Exploit for Improper Input Validation in Google Chrome

It is an offensive tool for WebAssembly exploitation. The repository contains PoC exploits for CVE-2020-16040 and CVE-2021-3156. The primary CVE is CVE-2020-16040. The target product/service is WebAssembly, and the vulnerability class/vector is arbitrary code execution RCE via WebAssembly module...

PocCollect

This is a Python-based proof-of-concept POC collection repository. The repository contains a variety of POCs for different vulnerabilities, including Struts2, Heartbleed, and Java Deserialization. The POCs are designed to be used for educational purposes only and should not be used for malicious...

pocsuite_poc_collect

It is an offensive tool for collecting POCs using the Pocsuite framework. The repository appears to be a collection of proof-of-concept POC exploits gathered using the Pocsuite framework. The primary CVE ID is not explicitly mentioned, but the repository is likely a collection of various POCs. Th...

penetrationLean

我的渗透学习笔记...

Exploit for SQL Injection in Djangoproject Django

CVE-2020-7471 这个仓库提供 CVE-2020-7471 Potential SQL injection via StringAggdelimiter 漏洞的环境和 POC 受影响的 django 版本 - 1.11 到 1.11.28（不含） - 2.2 到 2.2.10（不含） - 3.0 到 3.0.3（不含） 下载使用前需要如下操作： 1. 安装 django 漏洞版本，我测试用的是 python pip install django==3.0.2 -i https://pypi.tuna.tsinghua.edu.cn/simple 2. 参考...

jexboss

This is an offensive tool for Java Deserialization Vulnerabilities. The tool is called JexBoss and is used to verify and exploit vulnerabilities in JBoss Application Server and other Java platforms, frameworks, and applications. The tool is written in Python and has a command-line interface. It c...

Exploit for Files or Directories Accessible to External Parties in Apache Flink

Based on the provided code and analysis, here is a summary of the vulnerabilities: 1. Apache Flink 1.9.1 Jar Upload RCE: This vulnerability allows an attacker to upload a malicious JAR file to the Apache Flink system, which can lead to arbitrary command execution and reverse shell. Affected...

vulhub1

This repository is an offensive tool for vulnerability research and exploitation, specifically targeting various web applications and services. It contains a collection of exploits and tools for identifying and exploiting vulnerabilities in software and systems. The repository includes a variety ...

nightmare

This is a course on binary exploitation and reverse engineering, specifically targeting Linux systems. The course is designed to be a comprehensive guide to learning binary exploitation and reverse engineering, with a focus on hands-on exercises and real-world examples. The course covers a range ...

Exploit for Off-by-one Error in Sudo_Project Sudo

PoC exploit for CVE-2021-3156, an exploit module targeting the WangluoAnquan framework. The exploit is designed to demonstrate the vulnerability in the framework's UploadHandler.ashx component, which allows for arbitrary file uploads. The exploit uses a simple form submission to upload a maliciou...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 复现 https://www.tenable.com/blog/cve-2021-41773-path-traversal-zero-day-in-apache-http-server-exploited v2.4.49 apache 独有漏洞，早期版本中并没有 apnormalizepath 这个函数，该函数是在v2.4.49版本中引入的，正是这个函数导致了 目录穿越，在 v2.4.50 被修复了 环境 https://github.com/1nhann/CVE-2021-41773 本环境中，加载了 cgi 模块： ini LoadModule...

Summer2021-No.110 操作系统安全漏洞扫描与报警项目

This is a Python script for a Linux operating system risk assessment tool called Euler Guardian. The script is designed to perform various checks on the system, including firewall configuration, open ports, and system information. It also includes a module for sending email notifications. The...

SpringBootVulExploit

This repository is an offensive tool for Spring Boot exploitation. It contains various modules and scripts that can be used to exploit vulnerabilities in Spring Boot applications. The primary vulnerability being targeted is a deserialization vulnerability in the Spring Boot framework, which can b...

exploitdb

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit Database is a...

Exploit for Path Traversal in Apache Http_Server

No description...

Exploit for Path Traversal in Microsoft

This repository is an exploit module for CVE-2021-40444, a remote code execution vulnerability in Microsoft Office Word. The repository contains a Python script exploit.py that generates a malicious docx document, a Windows DLL calc.dll that pops a calc.exe when executed, and a server script...

Exploit for Race Condition in Canonical Ubuntu_Linux

This repository is an exploit module for the Dirty COW CVE-2016-5195 vulnerability. The exploit relies on ptrace to patch the vDSO Virtual Dynamic Shared Object and gain root privileges. The payload is written in assembly and is executed whenever a process makes a call to clockgettime. If the...

maltrail

This is a Python-based malicious traffic detection system called Maltrail. It is designed to identify and report malicious traffic, including malware, suspicious domains, and other types of malicious activity. The system uses a combination of publicly available blacklists and custom user-defined...

