Exploit for Path Traversal in Mikrotik Routeros

This is a proof of concept PoC exploit for the critical WinBox vulnerability CVE-2018-14847 that allows for arbitrary file read of plain text passwords. The vulnerability has been fixed, but the project is no longer supported or updated. The exploit is written in Python and uses the socket librar...

pentest-wiki

This repository is an information gathering library for penetration testers and researchers, providing a collection of tools and documentation for gathering information about a target organization. The library includes tools for DNS enumeration, whois searches, and Linux system architecture and...

PayloadsAllTheThings

It is an offensive tool for Web Application Security and Pentest/CTF. This repository contains a list of useful payloads and bypass techniques for web application security and penetration testing/CTF. The payloads are likely used to exploit vulnerabilities and bypass security measures. Not...

SpringBootVulExploit

This repository is an offensive tool for Spring Boot exploitation, specifically targeting various vulnerabilities in Spring Boot applications. The primary vulnerability being targeted is a deserialization vulnerability in the Spring Boot framework, which can lead to remote code execution RCE. The...

HackTools

This is a web browser extension for penetration testing, called HackTools. It is a comprehensive toolset for web application security testing, providing various features such as: Dynamic shell generation PHP, Bash, Ruby, Python, Perl, Netcat XSS payload generation Common SQL injection payloads...

Exploit for Improper Input Validation in Google Chrome

It is an offensive tool for WebAssembly exploitation. The repository contains PoC exploits for CVE-2020-16040 and CVE-2021-3156. The primary CVE is CVE-2020-16040. The target product/service is WebAssembly, and the vulnerability class/vector is arbitrary code execution RCE via WebAssembly module...

PocCollect

This is a Python-based proof-of-concept POC collection repository. The repository contains a variety of POCs for different vulnerabilities, including Struts2, Heartbleed, and Java Deserialization. The POCs are designed to be used for educational purposes only and should not be used for malicious...

pocsuite_poc_collect

It is an offensive tool for collecting POCs using the Pocsuite framework. The repository appears to be a collection of proof-of-concept POC exploits gathered using the Pocsuite framework. The primary CVE ID is not explicitly mentioned, but the repository is likely a collection of various POCs. Th...

penetrationLean

我的渗透学习笔记...

Exploit for SQL Injection in Djangoproject Django

CVE-2020-7471 这个仓库提供 CVE-2020-7471 Potential SQL injection via StringAggdelimiter 漏洞的环境和 POC 受影响的 django 版本 - 1.11 到 1.11.28（不含） - 2.2 到 2.2.10（不含） - 3.0 到 3.0.3（不含） 下载使用前需要如下操作： 1. 安装 django 漏洞版本，我测试用的是 python pip install django==3.0.2 -i https://pypi.tuna.tsinghua.edu.cn/simple 2. 参考...

jexboss

This is an offensive tool for Java Deserialization Vulnerabilities. The tool is called JexBoss and is used to verify and exploit vulnerabilities in JBoss Application Server and other Java platforms, frameworks, and applications. The tool is written in Python and has a command-line interface. It c...

exploitdb-bin-sploits

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit Database is a...

Exploit for Files or Directories Accessible to External Parties in Apache Flink

Based on the provided code and analysis, here is a summary of the vulnerabilities: 1. Apache Flink 1.9.1 Jar Upload RCE: This vulnerability allows an attacker to upload a malicious JAR file to the Apache Flink system, which can lead to arbitrary command execution and reverse shell. Affected...

vulhub1

This repository is an offensive tool for vulnerability research and exploitation, specifically targeting various web applications and services. It contains a collection of exploits and tools for identifying and exploiting vulnerabilities in software and systems. The repository includes a variety ...

nightmare

This is a course on binary exploitation and reverse engineering, specifically targeting Linux systems. The course is designed to be a comprehensive guide to learning binary exploitation and reverse engineering, with a focus on hands-on exercises and real-world examples. The course covers a range ...

Exploit for Off-by-one Error in Sudo_Project Sudo

PoC exploit for CVE-2021-3156, an exploit module targeting the WangluoAnquan framework. The exploit is designed to demonstrate the vulnerability in the framework's UploadHandler.ashx component, which allows for arbitrary file uploads. The exploit uses a simple form submission to upload a maliciou...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 复现 https://www.tenable.com/blog/cve-2021-41773-path-traversal-zero-day-in-apache-http-server-exploited v2.4.49 apache 独有漏洞，早期版本中并没有 apnormalizepath 这个函数，该函数是在v2.4.49版本中引入的，正是这个函数导致了 目录穿越，在 v2.4.50 被修复了 环境 https://github.com/1nhann/CVE-2021-41773 本环境中，加载了 cgi 模块： ini LoadModule...

