Exploit for Out-of-bounds Write in F5 Nginx

Disclosures Zero-day and N-day security vulnerability notes, analysis, and proof-of-concepts URL: https://github.com/badd1e/Disclosures List CVE-2009-2629: nginx http module Buffer Underflow Remote Code Execution Vulnerability Patch analysis, testcase, notes CVE-2013-0007: Microsoft XML Core...

sas-top-10

This is an educational guide for organizations adopting serverless architectures. The document, curated by top industry practitioners and security researchers, provides information on the top 10 security risks for serverless applications. The guide aims to assist organizations in building robust,...

VulScan

MongoDB 未授权漏洞检测 mongodbunauth.py mongodbunauthmulti.py install python3 -m pip install pymongo mongodbunauth.py 单个IP检测 python3 mongodbunauth.py ip port zoounauthmulti.py 批量检测 python3 mongodbunauthmulti.py /root/unAuth/mongodb/us.txt 10...

Exploit for CVE-2015-0273

phpcodz Php Codz Hacking http://www.80vul.com/pch/ What is PHP? PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. If you are new to PHP and want to get some idea of how it works, try the introductory tutorial. Afte...

Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server

weblogic-scan weblogic 漏洞扫描工具 妄想试图weblogic一把梭 目前检测的功能 - x console 页面探测 & 弱口令扫描 - x uuid页面的SSRF - x CVE-2017-10271 wls-wsat页面的反序列化 - x CVE-2018-2628 反序列化 - x CNVD-C-2019-48814 后期可以的话还会继续加功能的，主要是一些反序列化的poc真的不好写，我也不咋会.. USE 使用前请先填写config.py中的server参数...

Auto-Root-Exploit

Auto-Root-Exploit Auto Root Exploit Tool Author : Nilotpal Biswas Facebook : https://www.facebook.com/nilotpal.biswas.73 Twitter : https://twitter.com/nilotpalhacker USAGE : for kernel version 2.6 all bash autoroot.sh 2 for kernel version 3 all bash autoroot.sh 3 for kernel version 4 all bash...

Exploit for CVE-2020-1472

ZeroLogon exploitation script Exploit code based on https://www.secura.com/blog/zero-logon and https://github.com/SecuraBV/CVE-2020-1472. Original research and scanner by Secura, modifications by RiskSense Inc. To exploit, clear out any previous Impacket installs you have and install Impacket fro...

Exploit for Incorrect Default Permissions in Ui Unifi_Controller

CallStranger This script created by Yunus Çadırcı https://twitter.com/yunuscadirci to check against CallStranger CVE-2020-12695 vulnerability. An attacker can use this vulnerability for: Bypassing DLP for exfiltrating data Using millions of Internet-facing UPnP device as source of amplified...

welpwn

Introduction Pwnning is an art. welpwn is designed to make pwnning an art, freeing you from dozens of meaningless jobs. Features - Automatically get those magic values for you. - libc address - heap address - stack address - program address with PIE - canary - Support multi glibc debugging. - 2.1...

metasploit-framework

This repository is an offensive tool for Metasploit Framework. The primary CVE ID is not explicitly mentioned, but it is likely related to the Metasploit Framework itself. The target product/service or framework is Metasploit Framework, a penetration testing platform. The vulnerability class/vect...

tidos-framework

The TIDoS Framework is an open-source, Python-based web application penetration testing framework. It is designed to cover various phases of a penetration test, including reconnaissance, scanning and enumeration, vulnerability analysis, and exploitation. The framework is built on top of the SQLit...

Exploit for Privilege Context Switching Error in Canonical Ubuntu_Linux

PoC exploit for CVE-2021-3493, an Ubuntu OverlayFS Local Privesc vulnerability. The target is the Linux kernel, specifically the overlayfs file system, which did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to...

ssrf漏洞

No description...

Exploit for CVE-2024-38819

This is a proof-of-concept PoC exploit for CVE-2024-38819, a high-risk path traversal vulnerability in the Spring Framework. The vulnerability allows an attacker to access sensitive files on the server by constructing a malicious HTTP request with a specially crafted path. The PoC code is a simpl...

漏洞检测

It is an offensive tool for vulnerability detection. The repository contains a project with a name that translates to "漏洞检测" which means "vulnerability detection" in English. The project is likely used for identifying vulnerabilities in systems or applications. The code snippets provided are...

wapiti

It is an offensive tool for web application security testing. The primary vulnerability class targeted is SQL injection and XSS. The tool is designed to check web applications for vulnerabilities, and it is likely used by security researchers and penetration testers. The tool is written in Python...

Exploit for CVE-2024-38819

CVE-2024-38819: Proof of Concept PoC This is a proof of concept for the CVE-2024-38819 vulnerability, which I reported, demonstrating a path traversal exploit. Execution Steps 1. Build the Docker image Spring Boot 3.3.4, based on Spring Framework 6.1.13 cd vuln docker build -t cve-2024-38819-poc...

exploitdb

The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: gitlab.com/exploit-database/exploitdb - Binary Exploits: gitlab.com/exploit-database/exploitdb-bin-sploits - Papers...

