Lucene search
K
GiteeMost viewed

1886 matches found

Gitee
Gitee
added 2021/05/27 6:48 p.m.3 views

wolfssl

This repository is an implementation of the wolfSSL library, a cryptographic library for secure communication. The library is designed to be used with various platforms, including Arduino, and provides a range of cryptographic functions for secure data transmission. The repository contains a...

6.9AI score
Exploits0
Gitee
Gitee
added 2021/05/17 4:40 a.m.3 views

PayloadsAllTheThings

It is an offensive tool for Web Application Security and Pentest/CTF. The repository contains a list of useful payloads and bypass techniques. The primary CVE ID is not explicitly mentioned, but it appears to be a collection of various exploits and tools. The target product/service or framework i...

7.2AI score
Exploits0
Gitee
Gitee
added 2021/05/16 8:36 p.m.3 views

vulhub

This repository is an open-source collection of pre-built vulnerable Docker environments, known as Vulhub. It is an offensive tool for testing and demonstrating vulnerabilities in various software and systems. The primary vulnerability class/vector targeted by Vulhub is not explicitly stated, but...

8.6AI score
Exploits0
Gitee
Gitee
added 2021/05/12 4:17 p.m.3 views

K8tools

It is an offensive tool for web application exploitation. The repository, K8tools, contains a collection of tools for various purposes, including internal penetration, privilege escalation, remote overflow, vulnerability exploitation, scanning, password cracking, and anti-kill tools. The primary...

7.3AI score
Exploits0
Gitee
Gitee
added 2021/04/29 9:43 p.m.3 views

suricata-rules

This repository contains Suricata IDS Intrusion Detection System rules for detecting various types of malicious activity, including CobaltStrike, crypto miners, and other threats. The rules are designed to identify specific patterns and behaviors associated with these threats. The rules are...

6.9AI score
Exploits0
Gitee
Gitee
added 2021/04/29 8:29 p.m.3 views

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is an offensive tool for testing and training purposes. The primary vulnerability is not explicitly stated, but the repository contains various vulnerable environments, including ones for...

7AI score
Exploits0
Gitee
Gitee
added 2021/04/26 8:40 p.m.3 views

glimmer

This is a Python-based framework called Glimmer, which is a poc proof-of-concept framework for various attacks. The framework is designed to be extensible and allows users to write their own parsers for different protocols and targets. The framework has several dependencies, including rich,...

7.2AI score
Exploits0
Gitee
Gitee
added 2021/04/14 11:9 p.m.3 views

vulhub

This repository is an open-source collection of pre-built vulnerable Docker environments, called Vulhub. It is an offensive tool for testing and training purposes. The primary vulnerability class/vector targeted by Vulhub is not explicitly stated, but it includes a wide range of vulnerabilities i...

8.1AI score
Exploits0
Gitee
Gitee
added 2021/04/14 9:18 p.m.3 views

Exploit for Use After Free in Adobe Flash_Player

Awesome CobaltStrike 0x00 前言 1. 一部分是近期做RedTeam项目的时候看到的一些关于CobaltStrike不错的文章 2. 目前网上的Aggressor Script种类繁多,大多数资源的聚合都是只给出对应的链接,而不说明是干什么的,以至于在查看时不知道如何选择,要一个一个打开看 3. 关于新特性BOF资源的整合 4. 解决要用的时候找不到合适aggressor script或者BOF的问题 5. 如果有本repo没有涉及的优质内容,欢迎大家提交pr 0x01 相关文章合集 基础知识参考: 1. CobaltStrikewiki 2...

9.8CVSS10AI score0.89618EPSS
Exploits19
Gitee
Gitee
added 2021/04/08 8:12 a.m.3 views

PayloadsAllTheThings

It is an offensive tool for general-purpose. This repository contains a collection of payloads, likely for testing and exploitation purposes. The primary CVE ID is not explicitly mentioned, but the repository is likely related to various vulnerabilities. The target product/service or framework is...

6.7AI score
Exploits0
Gitee
Gitee
added 2021/04/04 11:7 a.m.3 views

rocComExpRce

综合RCE漏洞利用工具...

7AI score
Exploits0
Gitee
Gitee
added 2021/04/01 8:15 p.m.3 views

ysoserial

This is a proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool, called ysoserial, is a collection of utilities and property-oriented programming "gadget chains" discovered in common Java libraries that can, under the right conditions, exploit Jav...

