Gopherus

This is an analysis of the provided repository, specifically focusing on the Gopherus tool. Classification: The Gopherus tool is a proof-of-concept exploit for various vulnerabilities, including SSRF Server-Side Request Forgery and RCE Remote Code Execution. Primary Vulnerability: The primary...

Exploit for Out-of-bounds Write in Php

This is an exploit module for a bug in php-fpm CVE-2019-11043. The exploit targets a vulnerability in certain nginx + php-fpm configurations, allowing a web user to execute code if the configuration is vulnerable. The exploit works by appending a specially crafted URL to the web server, which...

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

This repository is an open-source collection of vulnerable systems and applications for educational purposes, specifically for penetration testing and vulnerability assessment. It is maintained by phith0n and is available on GitHub under the MIT License. The repository contains a variety of...

Exploit for CVE-2021-3129

It is an exploit module for CVE-2021-3129. The target product/service is Laravel, a PHP web framework. The vulnerability class/vector is a remote code execution RCE vulnerability. The probable entry point is the Laravel application itself, likely through a web interface. Not specified...

vulhub

This repository is an offensive tool for building vulnerable environments based on Docker-Compose. It contains a collection of vulnerable applications and services, including CouchDB, FFmpeg, Git, and Jenkins, among others. The repository is maintained by phith0n and is licensed under the MIT...

CMSmap

This is a Python-based open-source CMS scanner called CMSmap, which automates the process of detecting security flaws in popular Content Management Systems CMSs such as WordPress, Joomla, Drupal, and Moodle. The tool is designed to integrate common vulnerabilities for different types of CMSs in a...

Exploit for Code Injection in Pivotal_Software Spring_Data_Commons

Based on the provided code and metadata, here is a description of the repository and its contents: Repository: This repository appears to be a Maven wrapper for the Apache Maven project, specifically version 3.5.3. The repository contains metadata and configuration files for the Maven wrapper,...

vulhubdocker2

This repository is an open-source project for vulnerability research and training, specifically targeting various web applications and services. It is a collection of vulnerable environments and tools for testing and learning about common web application vulnerabilities. The repository contains a...

Exploit for Race Condition in Canonical Ubuntu_Linux

This is a PoC exploit for CVE-2016-5195, a vulnerability in the Linux kernel that allows an unprivileged user to gain root privileges by exploiting a bug in the way the kernel handles page table entries. The exploit is implemented in C++ and Go, and is designed to work on various Linux...

Exploit for Path Traversal in Microsoft

This repository is a proof-of-concept PoC exploit for CVE-2021-40444, a Microsoft Office Word remote code execution vulnerability. The PoC is a malicious docx generator that creates a document that, when opened, will execute arbitrary code on the victim's system. The PoC consists of several files...

vulhub

This repository is an offensive tool for creating pre-built vulnerable environments based on Docker-Compose. It is a collection of vulnerable applications and services that can be used for testing and training purposes. The repository includes a variety of vulnerable applications, such as CouchDB...

Exploit for CVE-2020-1938

This is a proof-of-concept PoC exploit for CVE-2020-1938, a vulnerability in Apache Tomcat's AJP protocol. The exploit is written in Python and utilizes the ajpy library to interact with the AJP protocol. The exploit targets the Local File Inclusion LFI vulnerability in Tomcat, allowing an attack...

Exploit for OS Command Injection in Docker

CVE-2019-5736 is a vulnerability in the runc container runtime that allows for container escape. The exploit works by overwriting the runc binary with a malicious payload, which is achieved by modifying the /bin/sh file in the container to point to the runc binary on the host. The attacker can th...

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

PoC exploit for CVE-2021-26084, an OGNL injection vulnerability in Confluence Server and Data Center. The exploit targets Confluence versions prior to 7.12.5, allowing an authenticated user to execute arbitrary code. The exploit is invoked using the ConfluenceOGNLInjection.py script, which takes...

vulhub

This is an open-source collection of vulnerable systems and applications for educational purposes. It is a repository of vulnerable systems and applications, including web servers, databases, and other software, that can be used to test and learn about security vulnerabilities. The repository is...

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

补天poc合集 介绍 补天提交漏洞POC合集 目录 fwfileupload.py--泛微OA weaver.common.Ctrl 任意文件上传漏洞 kindeditorupload.py--kindeditor=4.1.5文件上传漏洞 cve-2021-26084confluencerce.py--Atlassian Confluence 远程代码执行漏洞CVE-2021-26084...

KDU

This is a Windows driver code, specifically a device driver for a fictional device called "DUMMYDRV". The code is written in C and is compiled into a Windows driver executable. The code consists of two parts: dummy.sys and dummy2.sys. Both files are Windows driver executables, but they have...

