1899 matches found
jexboss
This is a Python script for a tool called JexBoss, which is designed to exploit vulnerabilities in JBoss Application Server and other Java platforms. The script is written in Python 2.x and uses the urllib3 library for HTTP requests. The script has several modules, including exploits.py,...
pwncli
This is an offensive tool for binary exploitation. The primary vulnerability targeted is not explicitly stated, but the code and documentation suggest that it is a buffer overflow vulnerability in a binary named "stackoverflownopie" and "stackoverflowpie". The tool, named "pwncli", is designed to...
pocsuite3
This is a Python-based framework for remote vulnerability testing and proof-of-concept development, called pocsuite3. It is developed by the Knownsec 404 Team and is designed for penetration testers and security researchers. The framework comes with a powerful proof-of-concept engine and various...
Exploit for Expression Language Injection in Vmware Spring_Cloud_Gateway
开源工具 SpringBoot-Scan 的GUI图形化版本,对你有用的话麻烦点个Star哈哈 注意:本工具内置相关漏洞的Exp,杀软报毒属于正常现象! 新版本工具使用 python3 main.py VulHub 漏洞测试环境搭建 git clone https://github.com/vulhub/vulhub.git 安装Docker环境 sudo apt-get install docker.io sudo apt install docker-compose 搭建CVE-2022-22965 cd /vulhub/CVE-2022-22965 sudo...
Tater
It is an offensive tool for Windows Privilege Escalation. The primary CVE ID is not explicitly mentioned, but the tool is based on the Hot Potato Windows Privilege Escalation exploit, which is a known vulnerability. The target product/service is Windows, and the vulnerability class/vector is...
pocsuite3
This is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec 404 Team. It comes with a powerful proof-of-concept engine, many nice features for the ultimate penetration testers and security researchers. The framework supports various...
Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
This is a repository containing operational information regarding the vulnerability in the Log4j logging library CVE-2021-44228. The repository includes information on hunting for exploitation, indicators of compromise IoCs, mitigation, and scanning for the Log4j vulnerability. It also contains a...
Exploit for CVE-2005-1125
PoC exploit for CVE-2005-1125. The exploit targets a vulnerability in the Libsafe library, which is a safety net for applications to prevent buffer overflows. The exploit is designed to bypass the Libsafe protection and execute arbitrary code. The repository contains a Makefile that builds the...
Exploit for Out-of-bounds Write in Polkit_Project Polkit
PoC exploit for CVE-2021-4034, a Local Privilege Escalation Vulnerability in polkit’s pkexec. The exploit is implemented in Python and utilizes the PwnKit vulnerability to gain elevated privileges. The code creates a malicious shared object SO that, when loaded by pkexec, executes a setuid0 and...
黑客工具测试
This is an offensive tool for a comprehensive hacking toolkit. The primary vulnerability class targeted is RCE Remote Code Execution, with various tools and modules available for different attack vectors, including SQL injection, phishing, web attacks, post-exploitation, and more. The tool is...
Exploit for Code Injection in Apache Cassandra
0day 由于众所周知的原因,原始仓库被删除,但保留了副本,forks和stars 清零 不过请放心,还是原来的配方,原来的味道。 为了避免再次出现这种情况找不到此项目,可以Follow 一下 本仓库所有内容仅限用于学习交流 English | 中文 各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新 优秀项目列表 1. Fastjson RCE https://github.com/dbgee/fastjson-rce 2. Log4j RCE https://github.com/dbgee/log4j2rce 3. redis RCE...
Exploit for CVE-2013-0422
K8tools 20190727 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 博客: https://www.cnblogs.com/k8gege 下载: https://github.com/k8gege/K8tools PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 综合工具 K8飞刀Final.rar + K8data.mdb K8飞刀漏洞数据库20190402 + K8expList.txt...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Iphone_Os
CVE-2018-4407 is a heap buffer overflow vulnerability in the XNU operating system kernel, affecting both iOS and macOS. The vulnerability can lead to a denial-of-service DOS attack. The exploit is a simple and fast BOF Buffer Overflow attack that can be launched using the provided Python script...
