1886 matches found
shellshocker-pocs
This is a collection of Proof of Concepts PoCs and potential targets for the ShellShocker vulnerability. The PoCs are designed to exploit the vulnerability in various products and services, including XMPP ejabberd, Mailman, MySQL, NFS, Bind9, FTP, and others. The PoCs are primarily focused on...
MCIR
The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. It is a collection of tools designed to demonstrate various types of code injection vulnerabilities, including SQL injection, XML/XPath/XSL injection, Cross-Site Scripting XSS, and shell...
advisory-db
This is a security advisory database for Rust crates published through crates.io. The database is maintained by the RustSec project and contains information on security vulnerabilities in various Rust crates. The database is stored in TOML format and can be consumed by various tools for auditing...
Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu\/Sl_Firmware
This is a PoC exploit for CVE-2021-36260, a command injection vulnerability in the web server of some Hikvision product. The vulnerability allows an attacker to launch a command injection attack by sending malicious commands to the device. The exploit is implemented in Python and provides several...
PowerTools
PowerTools Is Now Deprecated! PowerView and PowerUp have moved to the PowerSploit repository under ./Recon/ and ./Privesc/ respectively. PowerPick will move repository locations shortly back to its original home. PewPewPew is no longer supported. No pull requests will be accepted and no issues wi...
Garden
This is a repository for the Garden development tool, which automates workflows for Kubernetes application development and testing. The repository contains various configuration files, including .chglog/CHANGELOG.tpl.md, .circleci/config.yml, .circleci/continue-config.yml, and others. These files...
Exploit for CVE-2019-13272
Linux 4.10 5.1.17 PTRACETRACEME local root...
Exploit for Cross-site Scripting in Atmail
AWAE/OSWE Preparation for coming AWAE Training. Work in progress... Atmail Mail Server Appliance: from XSS to RCE 6.4 CVE-2012-2593 - https://www.exploit-db.com/exploits/20009 - https://github.com/sourceincite/poc/blob/master/SRC-2016-0012.py ATutor Authentication Bypass and RCE 2.2.1 CVE-2016-25...
Exploit for Deserialization of Untrusted Data in Google Android
Exploration of CVE-2024-31317 CVE-2024-31317 provides unpriviledged access to any uid and SELinux scope available to proper Android apps. This provides access to uid 1000 system and uid 2000 shell, and can be triggered entirely from an unpriviledged app, allowing for persistence of any...
autottp
This is a Python wrapper for the PowerShell Empire API, a framework for penetration testing and red teaming. The wrapper provides a simple interface to interact with the Empire API, allowing users to automate tasks and sequences of actions. The wrapper is feature complete as of Empire 1.5.0 and...
Exploit for Use After Free in Linux Linux_Kernel
This repository contains various kernel exploits for Linux systems. The exploits target different vulnerabilities in the Linux kernel, including: 1. CVE-2016-8655: A Linux AFPACKET race condition exploit that includes KASLR and SMEP bypasses. 2. CVE-2016-9793: A Linux SOSND|RCVBUFFORCE CAPNETADMI...
漏洞扫描系统
This is a Python web application built using the Flask framework, designed to scan Windows systems for vulnerabilities. The application has several features, including user authentication, task management, and vulnerability scanning. Here is a summary of the key points: User Authentication The...
Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
log4j-finder A Python3 script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell CVE-2021-44228 & CVE-2021-45046 & CVE-2021-45105. It scans recursively both on disk and inside nested Java Archive files JARs. How it works log4j-finder identifies log4j2 libraries on your filesyst...
kconfig-safety-check
This is a tool for checking the security hardening options of the Linux kernel. It is a Python script that can be used to analyze the configuration of a Linux kernel and identify potential security vulnerabilities. The tool is designed to support various architectures, including X8664, X8632,...
Exploit for CVE-2024-38819
This is a proof-of-concept PoC exploit for CVE-2024-38819, a high-risk path traversal vulnerability in the Spring Framework. The vulnerability allows an attacker to access sensitive files on the server by constructing a malicious HTTP request with a specially crafted path. The PoC code is a simpl...
Exploit for CVE-2017-3143
Awesome Vulnerability Research 🦄 A curated list of the awesome resources about the Vulnerability Research First things first: There are no exploits in this project. Vulnerabilities != Exploits A Vulnerability resides in the software itself, doing nothing on its own. If you are really curious abou...
nuclei_poc
This repository is an offensive tool for Nuclei POCs. It is a Python script that clones GitHub repositories, extracts Nuclei POCs, and organizes them into categorized folders. The script runs automatically every day using GitHub Actions. The primary vulnerability class targeted by this tool is no...
linux-exploit-development-tutorial
This is a Linux exploit development tutorial for beginners. The repository contains a series of chapters on various topics, including basic knowledge, stack security, heap security, and kernel security. The first chapter covers basic knowledge, including format string vulnerabilities, integer...
