1886 matches found
Exploit for Improper Input Validation in Microsoft
This is a PoC Proof of Concept exploit for CVE-2020-1350, also known as SigRed. The exploit is designed to target DNS servers and allows for remote code execution. The exploit is written in Python and consists of several files: configure.py: This script is used to set up the payload and Apache HT...
Exploit for CVE-2021-1675
No description...
Exploit for Improper Authentication in Apache Shiro
Apache Shiro 两种姿势绕过认证分析(CVE-2020-17523) 0x01 漏洞描述 Apache Shiro是一个强大且易用的Java安全框架,执行身份验证、授权、密码和会话管理。使用Shiro的易于理解的API,您可以快速、轻松地获得任何应用程序,从最小的移动应用程序到最大的网络和企业应用程序。 当它和 Spring 结合使用时,在一定权限匹配规则下,攻击者可通过构造特殊的 HTTP 请求包完成身份认证绕过。 影响范围:Apache Shiro / | | 双反斜杠处理成反斜杠 | // - / | | 以/.或者/..结尾,则在结尾添加/ | /. - /./ /.....
vulhub
This repository is an offensive tool for creating vulnerable environments based on Docker-Compose. It is a pre-built collection of vulnerable environments for testing and practicing defensive security skills. The repository contains various vulnerable environments, including CouchDB, FFmpeg, Git,...
vulhub
This repository is an offensive tool for vulnerability research and exploitation. It contains a collection of vulnerable applications and services, along with proof-of-concept PoC exploits and tools for exploiting them. The repository is maintained by phith0n and is available on GitHub. The...
Dictionary-Of-Pentesting
This repository is an offensive tool for Bug Bounty and penetration testing, specifically targeting WordPress and other web applications. It contains a collection of exploits and techniques for bypassing security measures, including account takeover, cross-site scripting XSS, denial of service Do...
Vxscan
This is a Python-based comprehensive scanning tool called Vxscan. It is designed to perform various types of scans, including sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning...
PayloadsAllTheThings
This repository is an offensive tool for Web Application Security and Pentest/CTF. It contains a list of useful payloads and bypass for various web application security vulnerabilities and penetration testing. The repository includes tools and exploits for vulnerabilities such as CRLF injection,...
edusrc_POC
This repository contains a collection of Python scripts, each designed to exploit vulnerabilities in various web applications. The scripts are written in Chinese and appear to be intended for use on Chinese-language systems. The scripts are categorized into several groups, each targeting a specif...
metasploit-framework
This repository is an offensive tool for Metasploit Framework. The Metasploit Framework is a powerful tool for penetration testing and vulnerability assessment. It provides a comprehensive platform for identifying and exploiting vulnerabilities in various systems and applications. The framework...
Exploit for CVE-2016-6700
PoC exploit for CVE-2016-6700 and CVE-2016-6702 vulnerabilities in libzipfile and libjpeg respectively. The exploits target Android versions 4.4.4, 5.0.2, and 5.1.1. The vulnerabilities occur due to missing bounds checks in libzipfile and an integer overflow in libjpeg. The exploits can be...
EQGRP
This is a repository containing the decrypted content of eqgrp-auction-file.tar.xz. The repository appears to be a Linux binary repository, containing ELF files for 7z, 7za, and 7z.so. The ELF files are likely related to the 7-Zip file archiver. The repository does not contain any obvious...
Exploit for Off-by-one Error in Sudo_Project Sudo
This is a PoC exploit for CVE-2021-3156, a sudo vulnerability dubbed Baron Samedit by Qualys. The exploit targets the heap overflow vulnerability in sudo, aiming for singleshot execution. It does not modify system files and comes with no warranties. The exploit is designed to be used in manual...
monkey
This is a Python script repository for a tool called "Infection Monkey". The tool is designed to simulate a cyber attack on a network by injecting malware into the network and observing the behavior of the malware as it spreads. The script is written in Python and uses the "monkey" framework to...
Exploit for Use After Free in Microsoft
CVE-2021-31166 is a remote code execution vulnerability in the HTTP protocol stack. It is a use-after-free dereference bug in the http!UlpParseContentCoding function. The bug occurs when the function appends items to a local list and then moves it into the Request structure without NULLing out th...
vulhub
This repository is an open-source collection of pre-built vulnerable Docker environments, known as Vulhub. It is an offensive tool for testing and demonstrating vulnerabilities in various software and systems. The primary vulnerability class/vector targeted by Vulhub is not explicitly stated, but...
Exploit for SQL Injection in Zabbix
This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is a collection of vulnerable environments, not a single exploit or tool. The repository contains various vulnerable environments, including CouchDB, ffmpeg, git, and influxdb, among...
