Lucene search
K
GiteeMost viewed

1886 matches found

Gitee
Gitee
added 2020/09/01 9:22 a.m.2 views

Pocsuite

This is an offensive tool for vulnerability exploitation. It is a Python-based framework for developing and executing proof-of-concept PoC exploits, primarily targeting web applications. The framework, known as Pocsuite, is designed to simplify the process of creating and executing exploits, maki...

7.3AI score
Exploits0
Gitee
Gitee
added 2020/08/26 3:37 p.m.2 views

vulhub

It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but it appears to be a collection of vulnerable environments based on Docker-Compose. The vulnerability class/vector is not specified, but it likely involves we...

8.1AI score
Exploits0
Gitee
Gitee
added 2020/08/07 12:45 p.m.2 views

metasploit-framework

This is a Metasploit Framework repository, a widely used penetration testing tool. The framework is used for identifying and exploiting vulnerabilities in computer systems and applications. The primary target of this framework is the Metasploit Framework itself, which is a Ruby-based framework fo...

8.3AI score
Exploits0
Gitee
Gitee
added 2020/08/06 5:56 p.m.2 views

exploiting

It is an offensive tool for Linux and Windows exploitation. The repository contains a PoC exploit for an unspecified vulnerability, likely related to the 3dsctf2016 challenge. The exploit targets a Linux system and appears to be a binary ELF file. The code snippet shows a getstarted script that i...

7AI score
Exploits0
Gitee
Gitee
added 2020/08/06 3:56 p.m.2 views

CTF-Web-Challenges

This is a PHP challenge where the goal is to get a shell on the server. The challenge is hosted on a Docker container, and the PHP code is written in a way that makes it difficult to execute arbitrary code. The challenge involves using the session.uploadprogress feature in PHP, which allows us to...

7.7AI score
Exploits0
Gitee
Gitee
added 2020/08/05 5:23 p.m.2 views

WhyNot-HEAP-Exploitation

This repository is for a proof-of-concept PoC exploit for a vulnerability in the glibc library, specifically targeting the House of Force attack. The House of Force attack is a type of attack that exploits the way glibc handles memory allocation and deallocation, allowing an attacker to control t...

7.5AI score
Exploits0
Gitee
Gitee
added 2020/08/05 9:47 a.m.2 views

Gopherus

This is a Python script that generates payloads for exploiting Server-Side Request Forgery SSRF vulnerabilities in various services, including MySQL, PostgreSQL, FastCGI, Memcached, Redis, Zabbix, and SMTP. The script uses a variety of techniques to generate payloads, including Python, Ruby, and...

7.1AI score
Exploits0
Gitee
Gitee
added 2020/07/29 6:22 p.m.2 views

shadowbroker

This repository, hc1216/shadowbroker, contains a collection of exploits and tools for various vulnerabilities. The repository was initially reported to contain sensitive data, leading to the deletion of several files. The remaining files include a mix of exploit code, payloads, and documentation...

8.2AI score
Exploits0
Gitee
Gitee
added 2020/07/27 9:29 a.m.2 views

maltrail

It is an offensive tool for network traffic detection. The primary CVE ID is not explicitly mentioned, but it utilizes publicly available blacklists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists. Th...

6.6AI score
Exploits0
Gitee
Gitee
added 2020/07/20 12:22 p.m.2 views

BurpSuite-collections

是...

7AI score
Exploits0
Gitee
Gitee
added 2020/06/12 4:28 p.m.2 views

SecGen

This is a Ruby application called SecGen, which generates vulnerable virtual machines for security penetration testing. The application uses Vagrant, Puppet, and Ruby to create randomly vulnerable virtual machines based on a scenario specification. The scenario can specify constraints and...

7AI score
Exploits0
Gitee
Gitee
added 2020/06/10 11:6 a.m.2 views

Awesome_shiro

Awesomeshiro反序列化漏洞复现...

7AI score
Exploits0
Gitee
Gitee
added 2020/06/09 9:7 a.m.2 views

AndroidSecNotes

原文 by 瘦蛟舞 0x00 序 随着移动安全越来越火,各种调试工具也都层出不穷,但因为环境和需求的不同,并没有工具是万能的。另外工具是死的,人是活的,如果能搞懂工具的原理再结合上自身的经验,你也可以创造出属于自己的调试武器。因此,笔者将会在这一系列文章中分享一些自己经常用或原创的调试工具以及手段,希望能对国内移动安全的研究起到一些催化剂的作用。 文章中所有提到的代码和工具都可以在我的github下载到,地址是: https://github.com/zhengmin1989/TheSevenWeapons 0x01 利用函数挂钩实现native层的hook...

