1886 matches found
Exploit for Generation of Error Message Containing Sensitive Information in Postgresql
This is a PoC exploit for CVE-2021-3393, a Java source code static code analysis and danger function identifier program. The tool, named JavaID, identifies dangerous functions in Java source code by way of regular matching. It targets Java vulnerabilities such as XXE, Java Object Deserialization,...
metasploit-framework
This is an offensive tool for penetration testing. It is the Metasploit Framework, a comprehensive platform for developing and executing exploits. The framework is written in Ruby and provides a wide range of features for penetration testing, including exploit development, vulnerability scanning,...
Exploit for Improper Input Validation in Samsung Samsung_Mobile
PoC exploit for CVE-2016-4038, a 0day vulnerability in System Management Mode code execution for Lenovo ThinkPad model line. The exploit targets the SystemSmmRuntimeRt UEFI driver GUID: 7C79AC8C-5E6C-4E3D-BA6F-C260EE7C172E and allows arbitrary code execution in System Management Mode. The...
RedTeam-Tactics-and-Techniques
It is an offensive tool for Windows. The repository contains a script that appears to be a Windows shell extension, likely used for red teaming or penetration testing. The script is written in a format compatible with the Windows Taskbar and Shell. The script is designed to toggle the desktop,...
JustTryHarder
This is a cheat sheet repository for the PWK Pentester's Workbench course and the OSCP Offensive Security Certified Professional exam. It is inspired by PayloadAllTheThings. The repository contains various tools, scripts, and resources for penetration testing and exploitation. The repository...
Software-Security-Learning
It is an offensive tool for binary analysis. The repository Software-Security-Learning contains a collection of resources for learning software security, including tools and tutorials for binary analysis. The tools listed include Pharos, Angr, Vuzzer, PEDA, and pwntools, which are used for static...
rapidscan
This is a Python-based web vulnerability scanner called RapidScan. It is designed to automate the process of security scanning by using a multitude of available Linux security tools and some custom scripts. The tool is still under development and currently supports around 80 vulnerability tests...
TEE-reversing
This repository is an offensive tool for learning how to reverse-engineer and achieve trusted code execution on ARM devices. It contains a curated list of public TEE resources, including papers on TEE reversing and security analysis. The repository includes links to various papers and resources o...
MUD-Manager
This is an offensive tool for IoT devices. It is an exploit module for the Cisco MUD-Manager, which is a technique for constrained end devices to signal to the network what sort of access and network functionality they require to properly function. The tool is designed to exploit vulnerabilities ...
AutoRDPwn
This is a post-exploitation framework called AutoRDPwn, written in PowerShell. It is designed to automate the Shadow attack on Microsoft Windows computers, which allows a remote attacker to view and control the victim's desktop without their consent. The framework has a user-friendly interface an...
pwntools
This is a CTF Capture The Flag framework and exploit development library. It is a Python library that provides a set of tools for developing exploits and performing penetration testing. The library is designed to be extensible and customizable, allowing users to easily add new features and plugin...
hackingtool
This is an all-in-one hacking tool for hackers, written in Python. The tool is designed to be run on Linux, Kali Linux, or Parrot OS. It provides a menu-driven interface for various hacking tasks, including information gathering, wireless attacks, SQL injection, phishing, web attacks,...
Exploit for Out-of-bounds Read in Openssl
PoC exploit for CVE-2014-0160 Heartbleed. The target product/service is OpenSSL, and the vulnerability class/vector is memory disclosure specifically, the ability to extract private keys. The probable entry point is the ssl3writebytes function, which is sometimes exported in OpenSSL libraries. Th...
Exploit for CVE-2021-34527
A PrintNightmare CVE-2021-34527 Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE not the LPE and generates a CSV report with the results. Tests exploitability over MS-PAR and MS-RPRN. This tool has "de-fanged" versions of the Python exploits, it does not actually...
command-injection-payload-list
It is an offensive tool for web application security. The primary CVE ID is not explicitly mentioned, but the description pertains to OS command injection vulnerabilities. The target product/service is web applications, and the vulnerability class/vector is OS command injection. Notable...
graphql-playground
This is a repository for the GraphQL Playground, a development environment for building and testing GraphQL APIs. The repository contains several packages, including GraphQL Playground HTML, GraphQL Playground Express Middleware, GraphQL Playground Koa Middleware, and GraphQL Playground Hapi...
welpwn
Introduction Pwnning is an art. welpwn is designed to make pwnning an art, freeing you from dozens of meaningless jobs. Features - Automatically get those magic values for you. - libc address - heap address - stack address - program address with PIE - canary - Support multi glibc debugging. - 2.1...
