Lucene search
K
GiteeMost viewed

1886 matches found

Gitee
Gitee
added 2019/08/02 5:46 p.m.4 views

metasploit-framework

This is an offensive tool for the Metasploit Framework. The Metasploit Framework is a penetration testing platform that provides a comprehensive set of tools for exploiting vulnerabilities in software applications. It is primarily used by security researchers and penetration testers to identify a...

7.3AI score
Exploits0
Gitee
Gitee
added 2019/07/25 11:31 a.m.4 views

python

Shenc.py用法 conf/config.ini是配置字典生成的文件 dictshengc number=4 //生成出来的长度 character=abcdefghijklnmobqrsv1234567890 //从这里找字符 kali下使用: root@kali:/Pyfile/字典生成 python3 Shenc.py password.txt root@kali:/Pyfile/字典生成 cat password.txt + 配置文件存在 aaaa aaad aaam aaai aaan aaa1 aaa2 aaa3 aada aadd aadm aadi aadn aad1...

7AI score
Exploits0
Gitee
Gitee
added 2019/07/18 9:3 a.m.4 views

EQGRP

This repository is an exploit module for the Linux operating system, specifically targeting the 7z file archiver. The exploit is designed to take advantage of a vulnerability in the 7z library, which is used by the 7z file archiver. The vulnerability allows an attacker to execute arbitrary code o...

7.9AI score
Exploits0
Gitee
Gitee
added 2019/07/07 5:35 p.m.4 views

pwn

PWNexecrise Basic rop toturial Challengs pwnbasicrop Toturial: https://www.anquanke.com/post/id/164530 Basic rop toturial 2 Challengs pwnbasicrop2 Toturial: https://www.anquanke.com/post/id/168468...

7.1AI score
Exploits0
Gitee
Gitee
added 2019/07/02 8:36 p.m.4 views

oscp

This is an offensive tool for penetration testing and vulnerability assessment. It is a Python script called reconscan.py that is designed to be used as a preparation for the OSCP Offensive Security Certified Professional exam. The script is multithreaded and can be run against several hosts at...

7.1AI score
Exploits0
Gitee
Gitee
added 2019/07/01 7:47 p.m.4 views

AndroidSecNotes

It is an offensive tool for Android. The repository contains learning notes about Android Security, specifically about the Android Runtime ART and its debugging tools. The notes cover the format of Dex files, the ART runtime, and the Hook framework. The notes mention the use of the "oatdump" tool...

7.1AI score
Exploits0
Gitee
Gitee
added 2019/06/19 3:39 p.m.4 views

vulscan

This is a Python-based web application for vulnerability scanning and management. The application is built using Django and has several features, including: 1. Vulnerability Scanning: The application can scan for vulnerabilities in web applications using a variety of plugins and tools. 2. Plugin...

7.5AI score
Exploits0
Gitee
Gitee
added 2019/06/12 9:37 a.m.4 views

shadowbroker

This repository, uuum/shadowbroker, contains a collection of exploits and tools leaked by the Shadow Brokers, a group known for releasing sensitive information. The repository includes a variety of exploits targeting different systems and vulnerabilities, such as RedHat 7.0-7.1 Sendmail 8.11.x,...

6.6AI score
Exploits0
Gitee
Gitee
added 2019/05/26 4:21 p.m.4 views

metasploit-framework

This is the Metasploit Framework repository. It is an offensive tool for penetration testing and vulnerability assessment. The primary vulnerability class/vector targeted by this framework is exploitation of vulnerabilities in various software and systems, which can lead to remote code execution,...

8.2AI score
Exploits0
Gitee
Gitee
added 2019/05/21 10:34 a.m.4 views

sshtron

This is a multiplayer Tron game accessible via SSH. The game is written in Go and uses the SSH protocol to allow multiple players to play together over a network. The game is designed to be played on a server, and players can connect to the server using SSH to play. The game uses a simple...