7.2AI score
Exploits0
Gitee
Gitee
added 2021/03/31 3:58 p.m.3 views

vulhub2

This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is an offensive tool for various areas, including web application security, web server security, and more. The primary purpose of Vulhub is to provide a simple and easy-to-use...

6.8AI score
Exploits0
Gitee
Gitee
added 2021/03/31 11:15 a.m.3 views

Exploit for CVE-2019-1003000

PoC exploit for CVE-2019-1003000, CVE-2019-1003001, and CVE-2019-1003002, which are related to a vulnerability in Jenkins' Script Security, Pipeline: Groovy, and Pipeline: Declarative plugins. The exploit allows users with Overall/Read permission and Job/Configure and optional Job/Build to bypass...

8.8CVSS7.6AI score0.98428EPSS
Exploits17
Gitee
Gitee
added 2021/03/30 7:18 p.m.3 views

CTF-All-In-One

This repository is an offensive tool for CTF Capture The Flag competitions, specifically targeting Linux systems. The primary vulnerability class is not explicitly stated, but based on the content, it appears to be focused on binary exploitation Pwn. The tool is designed to be used in a CTF...

7.3AI score
Exploits0
Gitee
Gitee
added 2021/03/30 12:24 p.m.3 views

metasploit-framework

This repository is an offensive tool for Metasploit Framework. The Metasploit Framework is a comprehensive platform for developing and executing exploits, post-exploitation tools, and malware. It is a powerful tool for penetration testers, security researchers, and red teamers. The framework...

6.8AI score
Exploits0
Gitee
Gitee
added 2021/03/28 12:58 p.m.3 views

exploitdb

This is a repository of exploits and proof-of-concepts for various vulnerabilities in software and systems. The repository is maintained by Offensive Security and is used by penetration testers and vulnerability researchers. The exploits are categorized into different types, including exploits,...

6.9AI score
Exploits0
Gitee
Gitee
added 2021/03/26 4:57 p.m.3 views

Zeratool

This is an offensive tool for CTF Capture The Flag problems. It is designed to automatically generate exploits and remotely capture flags for exploitable CTF problems. The tool, called Zeratool, uses the angr binary analysis framework to concolically analyze binaries by hooking printf and looking...

8.5AI score
Exploits0
Gitee
Gitee
added 2021/03/23 8:57 a.m.3 views

vulhub

This is a collection of vulnerable Docker environments, known as Vulhub. It's an open-source project that provides pre-built vulnerable environments for testing and learning purposes. The project is maintained by phith0n and is available on GitHub. The repository contains a variety of vulnerable...

7.7AI score
Exploits0
Gitee
Gitee
added 2021/03/16 4:45 p.m.3 views

awesome-jenkins-rce-2019

No description...

7AI score
Exploits0
Gitee
Gitee
added 2021/03/16 10:14 a.m.3 views

pocsuite3

This is a Python package called pocsuite3, which is a remote vulnerability testing and proof-of-concept development framework. It is developed by the Knownsec 404 Team and comes with a powerful proof-of-concept engine, many powerful features for the ultimate penetration testers and security...

7.2AI score
Exploits0
Gitee
Gitee
added 2021/03/14 4:54 p.m.3 views

BHR_Labs

No description...

7AI score
Exploits0
Gitee
Gitee
added 2021/03/13 3:7 p.m.3 views

Exploit for SQL Injection in Zabbix

This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is an offensive tool for web application security training and testing. The primary vulnerability class targeted by Vulhub is web application vulnerabilities, including Remote Cod...

9.8CVSS8.5AI score0.83284EPSS
Exploits28
Gitee
Gitee
added 2021/03/12 9:38 a.m.3 views

vulhub

It is an offensive tool for vulnerable environments. The repository contains pre-built vulnerable environments based on Docker-Compose. The tool is designed to provide a simple way to create and manage vulnerable environments for testing and training purposes. The target product/service or...

7.1AI score
Exploits0
Gitee
Gitee
added 2021/03/11 5:57 p.m.3 views

metasploit-framework

This is an exploit module for the Metasploit Framework, a penetration testing tool. The module is designed to exploit a vulnerability in a specific target, which is not explicitly stated in the provided code. However, based on the code and the context, it appears that the target is a Windows...

7AI score
Exploits0
Gitee
Gitee
added 2021/03/06 4:46 p.m.3 views

thorn-linux

This is a Debian-based research and development platform for information security called Thorn Linux. It is designed to keep users up to date with the latest cybersecurity news while providing a hardened and anonymized penetration-testing environment. The platform includes a highly customized...

