Lucene search
K
GiteeMost viewed

1886 matches found

Gitee
Gitee
added 2020/09/02 3:34 p.m.4 views

vulhub

It is an offensive tool for web application security training. The repository contains a collection of pre-built vulnerable docker environments, allowing users to practice web application security testing without requiring prior knowledge of docker. The tool is designed to be easy to use, with a...

7.2AI score
Exploits0
Gitee
Gitee
added 2020/09/01 9:21 a.m.4 views

exploitdb

The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...

6.8AI score
Exploits0
Gitee
Gitee
added 2020/09/01 9:20 a.m.4 views

pwntools

This repository is an offensive tool for CTF Capture The Flag pwn challenges. It is a framework for writing scripts to solve CTF pwn challenges. The primary CVE ID is not explicitly stated in the provided context, but the repository is likely used for exploiting vulnerabilities in various softwar...

8.2AI score
Exploits0
Gitee
Gitee
added 2020/08/28 4:37 p.m.4 views

vulhub

It is an offensive tool for web application security training. The target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector is not...

8AI score
Exploits0
Gitee
Gitee
added 2020/08/28 12:58 p.m.4 views

vulhub

It is an offensive tool for Vulnerable Environments Based on Docker-Compose. The repository contains a collection of pre-built vulnerable docker environments, allowing users to easily create and test vulnerable environments without requiring prior knowledge of Docker. The tool is designed to be...

6.8AI score
Exploits0
Gitee
Gitee
added 2020/08/25 11:29 p.m.4 views

powerSploit

This is an offensive tool for Windows. It is a PowerShell module called PowerSploit, which is a framework for penetration testing and red teaming. The module includes various tools for tasks such as antivirus bypass, code execution, and DLL injection. The primary vulnerability targeted by this to...

8.1AI score
Exploits0
Gitee
Gitee
added 2020/08/25 9:9 p.m.4 views

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for vulnerability research and testing. The target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments, including Flask,...

8.1AI score
Exploits0
Gitee
Gitee
added 2020/08/23 4:22 p.m.4 views

vulhub

It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector ...

8AI score
Exploits0
Gitee
Gitee
added 2020/08/19 5:9 p.m.4 views

vulhub

It is an offensive tool for Docker environments. The tool is designed to create a vulnerable Docker environment for testing and training purposes. It provides a collection of pre-built vulnerable Docker environments, allowing users to execute two simple commands to create a vulnerable environment...

7.4AI score
Exploits0
Gitee
Gitee
added 2020/08/09 10:59 a.m.4 views

pwn-collection

This repository contains a collection of CTF Capture The Flag challenges with writeups and exploit scripts. The challenges are categorized into three main areas: fmtstr32, heapchunkoverlap64, and pwn300. The fmtstr32 category contains challenges related to format string vulnerabilities, which all...

7.7AI score
Exploits0
Gitee
Gitee
added 2020/08/08 10:15 a.m.4 views

CTFtools

This repository is an offensive tool for web application exploitation, specifically targeting web servers. The primary vulnerability class is code execution RCE, with various exploitation techniques and payloads. The tool is designed to automate the exploitation process, making it easier for...

8.7AI score
Exploits0
Gitee
Gitee
added 2020/08/07 1:42 p.m.4 views

CTF-challenges-by-me

This is an offensive tool for CTF challenges. It is a collection of exploits and challenges from various CTF events, including 0ctffinal-2017 and 0ctfquals-2018. The repository contains a variety of challenges, including web security, pwnable, and cryptography challenges. The challenges are...

7.6AI score
Exploits0
Gitee
Gitee
added 2020/08/06 6:47 p.m.4 views

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The repository contains a variety of vulnerable environments, including Flask SSTI, Apache Parsing Vulnerability, and more. The environments are designed to be easy to use, with simple installation and usage instructions...

7.4AI score
Exploits0
Gitee
Gitee
added 2020/08/04 10:7 a.m.4 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID present in the provided context is CVE-2016-9086. The target product/service or framework is GitLab. The vulnerability class/vector is not explicitly stated, but it is likely related to the mentioned...

6.5CVSS6.7AI score0.05388EPSS
Exploits39
Gitee
Gitee
added 2020/08/02 11:36 p.m.4 views

vulhubs

This is an open-source collection of pre-built vulnerable docker environments. It is not a PoC exploit for a specific CVE, but rather a toolkit for testing and training purposes. The repository contains various vulnerable environments, including Flask SSTI, Apache Parsing Vulnerability, and more...