Exploit for CVE-2020-1472
!Pythonpython-shield CVE-2020-1472 CVE-2020-1472 - Zero Logon vulnerability Python implementation Description A Python script which uses the Impacket library to test for CVE-2020-1472 - Zerologon vulnerability credits to Secura research. The flaw stems from the Netlogon Remote Protocol, available...
Shiro-721
This is a vulnerability analysis of a repository containing a proof-of-concept PoC exploit for a remote code execution RCE vulnerability in Apache Shiro, a Java-based security framework. The vulnerability is caused by a padding oracle attack, which allows an attacker to construct serialized data...
Exploit for Improper Access Control in Oracle Jdk
This repository contains a collection of exploit files and proof-of-concept PoC vulnerability demonstration files from the team at Hacker House. The files are categorized into several subdirectories, each containing a specific type of exploit or vulnerability. The files include: 1. AIX-0days.txt:...
JNDIExploit
This is a Java-based exploit tool for JNDI Java Naming and Directory Interface injection vulnerabilities. The tool is designed to inject a payload into the JNDI repository, allowing an attacker to execute arbitrary code on the target system. The tool is based on the Rogue JNDI project and support...
Exploit for CVE-1999-0078
Browsable content of eqgrp-auction-file.tar.xz - Original file: https://mega.nz/!zEAU1AQL!oWJ63n-D6lCuCQ4AY0Cv405hX8kn7MEsa1iLH5UjKU - Passphrase: CrDj";Va.NdlnzB9M?@K2deB7mN as disclosed by the ShadowBrokers, source - This summary is provided by the community: complaints/credits to jvoisin @...
Exploit for Path Traversal in Mikrotik Routeros
This is a PoC exploit for CVE-2018-14847 targeting RouterOS-based routers. The tool, named Meris RouterOS Checker, checks a list of IP addresses to validate if they were infected with Meris. It uses the RouterOS API, SSH, and WinBox to connect to the routers and attempt to exploit the...
isf
This is a Python-based exploitation framework called ISF Industrial Exploitation Framework that is similar to Metasploit. It is designed for industrial control system ICS exploitation and is used for testing and demonstrating vulnerabilities in ICS devices. The framework is based on the open-sour...
YushuTechUnitreeGo1
Based on the provided code, it appears to be a Windows executable file PE file that contains a malicious payload. The file is encoded with a custom algorithm, making it difficult to analyze without decoding. The code is written in C and uses various techniques to evade detection, including: 1. Co...
burp_mirror_gui
Burp Multiple Instance Management Tool This solution, when combined with jsforward or mitmdump, effectively addresses the following pain points in penetration testing: 1. Enables real-time testing for privilege escalation, unauthorized access, business logic vulnerabilities, and session-related...
kali-linux-cheatsheet
It is an offensive tool for penetration testing. The repository contains a Kali Linux Cheat Sheet for Penetration Testers, which provides quick references, commands, and techniques for various aspects of penetration testing. The cheat sheet covers topics such as reconnaissance and enumeration,...
pasta
The repository is a collection of code snippets and notes for learning PHP, specifically for those studying the language. The code snippets cover a range of topics, including forms, good coding practices, interview tasks, and database-related concepts. The repository is organized into several...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat
技术文章存档 ------ Paper list: Talking About Exploit Writing Bypassing AntiVirus Detection for Malicious PDFs MBR病毒分析 使用bochs调试MBR 基于MBR的系统登录密码验证程序 PDF文件格式分析 恶意PDF文件解析思路 Win 7下定位kernel32.dll基址及shellcode编写 CVE-2009-0658漏洞分析 Firefox vulnerabilityCVE-2011-0065 Bypassing DEP CVE-2009-4324漏洞分析 Flash XSS漏洞挖...
vulnerability scanner
This is a Java-based web vulnerability scanner. The tool is classified as an offensive tool for web vulnerability scanning. The primary vulnerability being targeted is not explicitly stated, but based on the code and metadata, it appears to be a web application scanner that can perform SQL...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
Awesome Advanced Windows Exploitation References List of Awesome Advanced Windows Exploitation References This list is for anyone wishing to upgrade on their Windows Exploitation Knowledge. Anyway, this is a living resources and will update regularly with latest research articles/talks of awesome...
weblogic-monitoring-exporter
This is a Java-based project for exporting metrics from WebLogic Server WLS instances to Prometheus. The project is available in two forms: a web application and a separate process. The web application is deployed to the server from which metrics are to be extracted, while the separate process is...
Exploit for Improper Input Validation in Joomla Joomla\!
