems and software, including AIX,...

7AI score
Exploits0
Gitee
Gitee
added 2022/04/07 10:8 a.m.4 views

Exploit for SQL Injection in Zabbix

This repository is an offensive tool for cybersecurity training and education, specifically targeting various vulnerabilities in software and systems. It contains a collection of exploits, tools, and examples for learning and practicing cybersecurity skills. The primary vulnerability targeted by...

9.8CVSS8.1AI score0.83284EPSS
Exploits28
Gitee
Gitee
added 2022/02/20 5:49 p.m.4 views

nuclei-templates

This repository is a collection of templates for the nuclei engine, a tool used to find security vulnerabilities in applications. The templates are used to identify potential vulnerabilities and are contributed by both the project's team and the community. The repository contains various template...

8.1AI score
Exploits0
Gitee
Gitee
added 2022/02/17 3:37 p.m.4 views

vulhub

This repository is an open-source project for vulnerability research and training, maintained by phith0n. It contains a collection of vulnerable environments and tools for testing and learning about various security vulnerabilities. The repository is hosted on GitHub and has a community-driven...

7AI score
Exploits0
Gitee
Gitee
added 2022/02/17 9:50 a.m.4 views

poc-hub

0x01-免责声明 该项目仅供授权下使用,禁止使用该项目进行违法操作,否则自行承担后果,请各位遵守《中华人民共和国网络安全法》!!! 0x02-项目介绍 专注于漏洞复现,不含漏洞分析 2021/12/13 有感于漏洞之多,复现不过来,故选择投身xray和goby两大阵营,与其自己一个一个复现漏洞,不如提交几个漏洞获取xray高级版和goby红队版,直接享用里面的poc库...

7.1AI score
Exploits0
Gitee
Gitee
added 2022/02/16 10:11 a.m.4 views

vulhub

This is a pre-built vulnerable environment based on Docker-Compose, maintained by the Vulhub project. The repository contains a collection of vulnerable applications and services, including CouchDB, FFmpeg, Git, and more, which can be used for testing and training purposes. The environment is...

8AI score
Exploits0
Gitee
Gitee
added 2022/02/15 4:4 p.m.4 views

SpoolFool

This is a code analysis of the AddUser repository. Classification: Exploit module/toolkit targeting Windows systems. Primary CVE ID: Not explicitly stated, but the code appears to be related to the exploitation of a vulnerability in the Windows NetAPI32 library. Target product/service: Windows...

7.7AI score
Exploits0
Gitee
Gitee
added 2022/01/27 10:29 a.m.4 views

nuclei-templates

This is a GitHub repository for a community-curated list of templates for the Nuclei engine to find security vulnerabilities in applications. The repository contains various templates for the Nuclei scanner, which powers the actual scanning engine. The templates are provided by the project's team...

7.2AI score
Exploits0
Gitee
Gitee
added 2022/01/25 4:48 p.m.5 views

CTF-All-In-One

This is a comprehensive guide to CTF Capture The Flag competitions, specifically focusing on the Pwn binary exploitation aspect. The book is written by Yang Cheng, a member of L-Team, and is intended for beginners. It covers the basics of binary exploitation, including memory management, buffer...

7.2AI score
Exploits0
Gitee
Gitee
added 2022/01/06 7:41 p.m.4 views

pikachu

It is an offensive tool for web application security training. The primary CVE ID is not explicitly mentioned, but the tool is designed to simulate various web application vulnerabilities, including but not limited to: Burt Force brute force, XSS cross-site scripting, CSRF cross-site request...

6.4AI score
Exploits0
Gitee
Gitee
added 2021/12/27 4:5 p.m.4 views

vulhub

This repository is an offensive tool for vulnerability research and exploitation, specifically targeting various web applications and services. It contains a collection of exploits and tools for identifying and exploiting vulnerabilities in software and systems. The repository includes a variety ...

8.2AI score
Exploits0
Gitee
Gitee
added 2021/12/27 11:8 a.m.4 views

PayloadsAllTheThings

It is an offensive tool for general-purpose payloads. The repository contains a list of supported funding platforms, including GitHub Sponsors, Ko-fi, and Buy Me a Coffee. The primary funding platform mentioned is GitHub Sponsors, with the username swisskyrepo. No specific exploit or vulnerabilit...

6.9AI score
Exploits0
Gitee
Gitee
added 2021/12/20 7:29 p.m.4 views

Exploit for Off-by-one Error in Sudo_Project Sudo

This is a PoC exploit for CVE-2021-3156, a sudo vulnerability dubbed Baron Samedit. The exploit is designed to achieve single-shot access to the system, without modifying system files. It is written in C and uses a heap overflow technique to bypass security restrictions. The exploit is typically...

7.8CVSS7.7AI score0.99295EPSS
Exploits81
Gitee
Gitee
added 2021/12/08 6:30 p.m.4 views

nuclei-templates

This is a GitHub repository for a community-driven project called "Nuclei Templates". The project provides a collection of templates for the Nuclei engine to find security vulnerabilities in applications. The repository contains various files and workflows for managing and updating the templates,...