Summer2021-No.110 操作系统安全漏洞扫描与报警项目

This is a Python script for a Linux operating system risk assessment tool called Euler Guardian. The script is designed to perform various checks on the system, including firewall configuration, open ports, and system information. It also includes a module for sending email notifications. The...

SpringBootVulExploit

This repository is an offensive tool for Spring Boot exploitation. It contains various modules and scripts that can be used to exploit vulnerabilities in Spring Boot applications. The primary vulnerability being targeted is a deserialization vulnerability in the Spring Boot framework, which can b...

exploitdb

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit Database is a...

Exploit for Path Traversal in Apache Http_Server

No description...

Exploit for Path Traversal in Microsoft

This repository is an exploit module for CVE-2021-40444, a remote code execution vulnerability in Microsoft Office Word. The repository contains a Python script exploit.py that generates a malicious docx document, a Windows DLL calc.dll that pops a calc.exe when executed, and a server script...

Exploit for Race Condition in Canonical Ubuntu_Linux

This repository is an exploit module for the Dirty COW CVE-2016-5195 vulnerability. The exploit relies on ptrace to patch the vDSO Virtual Dynamic Shared Object and gain root privileges. The payload is written in assembly and is executed whenever a process makes a call to clockgettime. If the...

maltrail

This is a Python-based malicious traffic detection system called Maltrail. It is designed to identify and report malicious traffic, including malware, suspicious domains, and other types of malicious activity. The system uses a combination of publicly available blacklists and custom user-defined...

Exploit for CVE-2020-1472

介绍 参考很多师傅写的关于CS的脚本,内容有横向移动、密码抓取、权限提升、权限维持等,尽可能将内网渗透中常用到的东西整理一下方便使用 更新日志 2021.7.7 更新CVE-2021-1675只测试了本地提权,其他的待测 参考于 https://github.com/cube0x0/CVE-2021-1675 2021.7.26 更新CVE-2021-1675-36934,参考与 https://github.com/cube0x0/CVE-2021-36934 2021.8.14 更新ZeroLogonCVE-2020-1472,参考...

Exploit for Path Traversal in Microsoft

PoC exploit for CVE-2021-40444, a Microsoft Office Word RCE vulnerability. The target is Microsoft Office Word, with the vulnerability class being Remote Code Execution RCE. The probable entry point is the exploit.py script, which is not specified how it is typically invoked. The exploit chain...

Exploit for Files or Directories Accessible to External Parties in Apache Flink

Based on the provided code and analysis, here is a summary of the vulnerabilities: 1. Apache Flink 1.9.x Jar Upload RCE: This vulnerability allows an attacker to upload a malicious JAR file to the Apache Flink server, which can lead to arbitrary command execution and reverse shell. The affected...

exploitdb

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains exploits, shellcodes, and papers for various vulnerabilities in different software and systems. The exploits are categorized by operating system and vulnerability type, and c...

Exploit for Path Traversal in Microsoft

This is a malicious docx generator for exploiting CVE-2021-40444, a remote code execution vulnerability in Microsoft Office Word. The tool is designed to create a malicious docx document that, when opened, will execute arbitrary code on the victim's system. The tool consists of several files: 1...

Exploit for OS Command Injection in Eyesofnetwork

This is an exploit module for EyesOfNetwork 5.1 to 5.3, a network monitoring and management tool. The exploit targets three vulnerabilities: CVE-2020-8654, CVE-2020-8655, and CVE-2020-9465. CVE-2020-8654 is a discovery module that allows arbitrary OS commands to be run. The exploit uses the targe...

Exploit for CVE-2015-2365

This repository contains a collection of proof-of-concept PoC exploits and tools for various vulnerabilities, including CVE-2015-2365, CVE-2015-2366, and CVE-2015-2507. The exploits are written in C and use assembly code to manipulate system calls and memory. CVE-2015-2365 is a vulnerability in t...

CVE

Received CVE list...

Some-PoC-oR-ExP

This repository is an offensive tool for collecting or writing various vulnerability PoCs proofs of concept and exploits. The primary vulnerability targeted by the code is CNVD-2020-10487, a Tomcat-Ajp local file inclusion LFI vulnerability. The tool is designed to exploit this vulnerability to...