7AI score
Exploits0
Gitee
Gitee
added 2020/06/04 10:53 a.m.2 views

Some-PoC-oR-ExP

This repository contains a collection of proof-of-concept PoC exploits and exploits for various vulnerabilities. The primary classification of this repository is 'PoC exploit for CVE-YYYY-NNNN'. The primary CVE ID present in the context is CNVD-2020-10487, which is related to a Tomcat-Ajp LFI...

6.7AI score
Exploits0
Gitee
Gitee
added 2020/05/26 11:42 p.m.2 views

Exploit for Use After Free in Microsoft

CVE-2019-0708 真烦那些整天黑菜虚昆的人 在B站上面黑就算了,因为我基本上不看B站 现在出个漏洞还要黑,你们不累吗?反正我不累 好吧进入正题 目标需开启3389 电脑右键允许远程连桌面连接 命令: python CVE-2019-0708-poc.py 192.168.1.106...

10CVSS7.1AI score0.99999EPSS
Exploits123
Gitee
Gitee
added 2020/05/16 11:38 a.m.2 views

Windows-Pwn-Step-by-Step

This is a Windows executable file ExploitMe1.exe that appears to be a proof-of-concept PoC exploit for a vulnerability in the Windows operating system. The file is a Visual Studio project that has been compiled and packaged into an executable. The executable is designed to exploit a vulnerability...

7.3AI score
Exploits0
Gitee
Gitee
added 2020/05/13 9:34 p.m.2 views

metasploit-framework

This is an instance of the Metasploit Framework repository, a widely used penetration testing tool. The Metasploit Framework is a comprehensive platform for testing and exploiting vulnerabilities in computer systems and applications. It is a collection of tools and scripts that can be used to...

7.2AI score
Exploits0
Gitee
Gitee
added 2020/05/12 6:22 p.m.2 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an offensive tool for web application security testing. The primary CVE ID present in the provided context is CVE-2016-9086. The target product/service or framework is GitLab. The vulnerability class/vector is a remote code execution RCE vulnerability. The probable entry point is the GitLab...

6.5CVSS8.2AI score0.05388EPSS
Exploits39
Gitee
Gitee
added 2020/05/08 5:50 p.m.2 views

ctf_repo

This is a Python script for a CTF Capture The Flag challenge called "FunPwn". The script is designed to automate the game by interacting with the game's console. Here's a breakdown of the script: 1. The script starts by importing the pwn module, which is a Python library for exploitation. 2. The...

7.1AI score
Exploits0
Gitee
Gitee
added 2020/05/01 12:3 p.m.2 views

fastjson-poc

This is a Java-based proof-of-concept PoC code for exploiting a remote code execution RCE vulnerability in the FastJSON library, specifically in versions 1.2.22 to 1.2.24. The code is designed to bypass the autotype mechanism in FastJSON, which is a security feature that prevents certain types of...

8.1AI score
Exploits0
Gitee
Gitee
added 2020/04/26 9:32 a.m.2 views

penetration

This repository contains a collection of exploit files for various vulnerabilities in web applications, specifically CMS Content Management System platforms. The exploits are categorized by the CMS platform they target, and each file contains a description of the vulnerability and the exploit cod...

8.3AI score
Exploits0
Gitee
Gitee
added 2020/04/21 11:39 a.m.2 views

Information_Collection_Handbook

It is an offensive tool for information collection. The repository contains a collection of tools and scripts for gathering information about a target, including domain information, application information, and more. The tools are likely used for reconnaissance and intelligence gathering purposes...

6.7AI score
Exploits0
Gitee
Gitee
added 2020/04/20 10:54 a.m.2 views

EQGRP

This is a repository containing the decrypted contents of a file named "eqgrp-auction-file.tar.xz". The repository includes three files: "Linux/bin/7z", "Linux/bin/7z.so", and "Linux/bin/7za". These files are likely related to the 7-Zip file archiver. The "Linux/bin/7z" file is an ELF Executable...