Gopherus
This tool, Gopherus, is designed to generate gopher links for exploiting Server-Side Request Forgery SSRF and gaining Remote Code Execution RCE in various servers. The tool supports multiple protocols and services, including MySQL, PostgreSQL, FastCGI, Memcached, Redis, Zabbix, and SMTP. The tool...
WindowsRegistryRootkit
It is an offensive tool for Windows. This repository contains a kernel rootkit that resides within Windows registry value data, developed by Oleksiuk Dmytro aka Cr4sh. The rootkit exploits a zero-day vulnerability in win32k.sys, a Windows kernel-mode driver, through a buffer overflow in the...
Some-PoC-oR-ExP
This repository is an offensive tool for collecting or writing various vulnerability POCs and exploits. The primary vulnerability targeted by the provided code is CNVD-2020-10487, a Tomcat-Ajp LFI Local File Inclusion vulnerability. The tool is designed to exploit this vulnerability to gain...
Exploit for OS Command Injection in Apache Airflow
This is a proof-of-concept PoC exploit for CVE-2020-11978, a remote code execution RCE vulnerability in Apache Airflow's example DAGs. The exploit targets Airflow versions less than 1.10.11 and allows an attacker to execute arbitrary commands on the system. The exploit uses the Airflow Experiment...
Exploit for Use After Free in Adobe Flash_Player
CobaltStrike-Toolset Aggressor Script, Kit, Malleable C2 Profiles, External C2 and so on - Kits - ResourceKit - ExploitKit - Aggressor Script - chromedumpmimikatz.cna - nopowershell - SMBexecpsh Further Resources nopowershell smbexecpsh.cna CVE-2018-15982...
Exploit for Deserialization of Untrusted Data in Google Android
CVE-2024-31317 Can I even use this? This was patched in https://source.android.com/docs/security/bulletin/2024-06-01 If your device runs a patch under 2024-06-01 you can use this. The "Google Play system update" date is irrevelant and you can and should update your google play. How to use the...
Exploit for Use After Free in Google Android
This is a PoC Proof of Concept application demonstrating the power of an Android kernel arbitrary R/W, targeting CVE-2019-2215. The application is designed to exploit this vulnerability, which allows for arbitrary read and write access to the kernel. The exploit is implemented in the native/poc.c...
Vanquish
It is an offensive tool for enumeration. The tool is called Vanquish, and it is designed to perform multiple active information gathering phases on a target system. It is built in Python and leverages various open-source enumeration tools on Kali Linux. The tool can be installed using the command...
Exploit for Use After Free in Microsoft
PoC exploit for CVE-2019-0708. The target product/service is Windows Remote Desktop, and the vulnerability class/vector is a remote code execution RCE vulnerability. The probable entry point is the poc.py script, which is typically invoked by running it directly. The expected impact is remote cod...
pentest_compilation
It is an offensive tool for Windows. The repository contains a compilation of commands, tips, and scripts used for penetration testing and red teaming exercises. The provided code snippet is an XML file named "detalle.SettingContent-ms" located in the "Phishing" directory. This file appears to be...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Advantech Webaccess
This is a proof-of-concept PoC exploit for a vulnerability in the bwconn.dll library, which is a Windows RPC Remote Procedure Call client. The vulnerability is identified as CVE-2016-0856. The PoC exploit is written in Python and uses the ctypes library to interact with the bwconn.dll library. Th...
Exploit for CVE-2015-1805
This repository contains a collection of exploits for various vulnerabilities, including CVE-2015-1805, CVE-2017-7184, CVE-2017-2636, and CVE-2017-8890. The exploits are written in C and are designed to demonstrate the vulnerabilities in the Linux kernel. CVE-2015-1805 is a vulnerability in the...
advisory-db
This is a security advisory database for Rust crates published through crates.io. The database is stored in TOML format and contains information about security advisories filed against various Rust crates. The advisories include details such as the affected package, patched versions, and a...
ruby-advisory-db
This is a database of security advisories for Ruby libraries, maintained by the ruby-advisory-db project. The database contains a list of directories that match the names of Ruby libraries on rubygems.org, with each directory containing one or more advisory files for the library. Each advisory fi...
Exploit for CVE-2021-22006
It is an exploit module/toolkit targeting JNDI vulnerabilities. The primary CVE ID is CVE-2021-22006. The target product/service is Java-based applications, specifically those using JNDI services. The vulnerability class/vector is RCE Remote Code Execution, and the probable entry points are...
Windows
It is an offensive tool for Windows exploitation. The repository contains a collection of tools for exploiting Windows, including exploits, post-exploitation agents, and PowerShell tools. The tools are organized into categories, such as Exploitation, PowerShell, and Misc. Some of the tools includ...
peda
This repository is an offensive tool for exploit development. It is a Python Exploit Development Assistance for GDB PED A, which is a script that helps speed up the exploit development process on Linux/Unix. The tool is designed to work with GDB 7.x and Python 2.6+. The tool has various features,...
discover
This is a collection of custom bash scripts used to automate various penetration testing tasks, including reconnaissance, scanning, enumeration, and malicious payload creation using Metasploit. The scripts are designed to be used with Kali Linux. The scripts are organized into several categories,...