Exploit for CVE-2020-1472

介绍 参考很多师傅写的关于CS的脚本,内容有横向移动、密码抓取、权限提升、权限维持等,尽可能将内网渗透中常用到的东西整理一下方便使用 更新日志 2021.7.7 更新CVE-2021-1675只测试了本地提权,其他的待测 参考于 https://github.com/cube0x0/CVE-2021-1675 2021.7.26 更新CVE-2021-1675-36934,参考与 https://github.com/cube0x0/CVE-2021-36934 2021.8.14 更新ZeroLogonCVE-2020-1472,参考...

Exploit for Path Traversal in Microsoft

PoC exploit for CVE-2021-40444, a Microsoft Office Word RCE vulnerability. The target is Microsoft Office Word, with the vulnerability class being Remote Code Execution RCE. The probable entry point is the exploit.py script, which is not specified how it is typically invoked. The exploit chain...

Exploit for Files or Directories Accessible to External Parties in Apache Flink

Based on the provided code and analysis, here is a summary of the vulnerabilities: 1. Apache Flink 1.9.x Jar Upload RCE: This vulnerability allows an attacker to upload a malicious JAR file to the Apache Flink server, which can lead to arbitrary command execution and reverse shell. The affected...

exploitdb

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains exploits, shellcodes, and papers for various vulnerabilities in different software and systems. The exploits are categorized by operating system and vulnerability type, and c...

Exploit for Path Traversal in Microsoft

This is a malicious docx generator for exploiting CVE-2021-40444, a remote code execution vulnerability in Microsoft Office Word. The tool is designed to create a malicious docx document that, when opened, will execute arbitrary code on the victim's system. The tool consists of several files: 1...

Exploit for OS Command Injection in Eyesofnetwork

This is an exploit module for EyesOfNetwork 5.1 to 5.3, a network monitoring and management tool. The exploit targets three vulnerabilities: CVE-2020-8654, CVE-2020-8655, and CVE-2020-9465. CVE-2020-8654 is a discovery module that allows arbitrary OS commands to be run. The exploit uses the targe...

Exploit for CVE-2015-2365

This repository contains a collection of proof-of-concept PoC exploits and tools for various vulnerabilities, including CVE-2015-2365, CVE-2015-2366, and CVE-2015-2507. The exploits are written in C and use assembly code to manipulate system calls and memory. CVE-2015-2365 is a vulnerability in t...

CVE

Received CVE list...

Some-PoC-oR-ExP

This repository is an offensive tool for collecting or writing various vulnerability PoCs proofs of concept and exploits. The primary vulnerability targeted by the code is CNVD-2020-10487, a Tomcat-Ajp local file inclusion LFI vulnerability. The tool is designed to exploit this vulnerability to...

Exploit for CVE-2017-0144

This is a PoC exploit for CVE-2017-0144, also known as the EternalBlue vulnerability, which is a remote code execution vulnerability in the Windows SMBv1 protocol. The exploit is implemented as a Metasploit module, and it targets the Double Pulsar backdoor. The target product/service is the Windo...

POC-EXP

It is an offensive tool for vulnerability exploitation. The repository contains a collection of exploits and proof-of-concept PoC code for various vulnerabilities. No specific CVE or GHSA IDs are mentioned, but the repository is likely focused on demonstrating exploitation techniques rather than...

nuclei-templates

This is a community-curated list of templates for the nuclei engine to find security vulnerabilities in applications. The repository contains various templates for the scanner provided by the team and contributed by the community. The templates are the core of the nuclei scanner, which powers the...

PayloadsAllTheThings

It is an offensive tool for Web Application Security. The repository, PayloadsAllTheThings, contains a list of useful payloads and bypass techniques for web application security and penetration testing/CTF. The provided code snippet is a GitHub funding model configuration file .github/FUNDING.yml...

Exploit for OS Command Injection in Webmin

PoC exploit for CVE-2019-15107 DNSChanger on home routers. The target product/service is Shuttle Tech ADSL Modem-Router 915 WM. The vulnerability class/vector is DNSChanger. The probable entry point is the routerhunter.py script. Notable dependencies/tooling include requests, random, time,...

ctf

It is an offensive tool for reverse engineering. The repository contains a binary decompiler for a "Magic Word" challenge, which appears to be a reverse engineering exercise. The code is written in C++ and utilizes the basicstring class from the C++ Standard Library. The decompiled main function ...

