Lucene search
K
GiteeMost viewed

1886 matches found

Gitee
Gitee
added 2025/09/14 6:3 p.m.97 views

postenum

It is an offensive tool for Linux enumeration and privilege escalation. The primary CVE ID is not explicitly mentioned, but the tool is designed to automate the process of gathering critical system information after gaining a foothold, which implies it targets vulnerabilities that allow initial...

6.7AI score
Exploits0
Gitee
Gitee
added 2025/09/14 6:1 p.m.97 views

Exploit for Use of Uninitialized Resource in Vmware Fusion

This is a VMware Escape Exploit, a proof-of-concept PoC exploit for CVE-2017-4905, targeting VMware WorkStation 12.5.5 and earlier versions. The exploit is designed to escape the VMware environment and execute arbitrary code on the host system. The exploit is written in C and uses a heap...

5.5CVSS8.3AI score0.01204EPSS
Exploits3
Gitee
Gitee
added 2025/07/27 4:46 a.m.97 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 PoC aka CoronaBlue aka SMBGhost Usage ./CVE-2020-0796.py servername This script connects to the target host, and compresses the authentication request with a bad offset field set in the transformation header, causing the decompressor to buffer overflow and crash the target. This...

10CVSS9.5AI score0.9981EPSS
Exploits125
Gitee
Gitee
added 2025/07/06 3:24 a.m.97 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 Remote Code Execution POC c 2020 ZecOps, Inc. - https://www.zecops.com - Find Attackers' Mistakes Remote Code Execution POC for CVE-2020-0796 / "SMBGhost" Expected outcome: Reverse shell with system access. Intended only for educational and testing in corporate environments. ZecOps...

10CVSS9.3AI score0.9981EPSS
Exploits128
Gitee
Gitee
added 2025/09/14 6:9 p.m.96 views

pentestdb

This is a repository of penetration testing tools and resources, specifically designed for web application security testing. The repository is called "pentestdb" and is maintained by a user named "alpha1e0". The repository contains a variety of tools and resources, including: 1. Exploit systems: ...

7AI score
Exploits0
Gitee
Gitee
added 2025/09/14 11:52 a.m.96 views

Exploit for Out-of-bounds Read in Openssl

This is an exploit module/toolkit targeting the Heartbleed vulnerability CVE-2014-0160. The target product/service is OpenSSL, and the vulnerability class/vector is a buffer overflow in the TLS heartbeat extension, allowing for memory disclosure. The probable entry point is the ssl3writebytes...

7.5CVSS8.4AI score0.99999EPSS
Exploits87
Gitee
Gitee
added 2025/09/14 11:39 a.m.96 views

nishang

This repository is an offensive tool for Windows systems. It contains a collection of PowerShell scripts that can be used to exploit various vulnerabilities and gain unauthorized access to a system. The scripts are designed to be used by attackers to gain a foothold on a system and then escalate...

7.6AI score
Exploits0
Gitee
Gitee
added 2025/09/06 12:44 p.m.96 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228 Log4j2 日志内容 JNDI RCE 缓解措施 English version 国际镜像:https://github.com/zhangyoufu/log4j2-without-jndi 国内镜像:https://code.aliyun.com/zhangyoufu/log4j2-without-jndi/tree/master 使用方式 1. 寻找部署目录下的 log4j2-core 组件 find . -name 'log4j-core.jar' 2. 对找到的 log4j2-core JAR 包实施缓解措施 方式1: 使用 zip 命令从 JAR...

10CVSS8.7AI score0.99999EPSS
Exploits348
Gitee
Gitee
added 2025/09/06 9:50 a.m.96 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

PoC exploit for CVE-2021-44228, a Java logging library vulnerability. The target product/service is Apache Log4j, a Java logging library. The vulnerability class/vector is RCE Remote Code Execution via JNDI Java Naming and Directory Interface lookup. The probable entry points are JNDI lookups...

10CVSS8.7AI score0.99999EPSS
Exploits348
Gitee
Gitee
added 2025/07/27 4:21 a.m.96 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 Windows SMBv3 LPE Exploit Authors Daniel García Gutiérrez @danigargu Manuel Blanco Parajón @dialluvioso Exploit analysis POC Analysis by SungLin Knownsec 404 Team Writeup+PoC by @ZecOps References https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796...