6.7AI score
Exploits0
Gitee
Gitee
added 2021/02/26 1:43 p.m.3 views

SpringBootVulExploit

This repository contains a collection of Spring Boot vulnerability exploit checklists, including information on how to exploit various vulnerabilities in Spring Boot applications. The repository includes several subdirectories, each containing a specific exploit: 1...

6.9AI score
Exploits0
Gitee
Gitee
added 2021/02/26 1:27 p.m.3 views

TPScan

thinkphp rce sql tools...

7.2AI score
Exploits0
Gitee
Gitee
added 2021/02/22 11:55 p.m.3 views

SHIRO-550

No description...

7AI score
Exploits0
Gitee
Gitee
added 2021/02/22 3:7 p.m.3 views

vulhub

This repository is an open-source collection of pre-built vulnerable Docker environments, known as Vulhub. It is an offensive tool for testing and demonstrating vulnerabilities in various software and systems. The primary vulnerability class targeted by Vulhub is not explicitly stated, but it...

8.6AI score
Exploits0
Gitee
Gitee
added 2021/02/17 10:52 p.m.3 views

exploitdb

This repository is an official collection of exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. It is a repository for exploits and Proof-of-Concepts rather than advisories, making it a valuable resource for those who need...

6.9AI score
Exploits0
Gitee
Gitee
added 2021/02/17 1:35 p.m.3 views

CMSmap

It is an offensive tool for web application security testing. The primary CVE ID is not present in the provided context. The target product/service or framework is not explicitly stated, but the tool appears to be designed for testing popular Content Management Systems CMSs such as WordPress,...

7.3AI score
Exploits0
Gitee
Gitee
added 2021/02/02 3:35 p.m.3 views

ysoserial

This is a Java-based tool called ysoserial, which generates payloads that exploit unsafe Java object deserialization. The tool is designed to create payloads that can be used to attack vulnerable Java applications. The tool uses a variety of payloads, including CommonsCollectionsK1,...

7.1AI score
Exploits0
Gitee
Gitee
added 2021/02/02 2:38 p.m.3 views

vulhub1

This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is a collection of vulnerable environments for testing and learning purposes, with no pre-existing knowledge of docker required. The repository contains a variety of vulnerable...

7.8AI score
Exploits0
Gitee
Gitee
added 2021/01/24 10:47 a.m.3 views

Exploit for OS Command Injection in Sonatype Nexus_Repository_Manager

CVE-2019-5475 CVE-2019-5475 与 CVE-2019-15588 靶场: RCE 命令注入漏洞 ------ 0x00 背景 CVE-2019-5475 是 Nexus 关于内置插件 Yum Repository 的 RCE 命令注入漏洞,其最早被披露于 hackerone,但因官方第一次修复不完整,故又衍生出了 CVE-2019-15588 漏洞。 这两个漏洞都需要以 admin 身份登录后才可以利用,但是 nexus 默认管理员密码 admin123 经常被忽略修改,很容易就被利用了。 0x10 靶场环境 0x20 目录结构 CVE-2019-5475 ├──...

9CVSS7.9AI score0.18396EPSS
Exploits5
Gitee
Gitee
added 2021/01/24 10:47 a.m.3 views

Exploit for CVE-2020-27949

This is a PoC exploit for CVE-2020-27949, a vulnerability in macOS's DTrace system that allows an attacker to read memory of other processes without elevated permissions. The exploit creates probes in the victim process using the /dev/fasttrap device, which lacks permission checks, allowing any...

5.5CVSS7.1AI score0.00977EPSS
Exploits2
Gitee
Gitee
added 2021/01/24 10:43 a.m.3 views

emp3r0r

This is a Linux post-exploitation framework made by linux user, known as emp3r0r. The framework is designed to provide a comprehensive set of tools for exploiting and manipulating Linux systems. The framework is composed of several components, including a build script, a command-line interface CL...

7.4AI score
Exploits0
Gitee
Gitee
added 2021/01/24 10:42 a.m.3 views

ctfs-1

This repository contains notes and code on past CTF Capture The Flag challenges, with a focus on web, crypto, and realistic challenges. The repository is organized into several sections, each covering a different type of challenge. The web section includes write-ups on various web-based challenge...

