Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Redhat Enterprise_Linux

PoC exploit for CVE-2020-2732. It is an exploit for the PlayStation 4 on 5.05 firmware. The exploit targets the kernel and allows for arbitrary code execution. The exploit includes autolaunching code for Mira and Vortex's HEN payload. The bug was discovered by qwertyoruiopz. The exploit includes...

ASLRay

This repository contains a Linux ELF x32/x64 ASLR DEP/NX bypass exploit with stack-spraying. The exploit targets the test binary, which is a simple program that takes a string argument and prints it. The exploit works by spraying the stack with a large amount of data, which increases the chances ...

SQLInjectionWiki

This is a SQL injection wiki repository. It is a collection of resources and information on SQL injection techniques, including detection, exploitation, and mitigation. The repository is maintained by NetSPI and is available in both English and Chinese versions. The wiki covers various topics...

PocCollect

This repository is an offensive tool for vulnerability scanning and exploitation, specifically targeting various web applications and services. The primary vulnerability class targeted is SQL injection, with specific examples of exploits for Struts2, 08CMS, and ASPCMS. The tool is written in Pyth...

Bug-Project-Framework

It is an offensive tool for bug exploitation. The repository contains a framework for exploiting vulnerabilities, specifically a module sharing repository. The primary CVE ID is not explicitly mentioned, but the description translates to "Vulnerability exploitation framework module sharing...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Safari

This is an optimization error in the way RegEx matching is handled, leading to an exploit for the latest version of Safari as of Dec. 6 2018. The exploit is for CVE-2018-4233, which was patched in the current WebKit release. The vulnerability is in the WebKit engine and allows for remote code...

Exploit for Use After Free in Microsoft

PoC exploit for CVE-2019-0708. The target product/service is Windows Remote Desktop, and the vulnerability class/vector is a remote code execution RCE vulnerability. The probable entry point is the poc.py script, which is typically invoked by running it directly. The expected impact is remote cod...

Exploit for CVE-2021-22006

It is an exploit module/toolkit targeting JNDI vulnerabilities. The primary CVE ID is CVE-2021-22006. The target product/service is Java-based applications, specifically those using JNDI services. The vulnerability class/vector is RCE Remote Code Execution, and the probable entry points are...

awesome-exploit-development

This is a curated list of resources for learning about exploit development, not an exploit itself. It is a collection of books, tutorials, courses, tools, and vulnerable applications for learning about exploit development. The resources include books such as "Hacking - The art of exploitation" an...

redteam-notebook

It is an offensive tool for network and web exploitation. The repository, redteam-notebook, contains a collection of commands, tips, and tricks for preparation and execution of red teaming activities, specifically for the OSCP exam. The primary vulnerability targeted is not explicitly stated, but...

kali-linux-cheatsheet

It is an offensive tool for penetration testing. The repository contains a Kali Linux Cheat Sheet for Penetration Testers, which provides quick references, commands, and techniques for various aspects of penetration testing. The cheat sheet covers topics such as reconnaissance and enumeration,...

PS4-4.05-Kernel-Exploit

This repository contains a fully implemented kernel exploit for the PlayStation 4 on firmware version 4.05. The exploit, known as "namedobj," allows for arbitrary code execution as kernel, enabling jailbreaking and kernel-level modifications to the system. It includes a loader that listens for...

Exploit for CVE-2020-1189

PoC exploit for CVE-2020-1189, CVE-2020-1190, CVE-2020-1191, CVE-2020-1192, CVE-2020-1193, CVE-2020-1194, CVE-2020-1195, CVE-2020-1196, CVE-2020-1197, CVE-2020-1198, CVE-2020-1199, CVE-2020-1200, CVE-2020-1201, CVE-2020-1202, CVE-2020-1203, CVE-2020-1204, CVE-2020-1205, CVE-2020-1206,...

exploit_me

This is a vulnerable ARM/AARCH64 application, specifically designed for a CTF Capture The Flag style exploitation tutorial. The application is written in C and is intended to demonstrate various types of vulnerabilities, including integer overflow, stack overflow, array overflow, off-by-one, stac...

airbug

This repository is an offensive tool for collecting and utilizing web application vulnerabilities, specifically targeting Content Management Systems CMS. It is a Python-based tool that allows users to load and execute Proof of Concept PoC code for various vulnerabilities. The tool is designed to ...

webcgi-exploits

This repository is a collection of exploits related to web CGI interfaces. It is a multi-language repository, with exploits written in PHP and Python. The exploits are designed to take advantage of vulnerabilities in web servers and CGI interfaces, allowing for remote code execution, port...

redteam-research

Collection of PoC and offensive techniques used by the BlackArrow Red Team...

