1886 matches found
vulhub
This is an open-source collection of pre-built vulnerable docker environments. It is a toolkit for defensive blue-team research and threat mitigation, providing a platform for testing and analyzing vulnerabilities in a controlled environment. The repository contains a variety of vulnerable...
vulscan
This is a Python-based web application for vulnerability scanning and management. The application is built using Django and has several features, including: 1. Vulnerability Scanning: The application can scan for vulnerabilities in web applications using a variety of plugins POCs. 2. Vulnerabilit...
Exploit for SQL Injection in Zabbix
This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary CVEs mentioned in the repository are CVE-2016-10134, CVE-2017-2824, and CVE-2020-11800. The target product/service or framework is not explicitl...
suricata-rules
It is an offensive tool for cryptocurrency mining. The repository contains rules for detecting DNS queries to public cryptocurrency mining pool domains. The rules are designed to identify queries to various mining pool domains, including pool.minergate.com, pool.minexmr.com, opmoner.com,...
vulscan
This is a Python-based web application for vulnerability scanning and management. The application is built using Django and has several features, including: 1. Vulnerability Scanning: The application can scan for vulnerabilities in web applications using a variety of plugins POCs. 2. Plugin...
CDK
This is an offensive tool for container penetration. It is called CDK Container Penetration Toolkit and is designed for offering stable exploitation in different slimmed containers without any OS dependency. The tool comes with useful net-tools and many powerful PoCs/EXPs that help users to escap...
Exploit for Improper Initialization in Apple Ipados
This is a PoC exploit for CVE-2020-27950, a vulnerability in the macOS kernel that allows for a port pointer leak. The exploit targets the macOS kernel and leverages a vulnerability in the kalloc.1024 buffer to allocate a controlled buffer with a magic value. The exploit then creates an ipckmsg...
XSS_Bypass_Payload
It is an offensive tool for XSS. The repository contains a collection of XSS bypass payloads, which are used to exploit vulnerabilities in web applications to inject malicious code. The payloads are designed to bypass various security measures, such as Content Security Policy CSP and XSS filters...
Exploit for Improper Input Validation in Cisco Adaptive_Security_Appliance_Software
PoC exploit for CVE-2020-3452, an unauthorized remote file reading vulnerability in Cisco Adaptive Security Appliance and FTD Software. The exploit uses Shodan to scan for vulnerable targets, then attempts to exploit the vulnerability by sending crafted HTTP requests to the identified targets. Th...
exploitdb
This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit Database is a...
BigBountyRecon
No description...
vulhub
It is an offensive tool for Docker environments. The primary CVE ID is not explicitly mentioned, but the tool targets various vulnerable Docker environments, including CouchDB, FFmpeg, Git, InfluxDB, and Oracle Java. The tool is designed to test and demonstrate vulnerabilities in these...
vulhub
It is an offensive tool for Docker environments. The repository contains a collection of vulnerable Docker environments, including CouchDB, ffmpeg, git, and influxdb, among others. The environments are designed to be used for testing and training purposes, allowing users to practice exploiting...
vulhub
It is an offensive tool for web application security training. The primary vulnerability is not explicitly stated, but the repository contains a variety of vulnerable docker environments, including those for web applications, databases, and other services. The environments are designed to be...
BurpSuite-collections
No description...
graduation_design
This is a Python script for a web intrusion detection system using machine learning. The script uses the scikit-learn library to implement a supervised learning approach. It collects and preprocesses normal requests and attack payloads, and uses a Support Vector Machine SVM to classify new reques...
pwntools
This repository is an offensive tool for binary exploitation. The primary vulnerability targeted by this tool is not explicitly stated in the provided context, but the tool is designed for binary exploitation, which suggests that it may be targeting a vulnerability that allows for code execution ...
metasploit-framework
This is a Metasploit Framework repository. The Metasploit Framework is an open-source penetration testing platform that provides a comprehensive set of tools for identifying and exploiting vulnerabilities in computer systems and applications. The framework is written in Ruby and provides a modula...
vulscan
This is a Python-based web application for vulnerability scanning and management. The application is built using Django and has several features, including: 1. Vulnerability Scanning: The application can scan for vulnerabilities in websites and applications using a list of predefined POC Proof of...
vulhub2
It is an offensive tool for web application security training. The primary vulnerability targeted by this tool is not explicitly stated, but based on the provided code and metadata, it appears to be a web application vulnerability. The tool is designed to test the security of web applications, an...
vulhub
It is an offensive tool for web application security testing. The repository contains a collection of pre-built vulnerable docker environments for testing web application security. The tool is designed to be easy to use, requiring only two simple commands to compile and run a vulnerable...
vulhub
It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector ...
isf
This repository is an Industrial Exploitation Framework ISF for testing and exploiting industrial control systems ICS. It is a Python-based framework similar to Metasploit. The framework is based on the open-source project routersploit and includes various clients and modules for different ICS...
vulhub
It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector targeted by Vulhub is not explicitly stated, but based on the provided code and metadata, it appears to be a collection of various vulnerabilities, including but not limited to, SQL...