6.8AI score
Exploits0
Gitee
Gitee
added 2020/08/01 3:46 p.m.4 views

Exploit for Improper Input Validation in Microsoft

PoC exploit for CVE-2020-1350. The target product/service or framework is IIS, and the vulnerability class/vector is a deserialization vulnerability. The probable entry point is the applicationhost.config file, and the notable dependency/tooling is the IIS configuration file. The execution contex...

10CVSS9.8AI score0.92178EPSS
Exploits21
Gitee
Gitee
added 2020/07/29 5:49 p.m.4 views

bluescan

This is a Python script for a Bluetooth scanner, specifically designed to scan for devices, services, and vulnerabilities. The script is called "bluescan" and is available on GitHub. The script is based on the BlueZ Bluetooth protocol stack and uses the libbluetooth-dev package. It can be install...

7.3AI score
Exploits0
Gitee
Gitee
added 2020/07/26 7:53 a.m.4 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Artifex Gsview

PoC exploit for Redis RCE CVE-2017-14947 targeting Redis 4.x/5.x. The vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the redis-rce.py script. Notable dependencies/tooling include six and argparse. The execution context is a Python script invoked from the...

7.8CVSS8.6AI score0.01233EPSS
Exploits3
Gitee
Gitee
added 2020/07/23 1:9 a.m.4 views

vulhub

This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for testing and training purposes. The primary CVE ID is not specified, but it includes various vulnerable environments based on Docker-Compose. The target product/service or framework is not...

7.6AI score
Exploits0
Gitee
Gitee
added 2020/07/18 11:27 p.m.4 views

Exploit for CVE-2019-1003000

PoC exploit for CVE-2019-1003000, CVE-2019-1003001, and CVE-2019-1003002, which are related to Script Security, Pipeline: Groovy, and Pipeline: Declarative plugins in Jenkins. This exploit allows users with Overall/Read permission and Job/Configure and optional Job/Build to bypass the sandbox...

8.8CVSS8AI score0.98428EPSS
Exploits17
Gitee
Gitee
added 2020/07/17 3:40 p.m.4 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an offensive tool for creating vulnerable environments based on Docker-Compose. The primary CVE ID is not explicitly stated, but the tool is designed to create vulnerable environments for various vulnerabilities, including CVE-2016-9086, CVE-2017-1000353, CVE-2018-1000006, and others. The...

9.8CVSS7.7AI score0.99686EPSS
Exploits53
Gitee
Gitee
added 2020/07/17 1:28 a.m.4 views

metasploit-framework

This is an offensive tool for Metasploit Framework. It is a collection of modules and tools for exploiting vulnerabilities in various systems and applications. The repository contains a wide range of modules, including exploits, payloads, and post-exploitation tools. The primary target of this to...

8.2AI score
Exploits0
Gitee
Gitee
added 2020/07/17 1:21 a.m.4 views

ysoserial

This is a proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool, called ysoserial, is a collection of utilities and property-oriented programming "gadget chains" discovered in common Java libraries that can, under the right conditions, exploit Jav...

7.2AI score
Exploits0
Gitee
Gitee
added 2020/07/01 4:26 p.m.4 views

WriteUp_GoogleCTF_2017

This is a PoC exploit for a vulnerability in the Inst Prof binary, which is a x8664 Linux binary with PIE and NX enabled. The exploit allocates two pages using code reuse, one page to stack pivot and the other page to execute a shellcode. The shellcode is executed by dereferencing a text pointer...

7.4AI score
Exploits0
Gitee
Gitee
added 2020/06/24 9:39 a.m.4 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2017-11882 文章链接 隐藏17年的Office远程代码执行漏洞(CVE-2017-11882) http://www.cnblogs.com/Hi-blog/p/7878054.html...

9.3CVSS7.1AI score0.99945EPSS
Exploits33
Gitee
Gitee
added 2020/06/19 3:37 p.m.4 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796-SMB 该资源为CVE-2020-0796漏洞复现,包括Python版本和C++版本。主要是集合了github大神们的资源,希望您喜欢 C++ Python EXP POC 漏洞利用: - 本地EXP提权:https://github.com/danigargu/CVE-2020-0796 - 本地EXE提权: https://github.com/f1tz/CVE-2020-0796-LPE-EXP - POC版本提权: https://github.com/eerykitty/CVE-2020-0796-PoC -...

10CVSS9.3AI score0.9981EPSS
Exploits125
Gitee
Gitee
added 2020/06/19 2:5 p.m.4 views

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not specified, but the environments are designed to be vulnerable to various attacks. The probable entry points are not explicitly stated, but the environments are likely to be...