7.6AI score
Exploits0
Gitee
Gitee
added 2021/01/22 2:34 p.m.3 views

awesome-virtualization

This is a collection of resources about virtualization, not an exploit or offensive tool. It is a curated list of awesome resources about virtualization, including documentation, books, courses, papers, research projects, and more. The repository includes information on mainstream hypervisors,...

6.9AI score
Exploits0
Gitee
Gitee
added 2021/01/20 8:52 p.m.3 views

CTF-All-In-One

This is a book about CTF Capture The Flag competitions, specifically the Pwn binary exploitation module. The book is written by Yang Cheng, a member of L-Team, and is aimed at beginners. It covers the basics of binary security, including x86/x64 platforms, Linux systems, and the basics of exploit...

6.9AI score
Exploits0
Gitee
Gitee
added 2021/01/18 12:31 p.m.3 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

This repository is an offensive tool for a vulnerability hub. It contains various tools and exploits for testing and demonstrating vulnerabilities in different software and systems. The repository includes a range of tools, such as Docker image builders, format checkers, and Markdown linters, as...

9.8CVSS7.3AI score0.99686EPSS
Exploits53
Gitee
Gitee
added 2021/01/17 11:22 p.m.3 views

vulhub

This is an open-source collection of pre-built vulnerable docker environments. It is a repository for testing and demonstrating various vulnerabilities in different applications and frameworks. The repository contains a variety of vulnerable environments, including web applications, databases, an...

6.9AI score
Exploits0
Gitee
Gitee
added 2021/01/15 4:1 p.m.3 views

PayloadsAllTheThings

It is an offensive tool for general-purpose. This repository contains a collection of payloads for various purposes, including exploitation and testing. The payloads are not specifically tied to a particular CVE or GHSA ID. The target product/service or framework is not explicitly stated, but the...

7.1AI score
Exploits0
Gitee
Gitee
added 2021/01/13 10:39 p.m.3 views

penetration

This is a collection of exploit code and research for various vulnerabilities in web applications, specifically content management systems CMS. The code is written in various programming languages, including PHP, and is used to demonstrate how to exploit vulnerabilities in these systems. The...

8.4AI score
Exploits0
Gitee
Gitee
added 2021/01/09 1:29 a.m.3 views

PayloadsAllTheThings

This repository is an offensive tool for Web Application Security. It contains various tools and techniques for exploiting web applications, including a cheat sheet for CSRF injection, a CRLF injection tool, and a proof-of-concept for exploiting CORS misconfiguration. The tools and techniques in...

7.4AI score
Exploits0
Gitee
Gitee
added 2021/01/09 1:26 a.m.3 views

exploitdb

The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...

6.7AI score
Exploits0
Gitee
Gitee
added 2021/01/06 12:27 p.m.3 views

Exploit for OS Command Injection in Intelliantech Aptus_Web

It is a PoC exploit for CVE-2020-7980, a remote code execution vulnerability in Intellian Satellite controller Intellian Aptus Web. The exploit targets the vulnerability class/vector of RCE Remote Code Execution and is implemented as a Python script named satellian.py. The probable entry point is...

10CVSS8.2AI score0.82956EPSS
Exploits7
Gitee
Gitee
added 2020/12/29 8:32 p.m.3 views

poc

This repository appears to be a proof-of-concept PoC exploit for a vulnerability in Comodo Antivirus. The code is written in C++ and utilizes the Windows API to interact with the Comodo Antivirus service. The exploit targets the Comodo Antivirus service, which is responsible for scanning files an...

8AI score
Exploits0
Gitee
Gitee
added 2020/12/28 4:25 p.m.3 views

Exploit for Incorrect Default Permissions in Microsoft

Awesome Red Teaming List of Awesome Red Team / Red Teaming Resources This list is for anyone wishing to learn about Red Teaming but do not have a starting point. Anyway, this is a living resources and will update regularly with latest Adversarial Tactics and Techniques based on Mitre ATT&CK You c...

8.8CVSS8.9AI score0.15257EPSS
Exploits4
Gitee
Gitee
added 2020/12/23 7:5 p.m.3 views

IMChecker

It is an offensive tool for API-misuse detection. The repository, kangleli/IMChecker, is a tool for detecting API-misuse bugs in C programs. It is a static analysis tool that uses a domain-specific language DSL called IMSpec to specify API usage constraints. The tool is designed to identify...

7.1AI score
Exploits0
Total number of security vulnerabilities1886