Exploit for CVE-2017-0144

This is a PoC exploit for CVE-2017-0144, also known as the EternalBlue vulnerability, which is a remote code execution vulnerability in the Windows SMBv1 protocol. The exploit is implemented as a Metasploit module, and it targets the Double Pulsar backdoor. The target product/service is the Windo...

POC-EXP

It is an offensive tool for vulnerability exploitation. The repository contains a collection of exploits and proof-of-concept PoC code for various vulnerabilities. No specific CVE or GHSA IDs are mentioned, but the repository is likely focused on demonstrating exploitation techniques rather than...

nuclei-templates

This is a community-curated list of templates for the nuclei engine to find security vulnerabilities in applications. The repository contains various templates for the scanner provided by the team and contributed by the community. The templates are the core of the nuclei scanner, which powers the...

PayloadsAllTheThings

It is an offensive tool for Web Application Security. The repository, PayloadsAllTheThings, contains a list of useful payloads and bypass techniques for web application security and penetration testing/CTF. The provided code snippet is a GitHub funding model configuration file .github/FUNDING.yml...

Exploit for OS Command Injection in Webmin

PoC exploit for CVE-2019-15107 DNSChanger on home routers. The target product/service is Shuttle Tech ADSL Modem-Router 915 WM. The vulnerability class/vector is DNSChanger. The probable entry point is the routerhunter.py script. Notable dependencies/tooling include requests, random, time,...

ctf

It is an offensive tool for reverse engineering. The repository contains a binary decompiler for a "Magic Word" challenge, which appears to be a reverse engineering exercise. The code is written in C++ and utilizes the basicstring class from the C++ Standard Library. The decompiled main function ...

Red-Teaming-Toolkit

This is a collection of open source and commercial tools that aid in red team operations. The repository includes tools for reconnaissance, weaponization, delivery, command and control, lateral movement, establishing a foothold, escalating privileges, data exfiltration, and miscellaneous...

emp3r0r

It is an offensive tool for Linux systems. The tool is called emp3r0r, a Linux post-exploitation framework made by a user named jm33-ng. It is designed to provide a better experience for remote administration on Linux systems, particularly for terminal-based interactions. The framework is written...

PrintNightmare

This is a PoC Proof of Concept exploit for the Print Nightmare vulnerability, which affects Windows Print Spooler service. The repository contains a Visual Studio solution file EXP/POC.sln that includes a C++ project POC with a main function. The project uses the RPC Remote Procedure Call client...

Exploit for OS Command Injection in Dlink Dir-859_Firmware

IoT-vulhub 受 Vulhub 项目的启发，希望做一个 IoT 版的固件漏洞复现环境。 安装 在 Ubuntu 20.04 下安装 docker 和 docker-compose： sh 安装 pip $ curl -s https://bootstrap.pypa.io/get-pip.py | python3 安装最新版 docker $ curl -s https://get.docker.com/ | sh 启动 docker 服务 $ systemctl start docker 安装 docker-compose $ python3 -m pip install...

Exploit for CVE-2021-1675

Based on the provided context and code cues, here is a summary of the analysis: Classification: This is an exploit module for the CVE-2021-1675 vulnerability, which is a local privilege escalation LPE vulnerability. Target: The target of this exploit is the Windows operating system, specifically...

Exploit for CVE-2021-1675

C and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527...

Exploit for CVE-2013-6026

PoC exploit for CVE-2013-6026 Joel's Backdoor in D-Link routers. The target product/service is D-Link routers, and the vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the administration panel of the router, which can be accessed without authentication due to t...

Exploit for Off-by-one Error in Sudo_Project Sudo

PoC exploit for CVE-2021-3156, a heap-based buffer overflow in Sudo. The target product/service is Sudo, a Unix command to execute a command with superuser root privileges. The vulnerability class/vector is a heap-based buffer overflow. Notable dependencies/tooling include the Qualys Security...

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

This is an offensive tool for web application security training. It is a collection of vulnerable web applications, each with its own set of vulnerabilities, designed to help users learn and practice web application security testing. The repository contains a variety of web applications, includin...

PayloadsAllTheThings

It is an offensive tool for general use. This repository contains a collection of payloads, likely for testing and exploitation purposes. The payloads are not explicitly described, but the repository's funding model suggests it may be used for offensive security research. The repository includes ...

Exploit for Out-of-bounds Write in Gnu Glibc

PoC exploit for CVE-2018-1000001, a buffer underflow in glibc realpath that allows local privilege escalation. The target product/service is glibc, a dependency of various Linux distributions including Debian and Ubuntu. The vulnerability class/vector is LPE Local Privilege Escalation. The probab...