Exploit for Classic Buffer Overflow in Cisco Pix_Firewall_Software
This is a PoC exploit for CVE-2016-6366, a remote code execution vulnerability in Cisco ASA. The repository contains improvements to the EXTRABACON exploit, which was written by the Equation Group NSA and leaked by the Shadow Brokers. The exploit targets various versions of Cisco ASA, including 8...
canTot
This is a Python-based CLI framework called "canTot" that is designed for CAN Bus hacking and exploitation. It is similar to an exploit framework but focused on known CAN Bus vulnerabilities or "fun CAN Bus hacks." The framework is made up of several modules, each with its own specific...
Exploit for Expression Language Injection in Atlassian Confluence_Data_Center
水泽-信息收集自动化工具 郑重声明:文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用,任何人不得将其用于非法用途以及盈利等目的,否则后果自行承担。 0x01 介绍 作者:Ske 团队:0x727,未来一段时间将陆续开源工具,地址:https://github.com/0x727 定位:协助红队人员快速的信息收集,测绘目标资产,寻找薄弱点 语言:python3开发 功能:一条龙服务,只需要输入根域名即可全方位收集相关资产,并检测漏洞。也可以输入多个域名、C段IP等,具体案例见下文。...
vulhub
This repository is an open-source collection of pre-built vulnerable Docker environments, known as Vulhub. It is a defensive research tool for improving detection, response, and patch prioritization. The repository contains various vulnerable environments, including CouchDB, FFmpeg, Git, and more...
Exploit for Code Injection in Apache Cassandra
0day 由于众所周知的原因,原始仓库被删除,但保留了副本,forks和stars 清零 不过请放心,还是原来的配方,原来的味道。 为了避免再次出现这种情况找不到此项目,可以Follow 一下 本仓库所有内容仅限用于学习交流 English | 中文 各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新 优秀项目列表 1. Fastjson RCE https://github.com/dbgee/fastjson-rce 2. Log4j RCE https://github.com/dbgee/log4j2rce 3. redis RCE...
Exploit for Improper Encoding or Escaping of Output in F5 Nginx
This is a repository for Vulhub, a collection of vulnerable environments for testing and learning about web application security. The repository contains a variety of vulnerable environments, including web servers, databases, and applications, which can be used to test and demonstrate various typ...
Exploit for Incorrect Authorization in Vmware Spring_Security
CVE-2022-22978 POC environment CVE-2022-22978 Spring-Security bypass Demo 在Spring Security中使用RegexRequestMatcher且规则中包含带点号的正则表达式时,攻击者可以通过构造恶意数据包绕过身份认证 影响范围 Spring Security 5.5.x http://localhost:8080/admin/index%0a Docker docker pull s0cke3t/cve-2022-22978:latest...
vulhub
This repository is an offensive tool for a web application vulnerability training platform, 'Vulhub'. It is a collection of vulnerable web applications and tools for testing and training purposes. The repository contains various vulnerable applications, including web servers, databases, and other...
Exploit for Race Condition in Canonical Ubuntu_Linux
This repository is a proof-of-concept PoC for the Dirty COW CVE-2016-5195 vulnerability. The PoC relies on ptrace to patch the vDSO Virtual Dynamic Shared Object instead of modifying filesystem binaries. This approach has several advantages, including no setuid binary required, SELinux bypass,...
vulhub
This repository is an offensive tool for a variety of areas, including web application security, container security, and more. It contains a collection of vulnerable environments and tools for testing and learning about various security vulnerabilities. The repository includes a range of tools an...
cyber-range-scenarios
This repository is an offensive tool for cloud-based cyber ranges, specifically for training scenarios. It contains a collection of scripts and configurations for simulating various cyber attacks and vulnerabilities, including Shell Shock and libfutex privilege escalation. The repository uses...
vulhub21
This repository is an offensive tool for vulnerability research and exploitation. It contains a collection of vulnerable environments and exploits for various software and systems. The primary purpose of this repository is to provide a platform for researchers and security professionals to learn...
CVEfixes-db
This repository is an offensive tool for collecting and processing CVE Common Vulnerabilities and Exposures data. It is a Python-based tool that collects CVE data from various sources, including the National Vulnerability Database NVD and GitHub, and stores it in a SQLite database. The tool is...
