vulhub1

This is an open-source collection of vulnerable systems and applications for educational purposes, maintained by phith0n. It provides a controlled environment for learning and practicing penetration testing, vulnerability assessment, and security research. The repository contains various vulnerab...

Dictionary-Of-Pentesting

This repository is an offensive tool for Bug Bounty and penetration testing, specifically targeting WordPress and other web applications. It contains a collection of exploits and techniques for bypassing security measures, including account takeover, cross-site scripting XSS, denial of service Do...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

This is a PoC exploit for CVE-2020-0796, a SMBv3 RCE vulnerability. The scanner is designed to test whether a server is vulnerable to this exploit. It checks for SMB dialect 3.1.1 and compression capability through a negotiate request. The scanner sends a specially crafted SMB packet to the targe...

lua-resty-waf

This is a Lua library for building a web application firewall WAF on top of the OpenResty stack. The library is called "lua-resty-waf" and is maintained by Robert Paprocki p0pr0ck5. The library provides a set of APIs for loading and managing rules, as well as for logging and storing data. It also...

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

This is an open-source project for vulnerability research and training, called Vulhub. It is a collection of vulnerable systems and applications, designed to help security researchers and students learn about various types of vulnerabilities and how to exploit them. The project is maintained by...

pentestdb

This is an offensive tool for penetration testing. It is a Python-based tool called "pentestdb" that provides a collection of tools and resources for penetration testing, including exploit development, vulnerability scanning, and password cracking. The tool is designed to be easy to use and...

Vxscan

This is a Python-based comprehensive scanning tool called Vxscan. It is designed to perform various types of scans, including sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning...

PowerSploit

This is an offensive tool for Windows PowerShell exploitation. The repository contains a collection of PowerShell scripts and modules, including AntivirusBypass and CodeExecution, which are designed to bypass antivirus software and execute malicious code, respectively. The AntivirusBypass module...

Exploit for Off-by-one Error in Sudo_Project Sudo

This is an exploit module/toolkit targeting the CVE-2021-3156 sudo vulnerability, dubbed Baron Samedit by Qualys. The target product/service is the sudo command, and the vulnerability class/vector is a heap-based overflow. The probable entry point is the sudoedit function, which is a part of the...

Exploit for SQL Injection in Djangoproject Django

CVE-2020-7471 这个仓库提供 CVE-2020-7471 Potential SQL injection via StringAggdelimiter 漏洞的环境和 POC 受影响的 django 版本 - 1.11 到 1.11.28（不含） - 2.2 到 2.2.10（不含） - 3.0 到 3.0.3（不含） 下载使用前需要如下操作： 1. 安装 django 漏洞版本，我测试用的是 python pip install django==3.0.2 -i https://pypi.tuna.tsinghua.edu.cn/simple 2. 参考...

Exploit for SQL Injection in Zabbix

This repository is an offensive tool for various vulnerability exploitation and testing. It contains a collection of tools and scripts for identifying and exploiting vulnerabilities in various software and systems. The repository includes tools for testing web applications, network services, and...

PayloadsAllTheThings

It is an offensive tool for general-purpose exploitation. The repository contains a list of supported funding platforms, including GitHub Sponsors, Ko-fi, and Buy Me a Coffee. The primary funding platform is GitHub Sponsors, with the username swisskyrepo. No specific exploits or tools are present...

charlotte

It is an offensive tool for Windows. The repository contains a Python script, charlotte.py, which is a fully undetected shellcode launcher. The script uses XOR encryption to encrypt the shellcode and function names. The script is designed to be used with the Metasploit framework, and it can be us...

marshalsec

This is a Java-based tool for exploiting Java object deserialization vulnerabilities, specifically targeting various Java open-source marshalling libraries. The tool, named "marshalsec," is designed to unmarshal arbitrary, attacker-supplied types and demonstrate the potential for remote code...

PayloadsAllTheThings

This repository is an offensive tool for Web Application Security and Pentest/CTF. It contains a list of useful payloads and bypass for various web application security vulnerabilities and penetration testing. The repository includes tools and exploits for vulnerabilities such as CRLF injection,...

Exploit for Improper Access Control in Elasticsearch

欢迎各位大佬提BUG,当前版本 AssetScanV1.3 周期 初版：2019年11月28日 V1.0初版编写完成 修改1：2019年12月02日 感谢Shadow·J反馈kali下文件导入异常 修改2：2019年12月03日 V1.1发布，新增ARP存活检测（回滚，测bug） 修改3：2019年12月04日 V1.2发布，修复漏洞脚本异常，修复weblogic脚本 修改4：2019年12月05日 V1.2修改，感谢sevck提供设计思路以及代码不规范问题 修改5：2019年12月05日 V1.2修改，修复IP数据处理异常 修改6：2019年12月19日...

edusrc_POC

This repository contains a collection of Python scripts, each designed to exploit vulnerabilities in various web applications. The scripts are written in Chinese and appear to be intended for use on Chinese-language systems. The scripts are categorized into several groups, each targeting a specif...

vulhub

This is a pre-built vulnerable environment based on Docker-Compose, maintained by Vulhub. The repository contains various vulnerable environments, including CouchDB, FFmpeg, Git, InfluxDB, and more. The environments are designed to be easily reproducible and can be used for testing and training...

metasploit-framework

This repository is an offensive tool for Metasploit Framework. The Metasploit Framework is a powerful tool for penetration testing and vulnerability assessment. It provides a comprehensive platform for identifying and exploiting vulnerabilities in various systems and applications. The framework...