10CVSS7.1AI score0.9981EPSS
Exploits125
Gitee
Gitee
added 2025/09/14 7:3 p.m.95 views

gadgetinspector

This is a Java-based tool for finding deserialization gadget chains in Java applications. The tool is called "Gadget Inspector" and is presented as a project that was showcased at Black Hat USA 2018. The tool is designed to automatically discover possible gadget chains in an application's...

7.1AI score
Exploits0
Gitee
Gitee
added 2025/09/06 9:51 p.m.95 views

advisory-db

This is a security advisory database repository for Rust crates published via crates.io. The repository contains a collection of security advisories filed against various Rust crates, with each advisory containing information in TOML format. The advisories are categorized by crate name, and each...

7AI score
Exploits0
Gitee
Gitee
added 2025/09/06 12:43 p.m.95 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4J-RCE-Proof-Of-Concept CVE-2021-44228 This is a proof of concept of the log4j rce. Here are some links for the CVE-2021-44228: - https://www.lunasec.io/docs/blog/log4j-zero-day - https://github.com/advisories/GHSA-jfh8-c2jp-5v3q - https://github.com/apache/logging-log4j2/pull/608 -...

10CVSS9.2AI score0.99999EPSS
Exploits348
Gitee
Gitee
added 2025/09/06 12:9 p.m.95 views

vulhub

This is a pre-built vulnerable environment based on Docker-Compose, provided by the Vulhub project. The repository contains a collection of vulnerable applications and services, along with their corresponding Dockerfiles and configuration files. The vulnerable environments are designed to help...

7AI score
Exploits0
Gitee
Gitee
added 2025/07/27 2:52 a.m.95 views

TIDoS-Framework

The TIDoS Framework is a comprehensive web application penetration testing framework written in Python. It has five main phases: Reconnaissance, Scanning & Enumeration, Vulnerability Analysis, Exploits Castle, and Auxiliaries. The framework is designed to automate various tasks, including...

7AI score
Exploits0
Gitee
Gitee
added 2025/09/14 5:5 p.m.94 views

ProcessInjection

It is an offensive tool for Windows. This repository contains proof-of-concept PoC code for injecting a DLL into a running process on Windows. The primary CVE ID is not explicitly stated, but the code appears to target a vulnerability in the Windows operating system. The target product/service is...

7.4AI score
Exploits0
Gitee
Gitee
added 2025/09/13 9:3 p.m.94 views

Exploit for Out-of-bounds Write in Linux Linux_Kernel

This is a collection of proof-of-concept PoC code for various kernel vulnerabilities. Here's a breakdown of the code and its implications: CVE-2015-0569 This PoC exploits a buffer overflow vulnerability in the prima wlan driver. The code writes a large buffer to a kernel memory location, causing ...

9.3CVSS7.4AI score0.06468EPSS
Exploits17
Gitee
Gitee
added 2025/09/06 12:9 p.m.94 views

ProxyVulns

ProxyVulns ProxyLogon Usage: python3 26855.py 1.1.1.1 ProxyOracle url Once a victim clicks this link, evil.com will receive the cookies...

6.9AI score
Exploits0
Gitee
Gitee
added 2025/09/06 4:33 a.m.94 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

SMBGhost Simple scanner for CVE-2020-0796 - SMBv3 RCE. The scanner is for meant only for testing whether a server is vulnerable. It is not meant for research or development, hence the fixed payload. It checks for SMB dialect 3.1.1 and compression capability through a negotiate request. A network...

10CVSS9AI score0.9981EPSS
Exploits125
Gitee
Gitee
added 2025/09/06 1:52 a.m.94 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

This repository is an operational information repository regarding the vulnerability in the Log4j logging library CVE-2021-44228. It contains information on Indicators of Compromise IoCs, detection rules, and scanning software related to the vulnerability. The repository is maintained by the...

10CVSS8.3AI score0.99999EPSS
Exploits348
Gitee
Gitee
added 2025/07/27 4:56 a.m.94 views

Privesc

Privesc Windows PowerShell script that finds misconfiguration issues which can lead to privilege escalation. Disclaimer This repository contains tool developed strictly for educational purposes. Any misuse of the tool for illegal activities is strictly prohibited. Legal Notice It is important to...