Exploit for Double Free in Linux Linux_Kernel
This is a repository containing a proof-of-concept PoC exploit for a vulnerability in a Linux kernel module. The PoC is for CVE-2021-22600, a vulnerability in the Linux kernel's packet socket implementation that allows an attacker to bypass certain security restrictions. The exploit is implemente...
渗透字典
This repository is an offensive tool for Bug Bounty research and exploitation. The primary CVE ID is not explicitly mentioned, but it appears to be a collection of exploits and techniques for various vulnerabilities. The repository contains a wide range of exploits and techniques, including: 1...
Exploit for SQL Injection in Zabbix
It is an offensive tool for Vulnerability Exploitation and Research. The repository contains a collection of vulnerability exploitation tools and research materials, including exploits for various vulnerabilities, proof-of-concept PoC code, and research notes. The tools are organized by...
Exploit for OS Command Injection in Sonatype Nexus_Repository_Manager
CVE-2019-5475 CVE-2019-5475 与 CVE-2019-15588 靶场: RCE 命令注入漏洞 ------ 0x00 背景 CVE-2019-5475 是 Nexus 关于内置插件 Yum Repository 的 RCE 命令注入漏洞,其最早被披露于 hackerone,但因官方第一次修复不完整,故又衍生出了 CVE-2019-15588 漏洞。 这两个漏洞都需要以 admin 身份登录后才可以利用,但是 nexus 默认管理员密码 admin123 经常被忽略修改,很容易就被利用了。 0x10 靶场环境 0x20 目录结构 CVE-2019-5475 ├──...
Exploit for CVE-2020-13933
CVE-2020-13933 靶场 shiro 权限配置, 当请求 /res/ 资源时, 302 跳转到登陆页面进行身份认证 - NameController.java: · /res/name: 请求名为 name 的的资源(触发身份认证) · /res/: 不请求任何资源(不触发身份认证) 靶场验证 不在请求路由中指定资源名称时,不触发身份验证,也无资源返回: http://127.0.0.1:8080/res/ 在请求路由中指定资源名称时,302 跳转到身份验证页面: http://127.0.0.1:8080/res/poc 构造特定 PoC...
wky-v4
This is a collection of bash scripts and configuration files for a Linux system. Here's a breakdown of the contents: Scripts: 1. setnginxphp.sh: Configures Nginx and PHP settings. 2. initcachedir.sh: Initializes a cache directory for the ipes application. 3. ipes.sh: Starts the ipes application. ...
vulhub
This is a collection of vulnerable web applications and tools for testing and learning about web application security. The repository contains a variety of applications, including CouchDB, FFmpeg, Git, and Jenkins, each with its own set of vulnerabilities. The applications are designed to be used...
Exploit for Out-of-bounds Write in Polkit_Project Polkit
PoC exploit for CVE-2021-4034, a privilege escalation vulnerability in the polkit package. The target product/service is polkit, a Linux system policy kit. The vulnerability class/vector is a privilege escalation vulnerability. The probable entry points are the gconv-modules file and the...
Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware
This repository is an offensive tool for web application exploitation. The primary vulnerability targeted is CVE-2022-30525, a server-side request forgery SSRF vulnerability in a web application. The tool is designed to exploit this vulnerability by sending a specially crafted request to the targ...
Exploit for Out-of-bounds Write in Linux Linux_Kernel
This is a PoC exploit for CVE-2022-0995, a heap out-of-bounds write in the watchqueue Linux kernel component. The exploit targets Ubuntu 21.10 with kernel 5.13.0-37. It uses the same technique described in a Google Security Research writeup for CVE-2021-22555. The exploit is not 100% reliable and...
vulhub
This is an offensive tool for web application security training and education. It is a collection of vulnerable web applications and tools for testing and training purposes. The repository is a clone of vulhub/vulhub, which is a collection of vulnerable web applications and tools for testing and...
Exploit for Use of Hard-coded Cryptographic Key in Apache Aurora
This repository is an open-source project called "Attack-Defense ThinkTank" openKylin, which is a community-driven platform for sharing knowledge and research on attack and defense techniques. The project is hosted on Gitee, a Chinese version of GitHub. The repository contains various articles an...