Exploit for CVE-2020-14882
CVE-2020-14882 is a vulnerability in Oracle WebLogic Server. The vulnerability allows for unauthorized access and remote code execution. The vulnerability is caused by a flaw in the way the server handles certain types of requests, which can be exploited by an attacker to gain access to sensitive...
Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server
gofor 一款集漏洞探测、攻击,Session会话,蜜罐识别等功能于一身的软件,基于go-micro微服务框架并对外提供统一HTTP API网关接口服务 HTTP API Gateway shell ./api-srv Service InstallOptional Exploit ./srv-exploit Webshell webshell ./srv-webshell Example ThinkPHP5.0.20 RCE 攻击例子 shell curl -H "Content-Type:application/json;charset=utf-8" -X POST -d...
Exploit for Use After Free in Debian Debian_Linux
This is a PoC exploit for CVE-2013-2857, a use-after-free vulnerability in the 3DS browser. The exploit is implemented in JavaScript and uses the UaF3 function to create a use-after-free condition, leading to a crash. The exploit is designed to be used on the 3DS browser, specifically on firmware...
Exploit for Out-of-bounds Write in Microsoft
PoC exploit for CVE-2021-1732. This repository contains a proof-of-concept exploit for a vulnerability in Microsoft Visual Studio. The target is the Visual Studio 2013 solution file format, specifically the ExploitTest.sln file. The vulnerability class is not explicitly stated, but based on the...
Exploit for Cross-site Scripting in Tastyigniter
PoC exploit for CVE-2021-38699. The target product/service is Java, and the vulnerability class/vector is XXE XML External Entity injection. The probable entry point is the XXEinjector.rb script, which is a Ruby script that automates the exploitation of XXE vulnerabilities using direct and out of...
glimmer_pocs
This is a proof-of-concept PoC repository for the tool "glimmer". The repository contains various PoCs for different types of vulnerabilities and information disclosure. The PoCs are implemented as Python scripts, each targeting a specific vulnerability or information disclosure. The PoCs are...
vulhub
This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is an offensive tool for various areas, including web application security, penetration testing, and vulnerability research. The primary purpose of Vulhub is to provide a convenient and...
vulhub
This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary vulnerability is not specified, but the repository contains various vulnerable environments, including ones for CouchDB, FFmpeg, Git, InfluxDB,...
awesome-virtualization
It is an offensive tool for virtualization. The repository contains a curated list of awesome resources about virtualization, including books, courses, and papers on the topic. The resources cover various aspects of virtualization, including software and hardware techniques, virtual machine...
vulhub
This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is an offensive tool for testing and demonstrating vulnerabilities in various software and systems. The primary purpose of Vulhub is to provide a simple and easy-to-use platform f...
Exploit for Improper Input Validation in Google Chrome
PoC exploit for CVE-2020-16040, an out-of-bounds read vulnerability in the WebAssembly WASM module. The exploit targets the WASM module, which is loaded into a WebAssembly instance. The vulnerability allows an attacker to read arbitrary memory locations by crafting a malicious WASM module. The...
vulhub
This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary vulnerability class is not specified, but the repository contains various vulnerable environments, including web applications, databases, and...
PayloadsAllTheThings
It is an offensive tool for general-purpose. This repository contains a collection of payloads, likely for testing and exploitation purposes. The primary CVE ID is not explicitly mentioned, but the repository is likely related to various vulnerabilities. The target product/service or framework is...
exploitdb
This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains exploits, shellcodes, and papers for various vulnerabilities. The exploits are categorized by operating system, and the shellcodes are categorized by type. The papers are...
Software-Security-Learning
It is an offensive tool for binary exploitation. The primary CVE ID is not explicitly mentioned, but the repository contains information on various software security topics, including binary exploitation. The target product/service or framework is not specified, but the repository includes tools...
thorn-linux
This is a Debian-based research and development platform for information security called Thorn Linux. It is designed to keep users up to date with the latest cybersecurity news while providing a hardened and anonymized penetration-testing environment. The platform includes a highly customized...
nightmare
This repository is an open-source project for teaching binary exploitation and reverse engineering skills through a series of challenges. It is a collection of CTF Capture The Flag challenges designed to help learners develop their skills in exploiting binaries and reversing assembly code. The...
Exploit for Out-of-bounds Write in Microsoft
CVE-2018-0802 介绍 RTF118820802 软件架构 软件架构说明 安装教程 1. xxxx 2. xxxx 3. xxxx 使用说明 1. xxxx 2. xxxx 3. xxxx 参与贡献 1. Fork 本仓库 2. 新建 Featxxx 分支 3. 提交代码 4. 新建 Pull Request 特技 1. 使用 Readme\XXX.md 来支持不同的语言,例如 Readme\en.md, Readme\zh.md 2. Gitee 官方博客 blog.gitee.com 3. 你可以 https://gitee.com/explore 这个地址来了解 Gite...