7AI score
Exploits0
Gitee
Gitee
added 2019/03/14 3:48 p.m.4 views

CVE2018-8550Poc

这个漏洞属于com组件Unmarshal类型本地权限提升漏洞 复现环境 1. Windows 10 1709 32位操作系统 2. 需要安装声卡或操作系统自带虚拟声卡 3. 编译环境Visual Studio 2013 Poc 分析 原poc作者James Forshaw使用C实现,我一直未复现成功,不过通过原poc的代码我大致明白了漏洞的成因和触发方法,原poc环境是win10 1803...

7AI score
Exploits0
Gitee
Gitee
added 2018/10/04 10:0 p.m.4 views

exploitdb

The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...

6.8AI score
Exploits0
Gitee
Gitee
added 2018/08/13 12:1 p.m.4 views

Fuxi-Scanner

This is an open-source network security vulnerability scanner called Fuxi-Scanner. It is a Python-based tool that provides multiple security functions, including vulnerability detection and management, authentication testing, IT asset discovery and management, port scanning, subdomain scanning, a...

7.3AI score
Exploits0
Gitee
Gitee
added 2018/08/03 8:15 p.m.4 views

exploit-database

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit Database is a...

6.8AI score
Exploits0
Gitee
Gitee
added 2018/07/27 3:44 p.m.4 views

vulhub

It is an offensive tool for web application exploitation. The repository contains a Docker Compose file for a vulnerability environment. The tool is designed to exploit vulnerabilities in web applications. The tool is likely used for testing and demonstrating vulnerabilities in web applications. ...

7AI score
Exploits0
Gitee
Gitee
added 2018/07/12 7:38 a.m.4 views

exploit-database

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The aim is to serve as the most...

6.8AI score
Exploits0
Gitee
Gitee
added 2018/06/06 3:35 p.m.4 views

fuzzdb-collect

Based on the provided context, it appears that the repository contains a tool for brute-forcing file extensions with 3-character names. The tool is designed to test...

6.9AI score
Exploits0
Gitee
Gitee
added 2018/01/28 10:27 p.m.4 views

metasploit-framework

This is the Metasploit Framework repository. It is an offensive tool for penetration testing and vulnerability exploitation. The primary vulnerability class/vector targeted by this framework is not explicitly stated, but it is likely to be a wide range of vulnerabilities, including remote code...

8.3AI score
Exploits0
Gitee
Gitee
added 2017/05/15 6:58 p.m.4 views

shadowbroker

This repository, kaleozhou/shadowbroker, is an offensive tool repository containing exploits for various vulnerabilities in different software and systems. The exploits are categorized into several types, including SMB Server Message Block exploits, email server exploits, and others. The reposito...

7.1AI score
Exploits0
Gitee
Gitee
added 2017/04/17 3:37 p.m.4 views

shadowbroker

This repository is an offensive tool for various exploits. It contains a collection of exploits and utilities for various vulnerabilities, including those in Windows, Linux, and other systems. The exploits are categorized into different types, such as SMB, RPC, and IIS exploits. The primary targe...

8.2AI score
Exploits0
Gitee
Gitee
added 2017/04/15 11:22 p.m.4 views

shadowbroker

The repository cjd9023/shadowbroker contains a collection of exploits and tools leaked by the Shadow Brokers, a group known for releasing sensitive information. The exploits are categorized into two main sections: "Exploits" and "Utilities." The "Exploits" section includes 25 exploits targeting...

8.2AI score
Exploits0
Gitee
Gitee
added 2017/04/15 4:16 p.m.4 views

EQGRP

This is an exploit module for the Linux operating system, specifically targeting the 7z file archiver. The module is designed to exploit a vulnerability in the 7z program, allowing an attacker to execute arbitrary code on the system. The exploit is likely to be used for remote code execution RCE ...