Exploit for SQL Injection in Zabbix
This repository is an open-source collection of vulnerable web applications and tools for security testing and education, maintained by phith0n. It is an offensive tool for web application security testing. The primary vulnerability targeted by this repository is not explicitly stated, but it...
chthonian
This is a Python-based local vulnerability scanning framework called Chthonian. It is designed to detect vulnerabilities in openKylin and uses a coroutine-based approach to increase detection speed. The framework has a fuzzing feature that can automatically discover vulnerabilities, detect securi...
Exploit for CVE-2019-2423
This is a malicious LDAP server for JNDI injection attacks, classified as an exploit module/toolkit targeting Java JNDI API. The primary CVE ID is not explicitly mentioned, but the tool is designed to exploit insecure-by-default Java JNDI API, which is related to CVE-2019-2423. The tool targets...
firejail
This repository is an open-source project for the Firejail tool, which is a Linux security tool that allows users to sandbox applications and restrict their access to system resources. The repository contains various files and directories related to the project, including configuration files,...
Exploit for OS Command Injection in Dlink Dir-859_Firmware
IoT-vulhub 受 Vulhub 项目的启发,希望做一个 IoT 版的固件漏洞复现环境。 - IoT-vulhub - 安装 - 使用说明 - 漏洞环境列表 - 贡献指南 - 关注我们 安装 在 Ubuntu 20.04 下安装 docker 和 docker-compose: sh 安装 pip $ curl -s https://bootstrap.pypa.io/get-pip.py | python3 安装最新版 docker $ curl -s https://get.docker.com/ | sh 启动 docker 服务 $ systemctl start dock...
SSCMS-PluginShell
安装VisualStudio 2. 导入该项目 3. 修改Startup.cs文件中的IPAddress.Parse值 c using Microsoft.Extensions.DependencyInjection; using SSCMS.Advertisement.Abstractions; using SSCMS.Advertisement.Core; using SSCMS.Plugins; using System.Diagnostics; using System; using System.Text; using System.Net.Sockets; using...
Exploit for Open Redirect in Git-Scm Git
CVE-2017-1000117 借鉴使用github平台的AnonymKing/CVE-2017-1000117仓库 项目简介 + CVE-2017-1000117 漏洞的复现(PoC+Exp) + Git2.12.1 + SSH 漏洞简介: + 漏洞名称: Git命令注入漏洞 + CNNVD编号:CNNVD-201708-670 + 危害等级:中危 + CVE编号:CVE-2017-1000117 + 漏洞类型:命令注入 + 发布时间:2017-08-16...
pocsuite3_pocs
一些pocsuite3的脚本 shirokeybrute 把ShiroAttack2的检测和爆破key逻辑抠出来。用于批量测试shiro key是否可爆破。 使用步骤: 1.把shirokeys.txt放入pocsuite3\data目录 2.修改pocsuite3\lib\core\common.py setpaths函数中添加paths.SHIROKEYS = os.path.joinpaths.POCSUITEDATAPATH, "shirokeys.txt" 2.2或者直接修改poc中getwordlist函数所打开的文件地址 cve20220540 jira越权...
Exploit for OS Command Injection in Docker
This is a PoC Proof of Concept exploit for CVE-2019-5736, a vulnerability in the runc binary of the Docker container runtime. The exploit is implemented in Go and is designed to overwrite the runc binary on the host system from within a container. The exploit works by overwriting the /bin/sh bina...
Exploit for SQL Injection in Zabbix
This is a comprehensive and well-structured vulnerability hub repository. Here's a concise analysis of the provided information: Classification: It is an offensive tool for various vulnerability exploitation and testing purposes. CVE IDs: The repository contains references to several CVE IDs,...
nuclei-templates
This is a GitHub repository for a community-curated list of templates for the Nuclei engine to find security vulnerabilities in applications. The repository contains various templates for the scanner provided by the team and contributed by the community. The templates are stored in the...
面向嵌入式设备的典型pwn漏洞检测与利用系统
This is a PoC exploit for various router vulnerabilities. The repository contains multiple modules for different router types, including D-Link, Huawei, Netcore, and TP-Link. Each module is designed to exploit a specific vulnerability in the corresponding router model. The modules are written in...