BurpSuite-collections
No description...
pwntools
This is an open-source repository for the pwntools project, a Python library for reverse engineering and exploitation. The repository contains various files and workflows for contributing to the project, including issue templates, pull request templates, and workflows for continuous integration a...
pwntools
This repository is an offensive tool for binary exploitation. The primary vulnerability targeted by this tool is not explicitly stated in the provided context, but it is likely a remote code execution RCE vulnerability, given the nature of the tool. The target product/service or framework is not...
metasploit-framework
This is an exploit module for the Metasploit Framework, a penetration testing tool. The module is designed to target a specific vulnerability in a Windows system, exploiting the SMB protocol to gain remote code execution. The module is written in Ruby and is part of the Metasploit Framework's...
shadowbroker
This repository, xyx2524/shadowbroker, contains a collection of exploits and tools for various vulnerabilities. The repository includes a README file that links to a Steemit post and an archive of a GitHub repository, misterch0c/shadowbroker. The post and repository contain information on a group...
nishang
This repository is an offensive tool for Windows systems, specifically for adding backdoors and executing malicious scripts. The primary vulnerability class is privilege escalation, as the tools aim to gain elevated privileges on the target system. The probable entry points include PowerShell...
suricata-rules
This repository contains Suricata IDS Intrusion Detection System rules for detecting various types of malicious activity, including CobaltStrike, CryptoMiner, and other threats. The rules are designed to identify specific patterns and behaviors associated with these threats. The rules are organiz...
penetration
This repository contains a collection of exploits and vulnerabilities for various web applications, including CMS platforms. The exploits are categorized by the affected application, and each category contains multiple exploits. The exploits are written in various programming languages, including...
Scanners-Box
This is a collection of open-source scanning tools, referred to as "Scanners Box" or "scanbox," maintained by the user "We5ter" on GitHub. The repository contains various tools for scanning and testing different aspects of a system or network, including subdomain enumeration, database vulnerabili...
CMSmap
This is a Python-based CMS Content Management System scanner called CMSmap. It is designed to automate the process of detecting security flaws in popular CMSs such as WordPress, Joomla, Drupal, and Moodle. The tool is still in its early stages and may contain bugs or flaws. The tool uses a...
VEF
This is a Vulnerability Exploitation Framework VEF repository, which is a collection of tools and scripts for exploiting vulnerabilities in various systems and applications. The framework is written in Python and utilizes various APIs from different vulnerability databases, including Censys, Fofa...
vulhub
This is an open-source collection of pre-built vulnerable docker environments. It is not a PoC exploit for a specific CVE, but rather a toolkit for testing and demonstrating vulnerabilities. The repository contains a variety of vulnerable environments, including ones for Flask, Apache, and Jenkin...
pocsuite3
Based on the provided code and metadata, here is a compact paragraph of 5-7 sentences summarizing the analysis: pocsuite3 is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec 404 Team. It comes with a powerful proof-of-concept engine...
BurpSuite-collections
No description...
BurpSuite-collections
No description...
vulhub
It is an offensive tool for Docker environments. The primary vulnerability targeted by this repository is not explicitly stated, but it appears to be a collection of pre-built vulnerable Docker environments. The repository includes various Docker Compose files for different vulnerabilities,...
PayloadsAllTheThings
It is an offensive tool for general-purpose payloads. The repository contains a collection of payloads for various purposes, but no specific exploit or vulnerability is mentioned. The provided code snippet is a funding model configuration for GitHub Sponsors and Ko-fi, indicating that the...
vulhub
It is an offensive tool for Docker environments. The repository contains pre-built vulnerable environments based on Docker-Compose, allowing users to easily set up and test various vulnerabilities. The tool is designed to be user-friendly, requiring no prior knowledge of Docker, and can be...
exploits
This is an exploit repository containing various tools and scripts for exploiting vulnerabilities in different software products. The primary target of the exploit is the Zoho Meeting application, specifically the "aeagent.exe" process, which has a known vulnerability that allows remote code...
Some-PoC-oR-ExP
This repository is an offensive tool for collecting or writing various vulnerability PoCs proofs of concept and exploits. The primary vulnerability targeted by the code is a remote code execution RCE vulnerability in Apache Tomcat, identified as CNVD-2020-10487. The exploit is implemented in Pyth...
Exploit for CVE-2015-6606
This is a simple exploit for verification of CVE-2015-6606, a code injection vulnerability in the SEEK smartcard service versions 3.1.0 and below. The exploit allows specially crafted Android application packages to inject arbitrary code into the execution context of the smartcard system service,...
linux-exploit-development-tutorial
It is an offensive tool for Linux. This is a tutorial for Linux exploit development, specifically targeting stack and heap security mechanisms. The tutorial covers various topics, including format string attacks, integer overflow, and buffer overflow attacks. It also discusses how to bypass...
shadowbroker
This repository, "shadowbroker," contains a collection of exploits and tools leaked by the Shadow Brokers group. The exploits target various vulnerabilities in software and systems, including Red Hat, Solaris, Samba, IIS, and Windows operating systems. The exploits are categorized into several...
ctf-2
This repository contains the writeup for the CSAW CTF 2015, a cybersecurity competition. The writeup is written in Polish and English, with the Polish version first. The writeup covers various challenges from the competition, including web, exploit, crypto, reversing, and forensics challenges. Ea...
metasploit-framework
This is an open-source project repository for the Metasploit Framework, a popular penetration testing tool. The repository contains various files and directories related to the project, including configuration files, test files, and documentation. The Metasploit Framework is a software platform f...
Pocsuite
This is an offensive tool for vulnerability exploitation. It is a Python-based framework for developing and executing proof-of-concept PoC exploits, primarily targeting web applications. The framework, known as Pocsuite, is designed to simplify the process of creating and executing exploits, maki...