Findsploit
It is an offensive tool for searching and exploiting. The primary CVE ID is not explicitly mentioned in the provided context. The tool, Findsploit, is a bash script that searches both local and online exploit databases. It includes three sub-scripts: "compilesploit" to automatically compile and r...
Exploit for CVE-2020-14882
CVE-2020-14882ALL CVE-2020-14882ALL综合利用工具,支持命令回显检测、批量命令回显、外置xml无回显命令执行等功能。 需要模块:requests、http.client (工具仅用于授权的安全测试,请勿用于非法使用,违规行为与作者无关。) 命令回显模块已知成功版本:12.2.1.3.0、12.2.1.4.0、14.1.1.0.0 选项 功能一:命令回显 python3 CVE-2020-14882ALL.py -u http://1.1.1.1:7001 -c "net user" python3 CVE-2020-14882ALL.py -u...
pwntools
This repository is an open-source project for a Python library called pwntools, which is used for reverse engineering and exploitation of binaries. The library is designed to be a comprehensive tool for security researchers and developers. The repository contains a variety of files, including:...
Pwnable.kr-CTF-Writeups
This repository contains writeups for a CTF Capture The Flag challenge called Pwnable.kr. The challenge involves exploiting vulnerabilities in various programs to obtain flags. The repository includes four writeups: 1. FD: This writeup involves exploiting a file descriptor vulnerability in a...
pocsuite_poc_collect
It is an offensive tool for vulnerability exploitation...
Exploit for Deserialization of Untrusted Data in Fasterxml Jackson-Databind
CVE-2020-8840:FasterXML/jackson-databind 远程代码执行漏洞 0x00 简介 jackson-databind 是隶属 FasterXML 项目组下的JSON处理库。 0x01 漏洞概述 2月19日,NVD发布安全通告披露了jackson-databind由JNDI注入导致的远程代码执行漏洞(CVE-2020-8840),CVSS评分为9.8...
vulhub1
This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is a collection of vulnerable environments for testing and learning purposes, with no pre-existing knowledge of docker required. The repository contains a variety of vulnerable...
Exploit for Off-by-one Error in Sudo_Project Sudo
This repository contains exploits for the CVE-2021-3156 vulnerability, which affects the Linux kernel. The vulnerability allows an attacker to gain root privileges by exploiting a flaw in the way the kernel handles the "setuid" system call. The repository contains two exploit files: "exploit.c" a...
shadowbroker
This repository, lvxiao54/shadowbroker, contains a collection of exploits and tools, including the infamous Shadow Brokers dump. The primary focus of this repository is on exploiting vulnerabilities in various software and systems, particularly in the context of Windows and Linux. The repository...
vulhub
This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is an offensive tool for web application security testing and vulnerability research. The primary vulnerability targeted by this repository is not explicitly stated, but it contai...
PrivescCheck
This is a PoC exploit for Windows privilege escalation enumeration. The script, PrivescCheck, is designed to identify common Windows security misconfigurations that can be leveraged for privilege escalation. It gathers various information that might be useful for exploitation and/or...
Exploit for CVE-2020-1034
This is a PoC Proof of Concept exploit for CVE-2020-1034, a vulnerability discovered by Microsoft and fixed on August 9, 2020. The exploit targets an unpatched Windows 10 2004, build 19041.488. The exploit code is written in C++ and uses the Windows API to manipulate the system's Event Tracing fo...
CDK
It is an offensive tool for container exploitation. The primary CVE ID is not explicitly stated in the provided context, but the tool is designed for container exploitation, which may involve various vulnerabilities. The tool, CDK, is a zero-dependency container penetration toolkit that offers...
Exploit for Expression Language Injection in Apache Struts
PoC exploit for CVE-2020-17530, a deserialization vulnerability in Apache Struts 2.0.0 to 2.5.25. The target product/service is Apache Struts, specifically the struts2showcasewar application. The vulnerability class/vector is deserialization, allowing for remote code execution. The probable entry...
Exploit for Path Traversal in Citrix Xenmobile_Server
使用方法&免责声明 该脚本为Citrix XenMobile 目录遍历漏洞(CVE-2020-8209)批量检测脚本。 使用方法:Python CVE-2020-8209-Multiple.py url.txt 存在漏洞的地址输出在vul.txt中 影响版本: - RP2之前的Citrix XenMobile Server 10.12 - RP4之前的Citrix XenMobile Server 10.11 - RP6之前的Citrix XenMobile Server 10.10 - RP5之前的Citrix XenMobile Server 10.9...