PEASS-ng

PEASS-ng - Privilege Escalation Awesome Scripts SUITE new generation Basic Tutorial Here you will find privilege escalation tools for Windows and Linux/Unix\ and MacOS. These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors s...

vulnerability scanner

This is a Java-based web vulnerability scanner. The tool is classified as an offensive tool for web vulnerability scanning. The primary vulnerability being targeted is not explicitly stated, but based on the code and metadata, it appears to be a web application scanner that can perform SQL...

cve_article

No description provided...

Exploit for SQL Injection in Projectworlds Life_Insurance_Management_System

This is a collection of vulnerability reports from the dachuaner/POC repository. The reports describe various vulnerabilities in different software systems, including: 1. 1Panel面板最新前台RCE漏洞CVE-2024-39911: A remote code execution RCE vulnerability in the 1Panel面板 latest frontend, allowing attackers...

hackingtool

This is an offensive tool for a comprehensive hacking suite. The primary purpose of this tool is to provide a wide range of functionalities for hackers, including information gathering, exploitation, and post-exploitation activities. The tool is designed to be user-friendly and can be run on...

Exploit for Injection in Oracle Agile_Plm

针对 loj4j2 CVE-2021-44228 漏洞的研究 实验平台 - VirtualBox 7.0.12 r159484 Qt5.15.2 - Attacker kali - 网络地址转换（NAT） - host-only 网络 192.168.56.101 - Victim kali 2023.3 - 网络地址转换（NAT） - host-only 网络 192.168.56.112 实验任务 - - x 搭建实验平台 - - x 漏洞存在性验证 以 loj4j2 CVE-2021-44228 为例 - - x 漏洞可利用验证 以 loj4j2 CVE-2021-44228 为例...

DependencyCheck

This is an issue template repository for the OWASP Dependency-Check project. The repository contains various templates for reporting bugs, false positives, and feature requests. The templates are designed to be used when submitting issues or pull requests to the project. They provide a structured...

YushuTechUnitreeGo1

Based on the provided code, it appears to be a Windows executable file PE file that contains a malicious payload. The file is encoded with a custom algorithm, making it difficult to analyze without decoding. The code is written in C and uses various techniques to evade detection, including: 1. Co...

aflnet_profuzzbench

It is an offensive tool for network protocols. The primary CVE ID is not present in the provided context, but the tool is an extension of American Fuzzy Lop AFL, which is a greybox fuzzer for protocol implementations. The tool, AFLNet, is seeded with a corpus of recorded message exchanges between...

Exploit for Code Injection in Seacms

No description provided...

Exploit for CVE-2021-4191

This repository contains a collection of exploits and proof-of-concept POC code for various vulnerabilities, including a high-severity vulnerability in Android versions 12 and 13 CVE-2024-0044, an unauthenticated remote command execution RCE vulnerability in BYOB Build Your Own Botnet v2.0.0, and...

Exploit for CVE-2018-2894

Weblogic CVE-2018-2894 CVE-2018-2894 0x01 前言 Oracle 7月更新中，修复了Weblogic Web Service Test Page中一处任意文件上传漏洞，Web Service Test Page 在“生产模式”下默认不开启，所以该漏洞有一定限制， 利用该漏洞，可以上传任意jsp文件，进而获取服务器权限。 0x02 漏洞环境 Ubuntu 16.04 https://github.com/vulhub/vulhub/blob/master/weblogic/CVE-2018-2894/ 执行如下命令，启动weblogic 12.2.1....

POC

Apache ActiveMQ远程命令执行漏洞 影响版本: 5.18.0 beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:spring="http://camel.apache.org/schema/spring" xmlns:context="http://www.springframework.org/schema/context"...

Exploit for CVE-2000-0114

This is a collection of vulnerability templates for the Nuclei vulnerability scanner. The templates are organized by CVE ID and include information such as the vulnerability name, description, severity, and remediation steps. The templates also include HTTP requests and matchers to identify the...

Exploit for Server-Side Request Forgery in Adobe Experience_Manager

This repository is an offensive tool for vulnerability exploitation, specifically targeting Adobe AEM Experience Manager vulnerabilities. The primary CVE ID is CVE-2018-12809. The tool is designed to exploit a SSRF Server-Side Request Forgery vulnerability in AEM, allowing an attacker to extract...

poc

This repository contains a collection of proof-of-concept PoC exploits for various vulnerabilities in Dahua products. The exploits are categorized by product and vulnerability type. The PoCs are for the following products: 1. Dahua DSS: - A command execution vulnerability CVE-XXXX-XXXX that allow...

Exploit for Unrestricted Upload of File with Dangerous Type in Git

CVE-2024-32002: Exploiting Git RCE via git clone This repository contains a PoC for exploiting CVE-2024-32002, a vulnerability in Git that allows RCE during a git clone operation. By crafting repositories with submodules in a specific way, an attacker can exploit symlink handling on...