PHP-backdoors

This is a collection of PHP backdoors, a type of malicious code that allows unauthorized access to a web server. The repository contains multiple backdoors, each with its own features and functionality. Here is a summary of the analysis: Classification: Exploit module/toolkit targeting web server...

SCANNER-INURLBR

This is an offensive tool for web application vulnerability scanning. The tool, INURLBR, is designed to perform advanced searches in search engines to exploit GET/POST capturing emails and URLs, with an internal custom validation junction for each target/URL found. It is written in PHP and can ru...

pentestdb

This is a repository of penetration testing tools and resources, specifically designed for web application security testing. The repository is called "pentestdb" and is maintained by a user named "alpha1e0". The repository contains a variety of tools and resources, including: 1. Exploit systems: ...

rtfm

This is a Debian package for a Python application called "RTFM" Read The Fine Manual. The package is version 0.96-RC1 and is intended for the "all" architecture. The package contains a single file, "rtfm.py", which is the main executable script for the application. The package also contains a...

TL-BOTS

The repository TL-BOTS contains a collection of source code for various botnets. The botnets are categorized into several folders, including TL.BOTNET, TL.EXPLOITSCAN, and TL.IRC. The TL.BOTNET folder contains botnets that may be merged with TL-TROJAN at a later date, while the TL.EXPLOITSCAN...

Exploit for Generation of Error Message Containing Sensitive Information in Postgresql

This is a PoC exploit for CVE-2021-3393, a Java source code static code analysis and danger function identifier program. The tool, named JavaID, identifies dangerous functions in Java source code by way of regular matching. It targets Java vulnerabilities such as XXE, Java Object Deserialization,...

Exploit for Out-of-bounds Read in Openssl

This repository is an exploit for CVE-2014-0160, also known as the Heartbleed vulnerability. The exploit is designed to abuse OpenSSL clients that are vulnerable to this issue. The target product/service is OpenSSL, and the vulnerability class/vector is a buffer overflow in the TLS heartbeat...

postenum

It is an offensive tool for Linux enumeration and privilege escalation. The primary CVE ID is not explicitly mentioned, but the tool is designed to automate the process of gathering critical system information after gaining a foothold, which implies it targets vulnerabilities that allow initial...

WindowsRegistryRootkit

It is an offensive tool for Windows. This repository contains a kernel rootkit that resides within Windows registry value data, developed by Oleksiuk Dmytro aka Cr4sh. The rootkit exploits a zero-day vulnerability in win32k.sys, a Windows kernel-mode driver, through a buffer overflow in the...

Exploit for Use of Uninitialized Resource in Vmware Fusion

This is a VMware Escape Exploit, a proof-of-concept PoC exploit for CVE-2017-4905, targeting VMware WorkStation 12.5.5 and earlier versions. The exploit is designed to escape the VMware environment and execute arbitrary code on the host system. The exploit is written in C and uses a heap...

chw00t

chw00t - Unices chroot breaking tool...

p0wnedShell

This is an offensive PowerShell host application written in C that runs PowerShell commands and functions within a PowerShell runspace environment. It includes various offensive PowerShell modules and binaries to facilitate post-exploitation activities, such as bypassing mitigations and creating...

Some-PoC-oR-ExP

This repository is an offensive tool for collecting or writing various vulnerability POCs and exploits. The primary vulnerability targeted by the provided code is CNVD-2020-10487, a Tomcat-Ajp LFI Local File Inclusion vulnerability. The tool is designed to exploit this vulnerability to gain...

Beebeeto-framework

This is a Python framework for building and executing proof-of-concept POC exploits, specifically targeting the HttpFileServer HFS vulnerability. The framework is called Beebeeto and is maintained by the n0tr00t security team. The framework provides a set of tools and libraries for creating and...

AutoRDPwn

This is a post-exploitation framework called AutoRDPwn, written in PowerShell. It is designed to automate the Shadow attack on Microsoft Windows computers, which allows a remote attacker to view and control the victim's desktop without their consent. The framework has a user-friendly interface an...

Phantom-Evasion

This is a Python antivirus evasion tool called Phantom-Evasion. It is free software, licensed under the GNU General Public License GPL version 3. The tool is designed to evade detection by antivirus software and is intended for educational or research purposes only. The tool has several modules,...