8.8AI score
Exploits0
Gitee
Gitee
added 2017/04/10 9:25 a.m.4 views

EQGRP

This is a repository containing three ELF files: 7z, 7z.so, and 7za. The files are likely related to the 7-Zip file archiver, a popular tool for compressing and decompressing files. The ELF files are likely used as plugins or extensions for the 7-Zip software. The files are compiled for Linux and...

7AI score
Exploits0
Gitee
Gitee
added 2016/07/13 10:13 p.m.4 views

CTF_PWN

This repository is an offensive tool for CTF Capture The Flag challenges. It contains a PoC Proof of Concept exploit for an unspecified vulnerability, likely in a Linux system. The exploit is written in C and uses the GNU C Library glibc to perform a buffer overflow attack. The target of the...

7.5AI score
Exploits0
Gitee
Gitee
added 2023/03/30 9:1 p.m.3 views

vulhub

This repository is an offensive tool for a web application vulnerability training platform, 'Vulhub'. It is a collection of vulnerable web applications and tools for testing and training purposes. The repository contains various vulnerable applications, including web servers, databases, and other...

9AI score
Exploits0
Gitee
Gitee
added 2023/03/15 10:55 a.m.3 views

vulhub21

This repository is an offensive tool for vulnerability research and exploitation. It contains a collection of vulnerable environments and exploits for various software and systems. The primary purpose of this repository is to provide a platform for researchers and security professionals to learn...

7.3AI score
Exploits0
Gitee
Gitee
added 2023/02/11 2:0 a.m.3 views

wky-v4

This is a collection of bash scripts and configuration files for a Linux system. Here's a breakdown of the contents: Scripts: 1. setnginxphp.sh: Configures Nginx and PHP settings. 2. initcachedir.sh: Initializes a cache directory for the ipes application. 3. ipes.sh: Starts the ipes application. ...

7AI score
Exploits0
Gitee
Gitee
added 2022/11/23 1:42 p.m.3 views

chthonian

This is a Python-based local vulnerability scanning framework called Chthonian. It is designed to detect vulnerabilities in openKylin and uses a coroutine-based approach to increase detection speed. The framework has a fuzzing feature that can automatically discover vulnerabilities, detect securi...

6.7AI score
Exploits0
Gitee
Gitee
added 2022/11/14 9:16 p.m.3 views

Exploit for OS Command Injection in Dlink Dir-859_Firmware

IoT-vulhub 受 Vulhub 项目的启发,希望做一个 IoT 版的固件漏洞复现环境。 - IoT-vulhub - 安装 - 使用说明 - 漏洞环境列表 - 贡献指南 - 关注我们 安装 在 Ubuntu 20.04 下安装 docker 和 docker-compose: sh 安装 pip $ curl -s https://bootstrap.pypa.io/get-pip.py | python3 安装最新版 docker $ curl -s https://get.docker.com/ | sh 启动 docker 服务 $ systemctl start dock...

10CVSS7AI score0.89624EPSS
Exploits8
Gitee
Gitee
added 2022/10/10 10:55 p.m.3 views

pocsuite3_pocs

一些pocsuite3的脚本 shirokeybrute 把ShiroAttack2的检测和爆破key逻辑抠出来。用于批量测试shiro key是否可爆破。 使用步骤: 1.把shirokeys.txt放入pocsuite3\data目录 2.修改pocsuite3\lib\core\common.py setpaths函数中添加paths.SHIROKEYS = os.path.joinpaths.POCSUITEDATAPATH, "shirokeys.txt" 2.2或者直接修改poc中getwordlist函数所打开的文件地址 cve20220540 jira越权...

7.2AI score
Exploits0
Gitee
Gitee
added 2022/07/04 2:52 p.m.3 views

vulhub

This is an open-source collection of vulnerable web applications and environments for testing and learning purposes. It is a repository of vulnerable systems, including web applications, databases, and networks, that can be used to test and demonstrate various types of cyber attacks and...