6.8AI score
Exploits0
Gitee
Gitee
added 2025/09/14 6:26 p.m.93 views

redteam-notebook

It is an offensive tool for network and web exploitation. The repository, redteam-notebook, contains a collection of commands, tips, and tricks for preparation and execution of red teaming activities, specifically for the OSCP exam. The primary vulnerability targeted is not explicitly stated, but...

7.9AI score
Exploits0
Gitee
Gitee
added 2025/09/14 6:9 p.m.93 views

rtfm

This is a Debian package for a Python application called "RTFM" Read The Fine Manual. The package is version 0.96-RC1 and is intended for the "all" architecture. The package contains a single file, "rtfm.py", which is the main executable script for the application. The package also contains a...

7.6AI score
Exploits0
Gitee
Gitee
added 2025/09/06 5:25 p.m.93 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Qemu

Experiments related to CVE-2015-3456 There is: - exploit/ is an "exploit" it just crashes QEMU. - mock/ contains a stripped down version of QEMU. Only the vulnerability remains. - patch/ contains a program to patch a running instance of QEMU. The main point is to not need debug symbols, nor the...

7.7CVSS6.8AI score0.15275EPSS
Exploits1
Gitee
Gitee
added 2025/09/06 12:43 p.m.93 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

This repository contains Nmap NSE Network Sniffer Engine scripts designed to check for log4shell or LogJam vulnerabilities CVE-2021-44228 in various services. The scripts are written in Lua and are intended to be used with the Nmap network scanning tool. The scripts are categorized into different...

10CVSS7.4AI score0.99999EPSS
Exploits348
Gitee
Gitee
added 2025/09/06 12:58 a.m.93 views

Exploit for Out-of-bounds Write in 7-Zip

This repository is an exploit module for CVE-2022-29072, a privilege escalation vulnerability in 7-Zip through version 21.07 on Windows. The vulnerability allows an attacker to execute commands with elevated privileges when a file with the .7z extension is dragged to the HelpContents area. The...

7.8CVSS8.4AI score0.01523EPSS
Exploits8
Gitee
Gitee
added 2025/07/27 4:42 a.m.93 views

Exploit for Improper Input Validation in Mozilla Firefox

Full chain exploit for CVE-2019-11708 & CVE-2019-9810 This is a full browser compromise exploit chain CVE-2019-11708 & CVE-2019-9810 targeting Firefox on Windows 64-bit. It uses CVE-2019-9810 for getting code execution in both the content process as well as the parent process and CVE-2019-11708 t...

10CVSS9.6AI score0.55874EPSS
Exploits15
Gitee
Gitee
added 2025/07/27 3:39 a.m.93 views

Exploit for Incorrect Permission Assignment for Critical Resource in Tenable Nessus

Deprecated. Have a look at Watson instead. Sherlock PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities. Currently looks for: MS10-015 : User Mode to Ring KiTrap0D MS10-092 : Task Scheduler MS13-053 : NTUserMessageCall Win32k Kernel Pool...

7.8CVSS6.9AI score0.00353EPSS
Exploits1
Gitee
Gitee
added 2025/07/27 3:29 a.m.93 views

Exploit for Use After Free in Microsoft

微软3389远程漏洞CVE-2019-0708批量检测工具 0x001 Win下检测 https://github.com/robertdavidgraham/rdpscan C:\Users\K8team\Desktop\rdpscan-master\vs10\Release 的目录 2019/06/02 02:11 DIR . 2019/06/02 02:11 DIR .. 2019/06/02 01:55 2,582,016 libcrypto-11.dll 2019/06/02 01:57 619,520 libssl-11.dll 2019/06/02 02:04 172,03...

10CVSS7AI score0.99999EPSS
Exploits123
Gitee
Gitee
added 2025/09/21 10:50 p.m.92 views

geminabox

It is an offensive tool for RubyGem hosting. The repository contains a simple RubyGem hosting system called Gem in a Box. It allows users to host their own RubyGems, and it includes features such as user authentication, gem versioning, and a web interface for browsing and downloading gems. The to...

7.2AI score
Exploits0
Gitee
Gitee
added 2025/09/13 12:21 a.m.92 views

metasploit-framework

This repository is an offensive tool for Metasploit Framework. It is a collection of files and workflows used to build and test the Metasploit Framework, a penetration testing tool. The repository contains various templates for reporting issues, suggesting new features, and submitting pull...