Exploit for Out-of-bounds Write in Linux Linux_Kernel

PoC exploit for CVE-2021-22555, a heap out-of-bounds write affecting Linux since v2.6.19-rc1, discovered in net/netfilter/xtables.c. This allows an attacker to gain privileges or cause a DoS via heap memory corruption through user namespace. The exploit is tested on Ubuntu 5.8.0-48-generic and CO...

Exploit for Use After Free in Linux Linux_Kernel

This is a collection of exploit code for various Linux kernel vulnerabilities, specifically CVE-2016-8655, CVE-2017-1000112, CVE-2017-7308, and CVE-2018-18955. The exploits are written in C and use various techniques such as AFPACKET race condition, UDP fragmentation offset, and Linux kernel...

CDK

This is a container penetration toolkit called CDK, which is designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs and helps users to escape container and take over K8s cluster easily. The...

IMChecker

This repository is an offensive tool for API misuse detection. The tool is called IMChecker, and it is designed to automatically detect API misuse in C programs. The tool uses a constraint-directed static analysis technique powered by a domain-specific language DSL for specifying API usage...

exprolog

This is a Python script that exploits a vulnerability in Microsoft Exchange Server. The script is designed to target a specific version of the server and exploit a vulnerability to gain access to the system. Here is a summary of the script's functionality: 1. The script starts by importing the...

Exploit for Server-Side Request Forgery in Microsoft

Exchange SSRF GetShell --- RunCommand CVE-2021–26855.exe -host 10.11.11.24 -mail [email protected] --- 效果图 - 写出webshell到服务器 - 使用菜刀连接webshell...

Gopherus

This is a Python script for a tool called Gopherus, which is used to exploit Server-Side Request Forgery SSRF vulnerabilities in various services. The tool can generate payloads for different services, including MySQL, PostgreSQL, FastCGI, Memcached, Redis, Zabbix, and SMTP. The script uses a...

Exploit for Off-by-one Error in Sudo_Project Sudo

This repository is a collection of exploit code for the CVE-2021-3156 vulnerability in sudo, a Unix command that allows users to execute commands as another user. The vulnerability is a heap-based overflow in the sudo library, which can be exploited to gain elevated privileges. The repository...

Pocsuite

This project is an open-sourced remote vulnerability testing and proof-of-concept development framework called Pocsuite. It is developed by the Knownsec 404 Team and supports Python 2.6+. The framework comes with a powerful proof-of-concept engine and many niche features for penetration testers a...

Hack-Tools

This is an offensive tool for Web Pentesters. It is a browser extension that facilitates web application penetration tests, providing cheat sheets and tools such as XSS payloads, reverse shells, and more. The extension is accessible in either popup mode or a whole tab in the Devtools part of the...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Gnu Wget

CVE-2017-13089 CVE-2017-13089 的payload 的生成程序，此版本需要手动定位出需要执行的栈的地址 直接是也是有可能成功的 shellcode 部分中 buf 为利用msf生成出的普通payload 直接替换你所需的payload即可 使用方法如下： python shellcode.py&nc -lp 80payload...

Exploit for CVE-2018-9995

PoC exploit for CVE-2018-9995. This exploit targets a vulnerability in a DVR system, allowing for remote code execution. The exploit is written in Python and uses the requests library to send HTTP requests to the vulnerable system. The exploit first defines a function to get the system's response...

vulhub

This repository is an offensive tool for vulnerability research and exploitation. It contains a collection of vulnerable environments and exploits for various software and frameworks, including Docker, Git, and Oracle Java. The repository is maintained by phith0n and is licensed under the MIT...

x-scan

This is a vulnerability scanner framework written in Python, specifically designed for scanning web applications. The framework is called "X Vulnerability Scanner Framework" and is maintained by "BaCde". The code is organized into several modules, each responsible for a specific type of...

Exploit for Race Condition in Openbsd Openssh

CVE-2018-15473 --- 成因 --- OpenSSH服务器在对包含了请求的数据包完全解析之前，不会延迟处理一个验证无效的用户。该漏洞和auth2-gss.c,auth2-hostbased.c,auth2-pubkey.c有关。 利用 --- 尽管该漏洞不能用来生成有效的用户名列表，但依旧可以拿来枚举猜测用户名。 受影响的版本 --- OpenSSH = 7.7 不受影响的版本 --- openssh-7.8p1-1.fc28 openssh-7.6p1-6.fc27 poc安装 --- 您可能需要安装发行版的等效openssl-dev软件包 bash...

probench_aflnet

It is an offensive tool for network protocols. The primary CVE ID is not explicitly mentioned in the provided context; however, the tool is designed to fuzz network protocols, which may lead to the discovery of vulnerabilities. The target product/service or framework is network protocols, and the...