8.4AI score
Exploits0
Gitee
Gitee
added 2020/06/15 4:12 p.m.4 views

Zeratool

This repository, Zeratool, is an automatic exploit generation tool for exploitable CTF Capture The Flag problems. It uses the angr concolic analysis framework to analyze binaries and identify vulnerabilities. The tool can generate exploits for buffer overflow and format string vulnerabilities, an...

7.8AI score
Exploits0
Gitee
Gitee
added 2020/06/15 3:25 p.m.4 views

PowerSploit

This is an offensive tool for Windows. It is a PowerShell module called PowerSploit, which contains various functions for code execution, DLL injection, and antivirus bypass. The module includes several sub-modules, such as CodeExecution and AntivirusBypass, each with its own set of functions. Th...

7.5AI score
Exploits0
Gitee
Gitee
added 2020/06/14 9:34 p.m.4 views

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not specified, but it includes various types of vulnerabilities such as SQL injection, cross-site scripting XSS, and remote code execution RCE. The target product/service or...

8.3AI score
Exploits0
Gitee
Gitee
added 2020/06/13 9:9 p.m.4 views

vulhub

This is an open-source collection of pre-built vulnerable docker environments. It is not a PoC exploit for a specific CVE, but rather a toolkit for testing and learning about various vulnerabilities. The primary purpose of Vulhub is to provide a simple way to create and run vulnerable environment...

8.1AI score
Exploits0
Gitee
Gitee
added 2020/06/11 10:0 p.m.4 views

EQGRP

This is a repository containing the decrypted content of eqgrp-auction-file.tar.xz. The repository includes three files: Linux/bin/7z, Linux/bin/7z.so, and Linux/bin/7za. These files are likely related to the 7-Zip file archiver. The files are in ELF Executable and Linkable Format format, which i...

6.7AI score
Exploits0
Gitee
Gitee
added 2020/06/06 12:18 p.m.4 views

PRET

The repository michaelxiaxc/PRET is a Printer Exploitation Toolkit that allows users to test the security of their printers. The tool connects to a device via network or USB and exploits the features of a given printer language, currently supporting PostScript, PJL, and PCL. The main idea of PRET...

6.8AI score
Exploits0
Gitee
Gitee
added 2020/06/04 4:38 p.m.4 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

PoC exploit for CVE-2020-0796 - SMBv3 RCE. The target product/service is SMBv3, and the vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the scanner.py script, which sends a SMB negotiate request to the target server. Notable dependencies/tooling include the...

10CVSS8.4AI score0.9981EPSS
Exploits125
Gitee
Gitee
added 2020/06/02 9:28 a.m.4 views

BJDCTF2020_March

本届BJDCTF由江苏科技大学、北京工业大学、西南民族大学、杭州师范大学、 江苏大学、湖南工业大学(排名不分先后)联合举办,刷题就到buu,感谢赵总大力支持...

7AI score
Exploits0
Gitee
Gitee
added 2020/05/28 5:42 p.m.4 views

vulhub

This is an open-source collection of pre-built vulnerable docker environments. It is not a PoC exploit for a specific CVE, but rather a toolkit for testing and training purposes. The repository contains a variety of vulnerable environments, including Flask SSTI, Apache Parsing Vulnerability, and...

8.3AI score
Exploits0
Gitee
Gitee
added 2020/05/27 3:26 p.m.4 views

Exploit for Off-by-one Error in Sudo_Project Sudo

PoC exploit for CVE-2021-3156, Exploit module/toolkit targeting Linux, or It is an offensive tool for Linux. The repository contains various tools and scripts for exploiting vulnerabilities in Linux systems. The tools include: evilELF: a tool for exploiting ELF-related vulnerabilities evilHEAP: a...

7.8CVSS8AI score0.99295EPSS
Exploits81
Gitee
Gitee
added 2020/05/26 11:42 p.m.4 views

vulhub

It is an offensive tool for Web Application. The repository contains a collection of pre-built vulnerable environments based on Docker-Compose. The tool is designed to test web applications for vulnerabilities, specifically for web application security testing. The tool includes a variety of...

7.2AI score
Exploits0
Gitee
Gitee
added 2020/05/25 3:21 p.m.4 views

Exploit for CVE-2020-11651

CVE-2020-11651 is a proof-of-concept PoC exploit for a vulnerability in the SaltStack master. The exploit is designed to obtain pre-auth RCE Remote Code Execution on a SaltStack master and all associated minions. The vulnerability is not explicitly stated in the provided code, but it is likely...