8.1AI score
Exploits0
Gitee
Gitee
added 2025/09/06 12:34 a.m.92 views

Exploit for CVE-2021-1675

It Was All A Dream A CVE-2021-34527 a.k.a PrintNightmare Python Scanner. Allows you to scan entire subnets for the PrintNightmare RCE not the LPE and generates a CSV report with the results. Tests exploitability over MS-PAR and MS-RPRN. This tool has "de-fanged" versions of the Python exploits, i...

9.3CVSS8.8AI score0.99759EPSS
Exploits75
Gitee
Gitee
added 2025/07/27 4:15 a.m.92 views

Linux_kernel_exploits

Linuxkernelexploits Some Linux kernel exploits for various real world kernel vulnerabilities here. More exploits are yet to come. This repo contains the exploits developed during a research project, as well as the code of FUZE to facilitate exploit generation. What is FUZE FUZE is a framework to...

6.9AI score
Exploits0
Gitee
Gitee
added 2025/07/27 4:11 a.m.92 views

PowerShell-Suite

This is an offensive tool for Windows UAC bypass. It is a PowerShell module called "Bypass-UAC" that provides a framework to perform UAC bypasses based on auto-elevating IFileOperation COM object method calls. The tool is designed to bypass User Account Control UAC on Windows systems, allowing an...

7.3AI score
Exploits0
Gitee
Gitee
added 2025/07/27 3:26 a.m.92 views

Exploit for OS Command Injection in Docker

This repository is an offensive tool for container exploitation. The primary capability of this tool is to perform a container breakout via exposed Docker daemons docker.sock, CVE-2019-5736, and privileged container breakout via enabled CAPS and SYSCALLS. It also extracts data from Linux Kernel...

9.3CVSS6.9AI score0.9857EPSS
Exploits33
Gitee
Gitee
added 2025/07/07 12:11 a.m.92 views

Exploit for Cleartext Transmission of Sensitive Information in Paloaltonetworks Cortex_Xdr_Agent

Nuclei2Snort 📖 项目介绍 Nuclei2Snort 是一个高效的自动化工具,用于将 Nuclei POC(Proof of Concept)模板批量转换为 Snort IDS/IPS 规则。该工具帮助安全研究人员和运维团队快速将 Nuclei 的漏洞检测模板转换为可部署的网络入侵检测规则。 ✨ 主要特性 - 🚀 批量转换: 支持单文件和目录批量转换 - 🌐 智能翻译: 集成腾讯云翻译API,自动将英文漏洞描述翻译为中文 - 🔧 自动分类: 智能识别漏洞类型并映射到相应的Snort分类 - ⚡ 并发处理: 支持多线程并发转换,提高处理效率 - 🛡️ 安全配置:...

6.7CVSS6.5AI score0.00206EPSS
Exploits3
Gitee
Gitee
added 2025/07/06 3:22 a.m.92 views

SharPyShell

SharPyShell SharPyShell is a tiny and obfuscated ASP.NET webshell that executes commands received by an encrypted channel compiling them in memory at runtime. SharPyShell supports only C web applications that runs on .NET Framework = 2.0VB is not supported atm. Usage python3 SharPyShell.py genera...

7.6AI score
Exploits0
Gitee
Gitee
added 2025/07/06 2:40 a.m.92 views

Exploit for Use After Free in Google Chrome

CVE-2019-5786 Chrome 72.0.3626.119 stable FileReader UaF exploit for Windows 7 x86. This exploit uses site-isolation to brute-force the vulnerability. iframe.html is the wrapper script that loads the exploit, contained in the other files, repeatedly into an iframe. host iframe.html on one site an...

6.5CVSS6.8AI score0.61537EPSS
Exploits10
Gitee
Gitee
added 2025/06/15 4:41 p.m.92 views

tidos-framework

The TIDoS Framework is an open-source, Python-based web application penetration testing framework. It is designed to cover various phases of a penetration test, including reconnaissance, scanning and enumeration, vulnerability analysis, and exploitation. The framework is built on top of the SQLit...

7.1AI score
Exploits0
Gitee
Gitee
added 2025/09/06 4:56 a.m.91 views

MaraDNS

MaraDNS is an open-source DNS server. It is a small, lightweight, and highly customizable DNS server that can be used as an authoritative or recursive nameserver. MaraDNS is written in C and is designed to be easy to configure and use. The repository contains a variety of files, including a READM...