CMS-Hunter 简介 Content Management System Vulnerability Hunter 说明:目前来看,本项目会进行长期维护,有修改的建议或者想法欢迎联系作者。 CMS 漏洞列表 Discuz - Discuz<3.4birthprovince前台任意文件删除 DedeCMS - DedeCMSv5.7shopsdelivery存储型XSS - DedeCMSv5.7carbuyaction存储型XSS - DedeCMSv5.7友情链接CSRFGetShell - DedeCMS V5.7 SP2后台存在代码执行漏洞 Drupal -...
rubysec
This is a Ruby library for performing mutation testing, which is a form of testing that ensures that test coverage is comprehensive by introducing small changes mutations into the code under test and verifying that the tests fail as expected. The library, called Mutant, is designed to be used in...
applications_hap
It is an offensive tool for mobile applications. The repository contains a collection of HAP HarmonyOS Application Package files, which are likely used for testing or demonstrating various mobile applications on the HarmonyOS platform. The files include demos for features such as flashlight, medi...
nuclei-templates
This repository is an offensive tool for vulnerability scanning and exploitation, specifically for the nuclei engine. It contains a community-curated list of templates for discovering security vulnerabilities in applications. The templates are used by the nuclei scanner to power the actual scanni...
mona
This is a repository for mona.py, a Python script used to automate and speed up specific searches while developing exploits, particularly for the Windows platform. Mona.py runs on Immunity Debugger and WinDBG, and requires Python 2.7. The script is designed to work with 32-bit processes, although...
exploit_me
This is a vulnerable ARM/AARCH64 application, specifically designed for a CTF Capture The Flag style exploitation tutorial. The application is written in C and is intended to demonstrate various types of vulnerabilities, including integer overflow, stack overflow, array overflow, off-by-one, stac...
fimap
fimap is a Python tool designed to find, prepare, audit, exploit, and even automatically Google for local and remote file inclusion LFI/RFI bugs in web applications. It can identify and exploit file inclusion bugs, including include, includeonce, require, and requireonce functions. The tool has a...
Exploit for CVE-2020-11989
使用说明 首页 所见即所得,点击对应的按钮会跳转到相应的模块 渗透测试 网站扫描 网站扫描功能缝了afrog项目地址,基本就是差不多把该扫描器的功能UI化,且内置反连无需再配置ceye或jndi已将jndi有关poc全部替换成反连地址,主动探测的漏洞或者指纹会写入到report目录下的html文件中,并没有将afrog命令的输出进行删除(所以你在go run main.go运行工具时,依然能看到命令行存在afrog的输出内容) 目标格式支持 URL 或者 IP:PORT 仅指纹扫描/指纹POC扫描/主动指纹探测 - 仅指纹扫描:只对当前网页发送两个数据包进行探测指纹 - 主动指纹探测:...
jexboss
This is a Python script for a tool called JexBoss, which is designed to exploit vulnerabilities in JBoss Application Server and other Java platforms. The script is written in Python 2.7 and uses the urllib3 library for HTTP requests. The script has several modules, including exploits.py,...
Exploit for Improper Authentication in Oracle Database_Server
This is an offensive tool for Oracle Database exploitation. The repository contains several modules that exploit various vulnerabilities in Oracle Database, including: 1. CVE-2012-3137: This module exploits a vulnerability in Oracle Database that allows an attacker to obtain remote passwords usin...
Exploit for Use After Free in Google Android
This is a proof-of-concept PoC application demonstrating the power of an Android kernel arbitrary R/W, specifically targeting CVE-2019-2215. The application, named Qu1ckR00t, is designed to exploit this vulnerability to achieve root access on an Android device. The exploit is implemented in the...
sparta
This is a network infrastructure penetration testing tool called SPARTA. It is a Python GUI application that simplifies the scanning and enumeration phase of penetration testing by providing point-and-click access to various tools and displaying all tool output in a convenient way. The tool...
PinTools
This repository is an example and proof-of-concept PoC for dynamic binary analysis using the Pin tool. The code is designed to detect the classical use-after-free vulnerability. The Pin tool is a dynamic binary instrumentation framework that allows developers to analyze and modify the behavior of...
personal-security-checklist-1
This repository is an open-source project for a curated checklist of 300+ tips for protecting digital security and privacy in 2022. It is a community-driven project that allows contributors to suggest and submit points to be added, amended, or removed from the list. The project has a code of...
Pikachu
This is a proof-of-concept PoC exploit for a vulnerable web application system called Pikachu. The system contains a variety of common web security vulnerabilities, including SQL injection, cross-site scripting XSS, cross-site request forgery CSRF, remote code execution RCE, and more. The...
Scanners-Box
This is a collection of open-source scanners from the GitHub platform, including subdomain enumeration, database vulnerability scanners, weak password or information leak scanners, port scanners, fingerprint scanners, and other large-scale scanners. The collection is maintained by We5ter and...
Awesome-Bugbounty-Writeups
This is a curated list of bug bounty writeups, specifically focusing on various types of web application vulnerabilities. The repository is organized by vulnerability type, with sections for Cross-Site Scripting XSS, Cross-Site Request Forgery CSRF, Clickjacking, Local File Inclusion LFI, Subdoma...