Exploit for Deserialization of Untrusted Data in Apache Dubbo

Apache Dubbo 反序列化漏洞CVE-2023-29234 is a vulnerability in the Apache Dubbo framework, which allows an attacker to execute arbitrary code on the server-side. The vulnerability is caused by a deserialization issue in the Dubbo framework, which can be exploited by sending a specially crafted serialize...

vulSystem

This repository appears to be a collection of tools and scripts for web scraping and data collection, likely used for research or analysis purposes. The tools are written in Python and utilize various libraries such as BeautifulSoup and requests. The repository contains several scripts, including...

Exploit for Deserialization of Untrusted Data in Apache Dubbo

Apache ActiveMQ远程命令执行漏洞 影响版本: 5.18.0=Apache ActiveMQ5.18.3, 5.17.0=Apache ActiveMQ5.17.6, 5.16.0=Apache ActiveMQ5.16.7, 5.15.0=Apache ActiveMQ5.15.15 利用方式: 利用ActiveMQ的反序列化漏洞,可以执行任意命令 漏洞回显复现: 漏洞脚本: https://github.com/Fw-fW-fw/activemqThrowable, https://github.com/sincere9/Apache-ActiveMQ-RCE Apach...

Exploit for Unrestricted Upload of File with Dangerous Type in Git

amalmurali47/hook This repository is part of the PoC for exploiting CVE-2024-32002, a vulnerability in Git that allows RCE during a git clone operation. This repository contains the malicious hook used in the exploit. Overview For detailed instructions and an explanation of how the exploit works,...

Exploit for Unrestricted Upload of File with Dangerous Type in Git

CVE-2024-32002: Exploiting Git RCE via git clone This repository contains a PoC for exploiting CVE-2024-32002, a vulnerability in Git that allows RCE during a git clone operation. By crafting repositories with submodules in a specific way, an attacker can exploit symlink handling on...

Poc

This repository contains a collection of proof-of-concept PoC exploits and tools for various vulnerabilities. The primary focus is on Java-based exploits, with some Python scripts also present. The Java exploits target vulnerabilities in Java applications, including a deserialization vulnerabilit...

Shiro-721

This is a vulnerability analysis of a repository containing a proof-of-concept PoC exploit for a remote code execution RCE vulnerability in Apache Shiro, a Java-based security framework. The vulnerability is caused by a padding oracle attack, which allows an attacker to construct serialized data...

Exploit for PHP External Variable Modification in Juniper Junos

PoC exploit for CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847. This exploit targets Juniper JunOS within SRX and EX Series products, achieving Remote Code Execution RCE by chaining four vulnerabilities. The exploit involves uploading an arbitrary PHP file to a restricted director...

Gopherus

This tool, Gopherus, is designed to generate gopher links for exploiting Server-Side Request Forgery SSRF and gaining Remote Code Execution RCE in various servers. The tool supports multiple protocols and services, including MySQL, PostgreSQL, FastCGI, Memcached, Redis, Zabbix, and SMTP. The tool...

Exploit for Deserialization of Untrusted Data in Fasterxml Jackson-Databind

hacktheboxoscp 介绍 准备oscp考试过程中做的hackthebox里的oscp向靶机 因为oscp考试内容改变，新增域渗透。所以还有红日出的vulnstack靶场 新增：endgame,fortresses，open beta season对应HTB相应的栏目。是oscp向靶机列表外练手打的 靶机摘要 hackthebox lame lame vsftpd笑脸漏洞烟雾弹，samba服务漏洞才是真凶 legacy ms08-067，但靶机有点问题，除了第一次，后面都连不上端口了 blue blue 神似 修改命名管道，手打ms17-010 Devel Devel 神似...

jndi_tool

It is an exploit module/toolkit targeting JNDI vulnerabilities. The primary CVE ID is not explicitly mentioned, but the tool is designed to exploit JNDI-related vulnerabilities, including RCE Remote Code Execution and potential log4j RCE. The target product/service is JNDI, and the vulnerability...

metasploit-framework

This is the Metasploit Framework repository, a comprehensive collection of tools and resources for penetration testing and vulnerability assessment. The repository is maintained by Rapid7 and is used by security professionals to identify and exploit vulnerabilities in computer systems and network...

redteam-research

Collection of PoC and offensive techniques used by the BlackArrow Red Team...

Exploit for CVE-2021-42278

This is a Python script for exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate a Domain Administrator DA from a standard domain user. The script uses the Impacket library to interact with the Active Directory. The script has several components: 1. samtheadmin.py: This is the main script...

Exploit for CVE-2021-42278

This is a PoC exploit for CVE-2021-42278 and CVE-2021-42287, which are two vulnerabilities in the Windows operating system that allow an attacker to impersonate a Domain Administrator DA from a standard domain user. The exploit uses the Impacket library to interact with the Windows Domain...