6.7AI score
Exploits0
Gitee
Gitee
added 2025/09/06 12:59 a.m.91 views

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

This is a rather flaky poc for CVE-2024-38063, a RCE in tcpip.sys patched on August 13th 2024. I didn't find and report this vuln, that would be Wei. requirements pip3 install scapy usage Modify the fields in the script: - iface tcpip!Ipv6pProcessOptions - tcpip!IppSendErrorList being hit? - Brea...

9.8CVSS8.9AI score0.70564EPSS
Exploits24
Gitee
Gitee
added 2025/09/06 12:11 a.m.91 views

Exploit for Use After Free in Microsoft

PoC exploit for CVE-2019-0708, a RCE vulnerability in Windows systems, including Windows 2003, Windows XP, Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2. The vulnerability occurs during pre-authorization and allows an attacker to run arbitrary malicious code in the NT...

10CVSS8.7AI score0.99999EPSS
Exploits123
Gitee
Gitee
added 2025/09/06 12:10 a.m.91 views

php-saml

This is a PHP library for implementing SAML Security Assertion Markup Language authentication and authorization. It is a toolkit for adding SAML support to PHP software. The library is compatible with PHP 5.3.2 and later versions, and it uses the xmlseclibs library for XML encryption and...

7.2AI score
Exploits0
Gitee
Gitee
added 2025/08/17 1:20 a.m.91 views

Exploit for Path Traversal in Citrix Application_Delivery_Controller_Firmware

This is a PoC exploit for CVE-2019-19781, a vulnerability in Citrix ADC NetScaler that allows for unauthenticated remote code execution. The tool, called Citrixmash, was published by TrustedSec due to other researchers releasing their code first. The exploit exploits a directory traversal bug in...

9.8CVSS8.1AI score0.99999EPSS
Exploits48
Gitee
Gitee
added 2025/09/14 7:7 p.m.90 views

CTFDefense

This repository, CTFDefense, contains tools for offline CTF Capture The Flag challenges. The tools are written in Python and are designed to monitor and analyze system events. The repository includes a script called SimpleMonitor.py, which uses the pyinotify library to watch for file system event...

6.9AI score
Exploits0
Gitee
Gitee
added 2025/09/14 6:47 p.m.90 views

Buffer-Overflow-Exploit-Development-Practice

It is an offensive tool for buffer overflow exploit development. The primary CVE ID is not present in the provided context. The target product/service or framework is not explicitly stated, but the tool is designed for buffer overflow exploit development, which typically involves vulnerabilities ...

8.2AI score
Exploits0
Gitee
Gitee
added 2025/09/14 11:51 a.m.90 views

mitmf

This is a Python-based framework for Man-In-The-Middle MITM attacks, called MITMf. It is designed to provide a one-stop-shop for various network attacks and techniques. The framework contains a built-in SMB, HTTP, and DNS server that can be controlled and used by various plugins. It also includes...

6.7AI score
Exploits0
Gitee
Gitee
added 2025/09/13 5:46 p.m.90 views

Exploit for CVE-2016-1057

This is a PoC exploit for CVE-2016-1057, a remote jailbreak for MikroTik's RouterOS. The exploit targets devices running v6.x.x and allows for remote code execution. The vulnerability exists on other device versions as well, but the exploit only supports v6.x.x. The exploit script is designed to...

10CVSS8.4AI score0.06386EPSS
Exploits1
Gitee
Gitee
added 2025/09/06 2:53 p.m.90 views

sudo_inject

Linux Privilege Escalation by injecting process possessing sudo tokens Inject process that have valid sudo token and activate our own sudo token Introduction We all noticed that sometimes sudo doesn't ask us for a password because he remembers us. How does he remember us and how does he identifie...

7.6AI score
Exploits0
Gitee
Gitee
added 2025/09/06 8:22 a.m.90 views

Exploit for Improper Initialization in Linux Linux_Kernel

This is a PoC exploit for the Dirty Pipe vulnerability CVE-2022-0847 on Android, specifically targeting Pixel 6 devices with a security patch level from 2022-02-05 to 2022-04-05. The exploit is designed to overwrite readable files and can't overwrite the first byte of each page each 4096 bytes. I...

7.8CVSS7.4AI score0.88106EPSS
Exploits100
Total number of security vulnerabilities1886