7.5AI score
Exploits0
Gitee
Gitee
added 2022/05/05 2:36 p.m.3 views

nuclei-templates

This repository is an offensive tool for nuclei templates. It is a community-driven collection of templates for the nuclei engine to find security vulnerabilities in applications. The repository contains various templates, including CVEs, and is maintained by the projectdiscovery team. The...

7.1AI score
Exploits0
Gitee
Gitee
added 2022/04/22 4:10 p.m.3 views

afrog

PoC exploit for CNVD-2021-09650, a vulnerability in the 锐捷网络股份有限公司NBR路由器EWEB网管系统. The exploit targets the system's web interface, allowing an attacker to gain unauthorized access. The vulnerability is a high-severity issue, and the exploit demonstrates how an attacker can bypass authentication an...

7.2AI score
Exploits0
Gitee
Gitee
added 2022/04/15 2:57 p.m.3 views

nuclei-templates

This repository is an offensive tool for nuclei templates. It contains a collection of community-curated templates for the nuclei engine to find security vulnerabilities in applications. The templates are stored in the cves directory and are used by the nuclei scanner to identify potential...

7.5AI score
Exploits0
Gitee
Gitee
added 2022/04/10 9:41 p.m.3 views

p0insettia

It is an offensive tool for iOS jailbreak. The tool, named p0insettia, is designed to perform a tethered jailbreak on iOS 10.3.4 32-bit devices, specifically the iPhone 5, using the checkm8 BootROM exploit. The tool is written in C and uses the libcurl library for network operations. The code is...

7.1AI score
Exploits0
Gitee
Gitee
added 2022/03/24 6:54 p.m.3 views

Exploit for Expression Language Injection in Vmware Spring_Cloud_Gateway

漏洞简介 Spring Cloud Gateway 是 Spring Cloud 的一个全新项目,该项目是基于 Spring 5.0,Spring Boot 2.0 和 Project Reactor 等技术开发的网关,它旨在为微服务架构提供一种简单有效的统一的API路由管理方式。 前段时间springCloud Gateway被爆致命RCE CVE ,cve信息显示当应用程序启用和暴露Spring Cloud Gateway的Gateway Actuator endpoint时,会受到远程代码注入攻击,攻击者发送恶意请求从而可远程执行任意代码。目前受影响的版本如下: 3.1.0 3.0...

10CVSS9AI score0.98253EPSS
Exploits54
Gitee
Gitee
added 2022/02/15 4:5 p.m.3 views

csv-plus_vulnerability

No description...

7AI score
Exploits0
Gitee
Gitee
added 2022/02/11 1:36 p.m.3 views

Demo

This repository is an offensive tool for domain enumeration and vulnerability scanning. It contains a collection of tools and scripts for performing domain enumeration, subdomain brute forcing, and database vulnerability scanning. The tools include SubDomainsBrute, wydomain, dnsmaper, orangescan,...

6.9AI score
Exploits0
Gitee
Gitee
added 2022/02/10 12:19 p.m.3 views

vulhub

This is an offensive tool repository for vulnerability research and exploitation. It is a collection of vulnerable environments and exploits for various software and frameworks, including CouchDB, FFmpeg, Git, and others. The repository is maintained by Vulhub, a community-driven project for...

7AI score
Exploits0
Gitee
Gitee
added 2022/01/31 1:17 p.m.3 views

Exploit for CVE-2021-3129

laravel-CVE-2021-3129-EXP CVE-2021-3129 一键 getshell 用法 python3 laravel-CVE-2021-3129-EXP.py http://127.0.0.1:8000 成功以后使用哥斯拉链接即可。...

9.8CVSS9.9AI score0.99943EPSS
Exploits36
Gitee
Gitee
added 2022/01/24 5:10 p.m.3 views

cve_tracking

cvetracking 介绍 cve 补丁自动获取工具,该工具将会根据 cve 和 rpm 包自动在上游社区查找补丁并反馈结果,同时也可以下载查找到的补丁以及验证补丁的可用性。 软件架构 python 可执行代码 安装教程 1. 下载代码 shell git clone https://gitee.com/openeuler/cve-manager.git 2. 进入工具执行目录 shell cd xxx上述代码下载目录/cve-manager/cve-agency-manager/cvetracking 3. 在 cve-tracking.yaml 的 authentication 中...