CTF-All-In-One

This is a comprehensive security guide for CTF Capture The Flag competitions, written in Chinese. The guide covers various topics, including Linux basics, web security, reverse engineering, and cryptography. It is intended for beginners and intermediate learners. The guide is organized into sever...

Exploit for CVE-2016-6700

PoC exploit for CVE-2016-6700 and CVE-2016-6702 vulnerabilities in libzipfile and libjpeg respectively. The exploits target Android versions 4.4.4, 5.0.2, and 5.1.1. The vulnerabilities occur due to missing bounds checks in libzipfile and an integer overflow in libjpeg. The exploits can be...

awesome-windows-exploitation

This is a curated list of Windows exploitation resources and tools. The repository is a collection of articles, tutorials, and tools for Windows exploitation, including stack overflows, heap overflows, and kernel-based Windows overflows. The list includes resources such as articles from Phrack, a...

PowerShell-Suite

This repository is an offensive tool for Windows UAC User Account Control bypass. It provides a framework to perform UAC bypasses based on auto-elevating IFileOperation COM object method calls. The tool is written in C and uses the .NET framework. The tool supports several methods for UAC bypass,...

Exploit for Injection in Google Android

This is a full exploit for CVE-2016-6754, also known as BadKernel. The exploit is a proof-of-concept PoC code that demonstrates a vulnerability in the Linux kernel. The code is written in JavaScript and is intended to be used for educational purposes only. The exploit targets a vulnerability in t...

EQGRP

This is a repository containing the decrypted content of eqgrp-auction-file.tar.xz. The repository appears to be a Linux binary repository, containing ELF files for 7z, 7za, and 7z.so. The ELF files are likely related to the 7-Zip file archiver. The repository does not contain any obvious...

exploit-database

This is an official repository of exploits and shellcodes, sponsored by Offensive Security. The repository contains a collection of publicly available exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit Database is a...

Exploit for Race Condition in Linux Linux_Kernel

PoC exploit for CVE-2017-1000405, a Linux kernel vulnerability known as Huge Dirty Cow. The target is the Linux kernel, specifically the huge page handling mechanism. The vulnerability class is a use-after-free bug in the huge page handling code, allowing for arbitrary memory access. The probable...

CMSmap

This is an open-source Python tool called CMSmap, designed to automate the process of detecting security flaws in popular Content Management Systems CMSs such as WordPress, Joomla, Drupal, and Moodle. The tool is still in its early stages and may contain bugs or flaws. The primary purpose of CMSm...

wolfssl

This repository is an implementation of the wolfSSL library, a cryptographic library for secure communication. The library is designed to be used with various platforms, including Arduino, and provides a range of cryptographic functions for secure data transmission. The repository contains a...

Exploit for Off-by-one Error in Sudo_Project Sudo

This is a PoC exploit for CVE-2021-3156, a sudo vulnerability dubbed Baron Samedit by Qualys. The exploit targets the heap overflow vulnerability in sudo, aiming for singleshot execution. It does not modify system files and comes with no warranties. The exploit is designed to be used in manual...

Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server

weblogic-scan weblogic 漏洞扫描工具 妄想试图weblogic一把梭 目前检测的功能 - x console 页面探测 & 弱口令扫描 - x uuid页面的SSRF - x CVE-2017-10271 wls-wsat页面的反序列化 - x CVE-2018-2628 反序列化 - x CNVD-C-2019-48814 后期可以的话还会继续加功能的，主要是一些反序列化的poc真的不好写，我也不咋会.. USE 使用前请先填写config.py中的server参数...

monkey

This is a Python script repository for a tool called "Infection Monkey". The tool is designed to simulate a cyber attack on a network by injecting malware into the network and observing the behavior of the malware as it spreads. The script is written in Python and uses the "monkey" framework to...

shadowbroker

This repository, afei00123/shadowbroker, contains a collection of exploits and tools leaked by the Shadow Brokers, a group known for releasing sensitive information. The repository includes a README file that lists the contents of the repository, which includes various exploits and tools, such as...