6.9AI score
Exploits0
Gitee
Gitee
added 2020/04/19 11:33 a.m.2 views

PowerShell-Suite

This is an exploit module/toolkit targeting Windows UAC User Account Control bypass. The module, named "Bypass-UAC," provides a framework for performing UAC bypasses based on auto-elevating IFileOperation COM object method calls. It implements a function that rewrites PowerShell's PEB Process...

6.9AI score
Exploits0
Gitee
Gitee
added 2020/04/17 9:43 a.m.2 views

SCANNER-INURLBR

It is an offensive tool for web application vulnerability scanning. The primary CVE ID present in the context is not explicitly mentioned, but the tool is designed for Google Hacking and web application vulnerability scanning. The target product/service or framework is not explicitly stated, but...

6.9AI score
Exploits0
Gitee
Gitee
added 2020/03/28 4:31 p.m.2 views

metasploit-framework

This is an exploit module for the Metasploit Framework, a penetration testing tool. The module is designed to exploit a vulnerability in a specific target, but the exact target and vulnerability are not specified in the provided code. The module is written in Ruby and uses the Metasploit framewor...

7.1AI score
Exploits0
Gitee
Gitee
added 2020/03/28 4:30 p.m.2 views

ptf

The Penetration Testers Framework PTF is a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. It is a modular framework that installs and updates various penetration testing tools, compiles them, and makes...

7.4AI score
Exploits0
Gitee
Gitee
added 2020/03/27 12:29 p.m.2 views

metasploit-framework

This is the Metasploit Framework repository, a comprehensive collection of exploit modules and tools for penetration testing and vulnerability assessment. The framework is written in Ruby and provides a wide range of features for discovering and exploiting vulnerabilities in various systems and...

7AI score
Exploits0
Gitee
Gitee
added 2020/01/24 12:39 p.m.2 views

vulscan

This is a Python-based web application for vulnerability scanning and management. The application is built using the Django framework and includes various features such as: 1. Vulnerability Scanning: The application can scan for vulnerabilities in web applications using a variety of plugins POCs...

6.8AI score
Exploits0
Gitee
Gitee
added 2020/01/21 4:30 p.m.2 views

metasploit-framework

This is an offensive tool for Metasploit Framework. The Metasploit Framework is a penetration testing platform that provides a comprehensive set of tools for exploiting vulnerabilities in software applications. It is primarily used by security researchers and penetration testers to identify and...

7.1AI score
Exploits0
Gitee
Gitee
added 2019/12/14 1:51 a.m.2 views

venom

This is a Metasploit framework module for generating shellcode and compiling it into an executable file. The module, named "venom," is designed to produce shellcode in various formats C, Python, Ruby, DLL, MSI, HTA-PSH and inject it into a template e.g., Python that executes the shellcode in RAM...

7.2AI score
Exploits0
Gitee
Gitee
added 2019/12/06 6:17 p.m.2 views

metasploit-framework

This is an offensive tool for Metasploit Framework. The Metasploit Framework is a penetration testing platform that provides a comprehensive set of tools for discovering, exploiting, and analyzing vulnerabilities in computer systems. It is widely used by security researchers and penetration teste...

7.1AI score
Exploits0
Gitee
Gitee
added 2019/05/06 10:3 p.m.2 views

Shr3dKit

This is an offensive tool for Red Team operations. The tool kit, named Shr3dKit, is a collection of scripts and tools for various stages of a Red Team engagement, including reconnaissance, weaponization, delivery, command and control, lateral movement, establishing a foothold, escalating...

7AI score
Exploits0
Gitee
Gitee
added 2020/11/13 9:10 p.m.1 views

vulhub

It is an offensive tool for Vulnerability Environment Based on Docker-Compose. The repository contains a collection of pre-built vulnerable docker environments, allowing users to easily create and test vulnerable environments without requiring prior knowledge of docker. The tool includes various...

6.9AI score
Exploits0
Gitee
Gitee
added 2020/07/10 9:15 a.m.1 views

SpringBootVulExploit

This repository contains a collection of Spring Boot vulnerability exploitation tools and techniques. The tools are designed to exploit various vulnerabilities in Spring Boot applications, including remote code execution RCE, privilege escalation, and data exfiltration. The repository includes...

8.8AI score
Exploits0
Gitee
Gitee
added 2019/12/22 1:17 a.m.1 views

Vxscan

This is a Python script called Vxscan, which is a comprehensive scanning tool. It is written in Python 3.6 or later and is designed to perform various scanning tasks, including sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system...

7.7AI score
Exploits0
Total number of security vulnerabilities1886