7.1AI score
Exploits0
Gitee
Gitee
added 2021/11/29 11:7 p.m.4 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Artifex Gsview

PoC exploit for CVE-2017-14947, an RCE vulnerability in Redis 4.x/5.x. The target product/service is Redis, and the vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the RedisModules module, and the execution context is a Python script redis-rce.py that is...

7.8CVSS7.3AI score0.01233EPSS
Exploits3
Gitee
Gitee
added 2021/11/18 8:27 a.m.4 views

Web-Attack-Cheat-Sheet

It is an offensive tool for web application security testing. The repository contains a comprehensive web attack cheat sheet, covering various techniques for discovering, enumerating, scanning, and monitoring web applications. The tool covers topics such as IP and subdomain enumeration, cache and...

6.9AI score
Exploits0
Gitee
Gitee
added 2021/11/13 2:44 p.m.4 views

Exploit for SQL Injection in Zabbix

This is an offensive tool repository for Vulhub, a web application vulnerability training platform. The repository contains various tools and exploits for testing and demonstrating vulnerabilities in different web applications and frameworks. The primary classification of this repository is: "It ...

9.8CVSS7.2AI score0.99686EPSS
Exploits74
Gitee
Gitee
added 2021/11/13 8:27 a.m.4 views

Exploit for Argument Injection in Phpmailer_Project Phpmailer

This is a Python script that exploits a vulnerability in PHPMailer version 5.2.18. The script is designed to be run on a vulnerable environment, and it will spawn a vulnerable web application on the host on port 8080. The exploit will drop a shell where commands can be sent to the backdoor. The...

7AI score
Exploits0
Gitee
Gitee
added 2021/10/22 2:57 p.m.4 views

vulhub

This is an open-source collection of vulnerable web applications and environments for testing and learning purposes. It is a community-driven project that aims to provide a safe and controlled environment for users to practice and improve their skills in web application security. The repository...

7.4AI score
Exploits0
Gitee
Gitee
added 2021/10/21 3:11 p.m.4 views

Exploit for CVE-2021-417731

No description...

7AI score
Exploits0
Gitee
Gitee
added 2021/10/19 4:45 p.m.4 views

marshalsec

This repository is an offensive tool for Java deserialization exploitation. It is a Java-based tool that exploits Java object deserialization vulnerabilities, which can lead to remote code execution RCE and other security issues. The tool includes payload generators for various Java marshalling...

8.3AI score
Exploits0
Gitee
Gitee
added 2021/10/17 12:0 a.m.4 views

MS17-011

This is a repository for exploiting the MS17-010 vulnerability in Windows SMB. The repository contains various proof-of-concept PoC exploits and tools for exploiting this vulnerability. The MS17-010 vulnerability is a remote code execution vulnerability in the Windows SMB service. It allows an...

8.7AI score
Exploits0
Gitee
Gitee
added 2021/10/17 12:0 a.m.4 views

pentest-wiki

This repository is an information gathering library for penetration testers and researchers, providing a collection of tools and documentation for gathering information about a target organization. The library includes tools for DNS enumeration, whois searches, and Linux system architecture and...

6.9AI score
Exploits0
Gitee
Gitee
added 2021/10/17 12:0 a.m.4 views

PayloadsAllTheThings

It is an offensive tool for Web Application Security and Pentest/CTF. This repository contains a list of useful payloads and bypass techniques for web application security and penetration testing/CTF. The payloads are likely used to exploit vulnerabilities and bypass security measures. Not...

7AI score
Exploits0
Gitee
Gitee
added 2021/10/16 8:42 p.m.4 views

jexboss

This is an offensive tool for Java Deserialization Vulnerabilities. The tool is called JexBoss and is used to verify and exploit vulnerabilities in JBoss Application Server and other Java platforms, frameworks, and applications. The tool is written in Python and has a command-line interface. It c...

7.4AI score
Exploits0
Gitee
Gitee
added 2021/10/14 3:0 p.m.4 views

nightmare

This is a course on binary exploitation and reverse engineering, specifically targeting Linux systems. The course is designed to be a comprehensive guide to learning binary exploitation and reverse engineering, with a focus on hands-on exercises and real-world examples. The course covers a range ...

7.5AI score
Exploits0
Gitee
Gitee
added 2021/10/09 4:3 p.m.4 views

exploitdb

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit Database is a...

6.9AI score
Exploits0
Gitee
Gitee
added 2021/10/09 3:37 p.m.4 views

Exploit for Path Traversal in Apache Http_Server

No description...

7.5CVSS9.2AI score0.99992EPSS
Exploits149
Gitee
Gitee
added 2021/09/29 10:40 p.m.4 views

Exploit for CVE-2015-2365

This repository contains a collection of proof-of-concept PoC exploits and tools for various vulnerabilities, including CVE-2015-2365, CVE-2015-2366, and CVE-2015-2507. The exploits are written in C and use assembly code to manipulate system calls and memory. CVE-2015-2365 is a vulnerability in t...

7.2CVSS7.3AI score0.03723EPSS
Exploits2
Gitee
Gitee
added 2021/09/25 3:23 p.m.4 views

PayloadsAllTheThings

It is an offensive tool for general use. This repository contains a collection of payloads, likely for testing and exploitation purposes. The payloads are not explicitly described, but the repository's funding model suggests it may be used for offensive security research. The repository includes ...

7AI score
Exploits0
Total number of security vulnerabilities1886