Exploit for Use After Free in Microsoft

CVE-2021-31166 is a proof of concept for a remote UAF Use-After-Free vulnerability in the HTTP.sys protocol stack. The bug occurs in the http!UlpParseContentCoding function, which appends items to a local LISTENTRY and then moves it into the Request structure without NULLing out the local list...

Exploit for Use After Free in Microsoft

CVE-2021-31166 is a remote code execution vulnerability in the HTTP protocol stack. It is a use-after-free dereference bug in the http!UlpParseContentCoding function. The bug occurs when the function appends items to a local list and then moves it into the Request structure without NULLing out th...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is not a specific exploit or tool, but rather a collection of vulnerable environments for testing and learning purposes. The repository contains various vulnerable docker...

jexboss

Exploit module/targeting JBoss Application Server and others Java Platforms, Frameworks, Applications, etc. The provided code is a Python script that appears to be a tool for testing and exploiting vulnerabilities in JBoss Application Server and other Java-based platforms. The script is written i...

Exploit for Use After Free in Microsoft

CVE-2021-31166 is a remote code execution vulnerability in the HTTP protocol stack. It is a use-after-free dereference bug in the http!UlpParseContentCoding function. The bug occurs when the function appends items to a local list without nulling it out, leaving them dangling in the Request object...

PayloadsAllTheThings

It is an offensive tool for Web Application Security and Pentest/CTF. The repository contains a list of useful payloads and bypass techniques. The primary CVE ID is not explicitly mentioned, but it appears to be a collection of various exploits and tools. The target product/service or framework i...

vulhub

This repository is an open-source collection of pre-built vulnerable Docker environments, known as Vulhub. It is an offensive tool for testing and demonstrating vulnerabilities in various software and systems. The primary vulnerability class/vector targeted by Vulhub is not explicitly stated, but...

Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat

PoC exploit for CVE-2017-12617, CVE-2017-12618, CVE-2017-12619, CVE-2017-12620, CVE-2017-12621, CVE-2017-12622, CVE-2017-12623, CVE-2017-12624, CVE-2017-12625, CVE-2017-12626, CVE-2017-12627, CVE-2017-12628, CVE-2017-12629, CVE-2017-12630, CVE-2017-12631, CVE-2017-12632, CVE-2017-12633,...

Exploit for SQL Injection in Zabbix

This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is a collection of vulnerable environments, not a single exploit or tool. The repository contains various vulnerable environments, including CouchDB, ffmpeg, git, and influxdb, among...

maltrail

This is a Python-based malicious traffic detection system called Maltrail. It is designed to identify and block malicious traffic by utilizing publicly available blacklists and custom user-defined lists. The system can be used to detect various types of malicious activity, including malware,...

K8tools

It is an offensive tool for web application exploitation. The repository, K8tools, contains a collection of tools for various purposes, including internal penetration, privilege escalation, remote overflow, vulnerability exploitation, scanning, password cracking, and anti-kill tools. The primary...

Exploit for CVE-2020-14882

CVE-2020-14882 is a vulnerability in Oracle WebLogic Server. The vulnerability allows for unauthorized access and remote code execution. The vulnerability is caused by a flaw in the way the server handles certain types of requests, which can be exploited by an attacker to gain access to sensitive...

Exploit for CVE-2018-10933

PoC exploit for CVE-2018-10933, a vulnerability in libSSH that allows authentication bypass. The target product/service is libSSH, a free and open-source implementation of the Secure Shell protocol. The vulnerability class/vector is authentication bypass, allowing an attacker to spawn a shell...

Exploit for CVE-2020-1938

It is an exploit module/toolkit targeting Apache Tomcat. The primary CVE ID is CVE-2020-1938, also known as CNVD-2020-10487. The vulnerability class is Local File Inclusion LFI. The probable entry point is the poc.py script, which is typically invoked by running python poc.py with the required...

Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server

gofor 一款集漏洞探测、攻击，Session会话，蜜罐识别等功能于一身的软件，基于go-micro微服务框架并对外提供统一HTTP API网关接口服务 HTTP API Gateway shell ./api-srv Service InstallOptional Exploit ./srv-exploit Webshell webshell ./srv-webshell Example ThinkPHP5.0.20 RCE 攻击例子 shell curl -H "Content-Type:application/json;charset=utf-8" -X POST -d...

Exploit for Use After Free in Debian Debian_Linux

This is a PoC exploit for CVE-2013-2857, a use-after-free vulnerability in the 3DS browser. The exploit is implemented in JavaScript and uses the UaF3 function to create a use-after-free condition, leading to a crash. The exploit is designed to be used on the 3DS browser, specifically on firmware...

Exploit for Out-of-bounds Write in Microsoft

PoC exploit for CVE-2021-1732. This repository contains a proof-of-concept exploit for a vulnerability in Microsoft Visual Studio. The target is the Visual Studio 2013 solution file format, specifically the ExploitTest.sln file. The vulnerability class is not explicitly stated, but based on the...