9.8CVSS8.1AI score0.96405EPSS
Exploits24
Gitee
Gitee
added 2020/05/22 11:19 p.m.4 views

Exploit for Deserialization of Untrusted Data in Oracle Access_Manager

CVE-2020-2555 概述 在2020年1月,互联网上爆出了Weblogic反序列化远程命令执行漏洞(CVE-2020-2555),Oracle Fusion中间件Oracle Coherence存在缺陷,攻击者可利用该漏洞在未经授权下通过构造T3协议请求,获取Weblogic服务器权限,执行任意命令,风险较大。 影响 Oracle Coherence 3.7.1.17 Oracle Coherence & Weblogic 12.1.3.0.0 Oracle Coherence & Weblogic 12.2.1.3.0 Oracle Coherence & Weblogic...

9.8CVSS9.6AI score0.97116EPSS
Exploits26
Gitee
Gitee
added 2020/05/22 1:15 p.m.4 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an open-source collection of pre-built vulnerable docker environments. CVE-2016-9086 is present in the provided context. The target product/service or framework is GitLab, the vulnerability class/vector is a remote code execution RCE vulnerability, the probable entry points are the data...

6.5CVSS8.5AI score0.05388EPSS
Exploits39
Gitee
Gitee
added 2020/05/12 3:6 p.m.4 views

Exploit for Improper Input Validation in Redhat Openshift

This is a pre-built vulnerable environment based on Docker-Compose, provided by Vulhub. The repository contains a collection of vulnerable environments, each with its own set of vulnerabilities and exploits. The repository is designed to be easy to use, with a simple installation process and a...

9.8CVSS9.5AI score0.99686EPSS
Exploits46
Gitee
Gitee
added 2020/05/12 1:38 p.m.4 views

vulhub

This repository is an open-source collection of vulnerable web applications and environments for security testing and education, maintained by vulhub. It is a defensive blue-team research and threat mitigation tool. The repository contains a variety of vulnerable web applications and environments...

6.9AI score
Exploits0
Gitee
Gitee
added 2020/05/11 2:9 p.m.4 views

Exploit for CVE-2019-1040

CVE-2019-1040 Great writeup! Exploiting CVE-2019-1040 - Combining relay vulnerabilities for RCE and Domain Admin . So, I wrote CVE-2019-1040.py for easy to use. You can also check out my exchange2domain repo: https://github.com/ridter/exchange2domain, another way to use exchange to get DC...

5.9CVSS7.2AI score0.48043EPSS
Exploits6
Gitee
Gitee
added 2020/05/07 10:28 a.m.4 views

Exploit for CVE-2013-0422

K8tools 20190428 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 博客: https://www.cnblogs.com/k8gege 下载: https://github.com/k8gege/K8tools PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 综合工具 K8飞刀Final.rar + K8data.mdb K8飞刀漏洞数据库20190402 + K8expList.txt...

10CVSS9.1AI score0.99448EPSS
Exploits97
Gitee
Gitee
added 2020/05/07 10:27 a.m.4 views

pentest-wiki

This repository is an information gathering library for penetration testers/researchers. It contains various tools and documentation for gathering information about a target organization, including IP analysis, whois analysis, and social media research. The library includes bookmarks for various...

6.9AI score
Exploits0
Gitee
Gitee
added 2020/05/06 3:20 p.m.4 views

Information_Collection_Handbook

Handbook of information collection for penetration testing...

6.8AI score
Exploits0
Gitee
Gitee
added 2020/04/23 10:58 p.m.4 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

This is a PoC exploit for CVE-2020-0796, a Windows SMBv3 LPE Local Privilege Escalation vulnerability. The exploit is written in C++ and uses the Windows API to manipulate system handles and exploit the vulnerability. The code includes a function to get the address of a handle, and another functi...

10CVSS9.1AI score0.9981EPSS
Exploits125
Gitee
Gitee
added 2020/04/23 5:10 p.m.4 views

metasploit-framework

This is a Metasploit Framework repository. The framework is a penetration testing tool that allows users to create and execute exploits against various targets. The repository contains a wide range of modules, including exploits, payloads, and auxiliary tools. The framework is written in Ruby and...

7.8AI score
Exploits0
Gitee
Gitee
added 2020/04/23 11:16 a.m.4 views

antSword

This is a comprehensive analysis of the provided code and metadata from the AntSword repository. Classification: Exploit module/toolkit targeting web applications Primary CVE ID: Not specified Target product/service or framework: Web applications Vulnerability class/vector: Not specified Probable...

7.2AI score
Exploits0
Total number of security vulnerabilities1886