Red-Teaming-Toolkit

This is a collection of open source and commercial tools that aid in red team operations. The repository includes tools for reconnaissance, weaponization, delivery, command and control, lateral movement, establishing a foothold, escalating privileges, data exfiltration, and miscellaneous...

emp3r0r

It is an offensive tool for Linux systems. The tool is called emp3r0r, a Linux post-exploitation framework made by a user named jm33-ng. It is designed to provide a better experience for remote administration on Linux systems, particularly for terminal-based interactions. The framework is written...

PrintNightmare

This is a PoC Proof of Concept exploit for the Print Nightmare vulnerability, which affects Windows Print Spooler service. The repository contains a Visual Studio solution file EXP/POC.sln that includes a C++ project POC with a main function. The project uses the RPC Remote Procedure Call client...

Exploit for OS Command Injection in Dlink Dir-859_Firmware

IoT-vulhub 受 Vulhub 项目的启发，希望做一个 IoT 版的固件漏洞复现环境。 安装 在 Ubuntu 20.04 下安装 docker 和 docker-compose： sh 安装 pip $ curl -s https://bootstrap.pypa.io/get-pip.py | python3 安装最新版 docker $ curl -s https://get.docker.com/ | sh 启动 docker 服务 $ systemctl start docker 安装 docker-compose $ python3 -m pip install...

Exploit for CVE-2021-1675

Based on the provided context and code cues, here is a summary of the analysis: Classification: This is an exploit module for the CVE-2021-1675 vulnerability, which is a local privilege escalation LPE vulnerability. Target: The target of this exploit is the Windows operating system, specifically...

Exploit for CVE-2021-1675

C and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527...

Exploit for CVE-2013-6026

PoC exploit for CVE-2013-6026 Joel's Backdoor in D-Link routers. The target product/service is D-Link routers, and the vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the administration panel of the router, which can be accessed without authentication due to t...

Exploit for Off-by-one Error in Sudo_Project Sudo

PoC exploit for CVE-2021-3156, a heap-based buffer overflow in Sudo. The target product/service is Sudo, a Unix command to execute a command with superuser root privileges. The vulnerability class/vector is a heap-based buffer overflow. Notable dependencies/tooling include the Qualys Security...

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

This is an offensive tool for web application security training. It is a collection of vulnerable web applications, each with its own set of vulnerabilities, designed to help users learn and practice web application security testing. The repository contains a variety of web applications, includin...

PayloadsAllTheThings

It is an offensive tool for general use. This repository contains a collection of payloads, likely for testing and exploitation purposes. The payloads are not explicitly described, but the repository's funding model suggests it may be used for offensive security research. The repository includes ...

Exploit for Out-of-bounds Write in Gnu Glibc

PoC exploit for CVE-2018-1000001, a buffer underflow in glibc realpath that allows local privilege escalation. The target product/service is glibc, a dependency of various Linux distributions including Debian and Ubuntu. The vulnerability class/vector is LPE Local Privilege Escalation. The probab...

Gopherus

This is an analysis of the provided repository, specifically focusing on the Gopherus tool. Classification: The Gopherus tool is a proof-of-concept exploit for various vulnerabilities, including SSRF Server-Side Request Forgery and RCE Remote Code Execution. Primary Vulnerability: The primary...

Exploit for Out-of-bounds Write in Php

This is an exploit module for a bug in php-fpm CVE-2019-11043. The exploit targets a vulnerability in certain nginx + php-fpm configurations, allowing a web user to execute code if the configuration is vulnerable. The exploit works by appending a specially crafted URL to the web server, which...

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

This repository is an open-source collection of vulnerable systems and applications for educational purposes, specifically for penetration testing and vulnerability assessment. It is maintained by phith0n and is available on GitHub under the MIT License. The repository contains a variety of...

Exploit for CVE-2021-3129

It is an exploit module for CVE-2021-3129. The target product/service is Laravel, a PHP web framework. The vulnerability class/vector is a remote code execution RCE vulnerability. The probable entry point is the Laravel application itself, likely through a web interface. Not specified...

vulhub

This repository is an offensive tool for building vulnerable environments based on Docker-Compose. It contains a collection of vulnerable applications and services, including CouchDB, FFmpeg, Git, and Jenkins, among others. The repository is maintained by phith0n and is licensed under the MIT...

CMSmap

This is a Python-based open-source CMS scanner called CMSmap, which automates the process of detecting security flaws in popular Content Management Systems CMSs such as WordPress, Joomla, Drupal, and Moodle. The tool is designed to integrate common vulnerabilities for different types of CMSs in a...