CDK

This repository is an open-sourced container penetration toolkit called CDK, designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs to help users escape container and take over K8s cluster...

JavaLearnVulnerability

This is a Java vulnerability learning project repository, specifically focused on deserialization vulnerabilities. The repository contains a gadget called "URLDNS" which is used to verify if a target exists a deserialization vulnerability. The gadget is implemented using Java's built-in classes a...

CDK

This is an open-sourced container penetration toolkit called CDK, designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs to help escape container and takeover K8s cluster easily. The toolkit i...

AllAboutBugBounty

This repository is an offensive tool for bug bounty hunting, specifically for bypassing various security measures and exploiting vulnerabilities in web applications. The primary focus is on identifying and exploiting weaknesses in business logic, authentication, and authorization. The repository...

Exploit for Improper Restriction of XML External Entity Reference in Apache Solr

注意: 切勿利用本工具对未授权的网站进行非法攻击。由此产生的法律后果由使用者自行承担!!! 软件更新早知道 下一版本将补weblogic漏洞将新增spring data Spring Cloud 漏洞敬请期待!!!! AttackWebFrameworkTools 1.0 2021-03-06 AttackWebFrameworkTools For RedTeam 更新状态日志: 2021-03-28 新增 CNVD-2021-10543 MessageSolution信息泄露漏洞,新增Apache OFBiz...

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

This is an open-source collection of vulnerable web applications and environments for security testing and education. The repository is maintained by phith0n and is available on GitHub. It contains a variety of vulnerable applications, including web servers, databases, and other systems, to help...

POChouse

Based on the provided context, here is a summary of the analysis: Classification: Apache Flink 1.9.x has a vulnerability that allows for arbitrary command execution and reverse shell through malicious JAR package upload. Affected Version: = 1.9.1 POC: The proof-of-concept POC code is written in...

Exploit for Improper Access Control in Xen

kernel-exploit-factory Keep updating...... Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore. This repository is to extract all Linux kernel exploit and relative debug environment. You can use Qem...

Vxscan

This is a Python script named Vxscan, which is a comprehensive scanning tool for sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning, SQL injection, and other functions. The...

buffer_overflow

This is a repository for a buffer overflow assignment, specifically targeting six vulnerable programs. The repository contains the source code for the vulnerable programs, as well as a Makefile and a Python script for building and testing the exploits. The vulnerable programs are written in C and...

Exploit for Classic Buffer Overflow in Microsoft

PoC exploit for CVE-2017-7269, a buffer overflow vulnerability in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services IIS 6.0 in Microsoft Windows Server 2003 R2. The exploit is implemented as a Metasploit module, which can be used to execute arbitrary code vi...

vulhub111

This repository is an offensive tool for vulnerability research and exploitation. It contains a collection of vulnerable environments and exploits for various software and frameworks, including CouchDB, FFmpeg, Git, and more. The repository is maintained by Vulhub, a community-driven project for...

Exploit for Out-of-bounds Write in Gnu Glibc

This is a PoC exploit for CVE-2015-0235, a vulnerability in the GNU C Library glibc that allows for remote code execution RCE through a buffer overflow in the gethostbyname function. The exploit is implemented in the kadimus tool, which is a LFI Local File Inclusion scanner and exploit tool. The...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Advantech Webaccess

This is a PoC Proof of Concept exploit for CVE-2016-0856, a vulnerability in the Windows RPC Remote Procedure Call service. The exploit targets the RpcClient and RpcDcClient classes in the bwconn.dll library. The exploit is written in Python and uses the ctypes library to interact with the Window...

Exploit for SQL Injection in Zabbix

This repository is an offensive tool for vulnerability research and exploitation. It contains various tools and exploits for testing and demonstrating vulnerabilities in different software and systems. The primary purpose of this repository is to provide a platform for researchers and security...

shadowbroker

This repository, zhangyouren/shadowbroker, contains a collection of exploits and tools leaked by the Shadow Brokers, a group known for releasing sensitive information. The repository includes a README file that lists the contents of the repository, which includes various exploit modules, payloads...

SpringBootVulExploit

This repository is an offensive tool for exploiting Spring Boot vulnerabilities. It contains a collection of exploits and techniques for various Spring Boot versions, including: 1. Spring Boot 1.0 - 1.4: Exposes actuators by default without any parameters, making it vulnerable to RCE Remote Code...