Cobalt-Strike-Aggressor-Scripts

This repository is an offensive tool for Cobalt Strike Aggressor Scripts. It is a collection of PowerShell scripts that aggregate various UAC bypass methods, including the MS16-032, MS16-135, and WScript bypass attacks. The scripts are designed to be used with the Cobalt Strike framework to perfo...

EvilOSX

This is an evil RAT Remote Administration Tool for macOS / OS X. It is a Python-based tool that allows for remote access and control of a compromised system. The tool is designed to be undetectable by anti-virus software and is persistent, meaning it will survive a reboot. The tool has a modular...

ctf-tasks

This is a CTF Capture The Flag challenge repository from the CONFidence CTF 2014 event. The repository contains several files and directories related to two tasks: "Crypto Machine" and "Memory". Crypto Machine The "Crypto Machine" task is a reverse engineering challenge that involves exploiting a...

linux-exploit-development-tutorial

This is a Linux exploit development tutorial for beginners. The repository contains a series of chapters on various topics, including basic knowledge, stack security, heap security, and kernel security. The first chapter covers basic knowledge, including format string vulnerabilities, integer...

pentest_compilation

It is an offensive tool for Windows. The repository contains a compilation of commands, tips, and scripts used for penetration testing and red teaming exercises. The provided code snippet is an XML file named "detalle.SettingContent-ms" located in the "Phishing" directory. This file appears to be...

Cobaltstrike-MS17-010

This repository is an Aggressor Script for Cobalt Strike targeting the MS17-010 vulnerability. It includes a PowerShell module for scanning and exploiting the vulnerability, as well as a stager for delivering a payload. The script is designed to run on Windows 7 x64 and Windows 2008 R2 systems. T...

defcon27_csharp_workshop

This repository contains a collection of C code snippets and labs for writing custom backdoor payloads, as part of a workshop presented at Defcon 27. The code covers various topics, including Windows API calls, memory allocation, thread creation, and encryption. The code snippets are organized in...

JustTryHarder

This is a cheat sheet repository for the PWK Pentester's Workbench course and the OSCP Offensive Security Certified Professional exam. It is inspired by PayloadAllTheThings. The repository contains various tools, scripts, and resources for penetration testing and exploitation. The repository...

Software-Security-Learning

It is an offensive tool for binary analysis. The repository Software-Security-Learning contains a collection of resources for learning software security, including tools and tutorials for binary analysis. The tools listed include Pharos, Angr, Vuzzer, PEDA, and pwntools, which are used for static...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Advantech Webaccess

This is a proof-of-concept PoC exploit for a vulnerability in the bwconn.dll library, which is a Windows RPC Remote Procedure Call client. The vulnerability is identified as CVE-2016-0856. The PoC exploit is written in Python and uses the ctypes library to interact with the bwconn.dll library. Th...

Pentest

This repository is an offensive tool for web application exploitation, specifically a backdoor for web applications. It contains a JavaScript file check.js that is designed to be injected into a web page to steal user credentials. The tool uses the jQuery library jquery.cookie.min.js to manage...

Ninja

This is an open-source C2 server created for stealth red team operations, specifically designed to bypass AMSI Advanced Threat and Malware Protection and other security measures. The server is written in PowerShell and utilizes various modules to achieve its goals. The server includes several...

Shiro_exploit

This is a Python script for exploiting Apache Shiro vulnerabilities. The script is designed to detect and exploit Shiro's deserialization vulnerability. Here's a breakdown of the script: Importing Libraries The script starts by importing various Python libraries, including os, re, base64, uuid,...

fimap

fimap is a Python tool designed to find, prepare, audit, exploit, and even automatically Google for local and remote file inclusion LFI/RFI bugs in web applications. It can identify and exploit file inclusion bugs, including include, includeonce, require, and requireonce functions. The tool has a...

CTFium

This is a collection of CTF Capture The Flag writeups by PersianCats. It is a repository of technical writeups for various CTF challenges from different events. The writeups cover a range of topics, including exploitation of vulnerabilities, reverse engineering, and binary analysis. The repositor...

Exploit for Unrestricted Upload of File with Dangerous Type in Apache Activemq

This repository contains a collection of proof-of-concept PoC exploits and tools for various vulnerabilities. The exploits are categorized by the affected product or framework, and the vulnerability class/vector is also identified. The PoCs are: 1. ActiveMQ/ActiveMQExP.py: This is a PoC exploit f...

ProcessInjection

It is an offensive tool for Windows. This repository contains proof-of-concept PoC code for injecting a DLL into a running process on Windows. The primary CVE ID is not explicitly stated, but the code appears to target a vulnerability in the Windows operating system. The target product/service is...