TL-BOTS
The repository TL-BOTS contains a collection of source code for various botnets. The botnets are categorized into several folders, including TL.BOTNET, TL.EXPLOITSCAN, and TL.IRC. The TL.BOTNET folder contains botnets that may be merged with TL-TROJAN at a later date, while the TL.EXPLOITSCAN...
postenum
It is an offensive tool for Linux enumeration and privilege escalation. The primary CVE ID is not explicitly mentioned, but the tool is designed to automate the process of gathering critical system information after gaining a foothold, which implies it targets vulnerabilities that allow initial...
ExploitRemotingService
This is a .NET Remoting Service exploit tool. It is a proof-of-concept PoC exploit for a vulnerability in the .NET Remoting Service. The tool is designed to demonstrate the exploitation of this vulnerability, which allows an attacker to execute arbitrary code on a remote system. The tool consists...
graphql-playground
It is an offensive tool for GraphQL. This repository contains a proof-of-concept PoC exploit for a vulnerability in the GraphQL Playground, a popular IDE for GraphQL development. The exploit targets an XSS Reflection attack vulnerability in the graphql-playground-html package, which was resolved ...
boopkit
This is a Linux rootkit and backdoor built using eBPF Extended Berkeley Packet Filter. The tool is called "boopkit" and is designed to establish a reverse TCP connection from a remote server to a local machine. The tool has several options, including: -lhost and -lport to specify the local host a...
Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server
CNVD-C-2019-48814 WebLogic wls9-async反序列化远程命令执行漏洞 回显poc for weblogic Patch update: https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html 漏洞复现: http://10.10.20.166:7001/async/AsyncResponseService curl -i http://10.10.20.166:7001/async/favicon.ico CNVD-C-2019-48814...
xsser
XSSER ========== Presentation From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 Demo Version 2.0 - 2015: https://www.youtube.com/playlist?list=PLIjb28IYMQgqqqApoGRCZO40vP-eKsgf Version 2.5 - 2016: https://www.youtube.com/playlist?list=PLRic6PgcrsWGkgacL6WFnSQKVRZIoofRj Version 2.75 - 2017: Non...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796 Remote Code Execution POC c 2020 ZecOps, Inc. - https://www.zecops.com - Find Attackers' Mistakes Remote Code Execution POC for CVE-2020-0796 / "SMBGhost" Expected outcome: Reverse shell with system access. Intended only for educational and testing in corporate environments. ZecOps...
Auto-Root-Exploit
Auto-Root-Exploit Auto Root Exploit Tool Author : Nilotpal Biswas Facebook : https://www.facebook.com/nilotpal.biswas.73 Twitter : https://twitter.com/nilotpalhacker USAGE : for kernel version 2.6 all bash autoroot.sh 2 for kernel version 3 all bash autoroot.sh 3 for kernel version 4 all bash...
metasploit-framework
This repository is an offensive tool for Metasploit Framework. The primary CVE ID is not explicitly mentioned, but it is likely related to the Metasploit Framework itself. The target product/service or framework is Metasploit Framework, a penetration testing platform. The vulnerability class/vect...
KitHack
This is a collection of tools and scripts for the KitHack framework, a penetration testing tool. The repository includes a Python script, clean.sh, which is used to clean up the tools directory. The script checks if the user has root permissions and, if so, removes any tools that are not empty. T...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Redhat Enterprise_Linux
PoC exploit for CVE-2020-2732. It is an exploit for the PlayStation 4 on 5.05 firmware. The exploit targets the kernel and allows for arbitrary code execution. The exploit includes autolaunching code for Mira and Vortex's HEN payload. The bug was discovered by qwertyoruiopz. The exploit includes...
pentestdb
This is a repository of penetration testing tools and resources, specifically designed for web application security testing. The repository is called "pentestdb" and is maintained by a user named "alpha1e0". The repository contains a variety of tools and resources, including: 1. Exploit systems: ...
Exploit for Out-of-bounds Read in Openssl
This repository is an exploit for CVE-2014-0160, also known as the Heartbleed vulnerability. The exploit is designed to abuse OpenSSL clients that are vulnerable to this issue. The target product/service is OpenSSL, and the vulnerability class/vector is a buffer overflow in the TLS heartbeat...
p0wnedShell
This is an offensive PowerShell host application written in C that runs PowerShell commands and functions within a PowerShell runspace environment. It includes various offensive PowerShell modules and binaries to facilitate post-exploitation activities, such as bypassing mitigations and creating...