7.2AI score
Exploits0
Gitee
Gitee
added 2022/01/19 9:3 a.m.3 views

Exploit for SQL Injection in Zabbix

This repository is an open-source collection of vulnerable web applications and tools for security research and education, maintained by phith0n. It is an offensive tool for web application security research. The repository contains various vulnerable web applications, including CouchDB, FFmpeg,...

9.8CVSS7.1AI score0.99686EPSS
Exploits74
Gitee
Gitee
added 2022/01/13 9:52 a.m.3 views

securitylab

This repository is an offensive tool for a CodeQL query library. It contains various CodeQL queries for detecting vulnerabilities in C++ code, specifically targeting the ChakraCore and Chromium projects. The queries are designed to identify potential security issues, such as bad overflow checks,...

7.4AI score
Exploits0
Gitee
Gitee
added 2022/01/11 4:57 p.m.3 views

kconfig-hardened-check-master

This is a tool for checking Linux kernel Kconfig option lists against security hardening preferences. The tool is called "kconfig-hardened-check" and is written in Python. It is designed to help users ensure that their Linux systems are properly secured by checking the kernel configuration agains...

6.8AI score
Exploits0
Gitee
Gitee
added 2021/12/31 11:5 a.m.3 views

pocsuite_poc_collect

It is an offensive tool for vulnerability exploitation. The repository appears to be a collection of proof-of-concept PoC exploits for various vulnerabilities, likely created using the Pocsuite framework. Not specified...

6.9AI score
Exploits0
Gitee
Gitee
added 2021/12/29 7:34 p.m.3 views

pikachu

It is an offensive tool for web application security training. The primary CVE ID is not explicitly mentioned, but the tool is designed to simulate various web application vulnerabilities, including Burt Force 暴力破解漏洞, XSS 跨站脚本漏洞, CSRF 跨站请求伪造, SQL-Inject SQL注入漏洞, RCE 远程命令/代码执行, Files Inclusion...

5.9AI score
Exploits0
Gitee
Gitee
added 2021/12/13 8:55 a.m.3 views

log4j2-bug-recurrent

log4j2漏洞复现demo 演示版本 ------ jdk : jdk8u181 log4j2 : 2.12.0 log4j2漏洞范围:2.0 jdk.version jdk.version 8u191 还有其他版本不一一列出 server-simple:模拟一个生产服务 attack-simple:模拟的攻击代码 rmi-service :模拟黑客的rmi服务...

7.1AI score
Exploits0
Gitee
Gitee
added 2021/12/02 2:32 p.m.3 views

Exploit for OS Command Injection in Zeroshell

CVE-2019-12725 CVE-2019-12725 ZeroShell 远程命令执行漏洞 =================================================== 自己的练习项目...

10CVSS7.1AI score0.89849EPSS
Exploits11
Gitee
Gitee
added 2021/11/25 3:27 p.m.3 views

Exploit for Cross-site Scripting in Prisma Graphql-Playground-Html

This is a PoC exploit for CVE-2020-4038, an XSS Reflection attack vulnerability in the GraphQL Playground repository. The vulnerability is present in the graphql-playground-html package, which is used by several other packages, including graphql-playground-express, graphql-playground-koa,...

7.4CVSS6.5AI score0.07243EPSS
Exploits1
Gitee
Gitee
added 2021/11/18 11:7 p.m.3 views

K8tools

It is an offensive tool for web application exploitation. The repository, K8tools, contains a collection of tools for various purposes, including internal penetration, privilege escalation, remote overflow, vulnerability exploitation, scanning, password cracking, and evasion. The primary focus is...

7.2AI score
Exploits0
Total number of security vulnerabilities1886