ysoserial

This is a proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool, called ysoserial, is a collection of utilities and property-oriented programming "gadget chains" discovered in common Java libraries that can, under the right conditions, exploit Jav...

vulhub2

This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is an offensive tool for various areas, including web application security, web server security, and more. The primary purpose of Vulhub is to provide a simple and easy-to-use...

Exploit for CVE-2019-1003000

PoC exploit for CVE-2019-1003000, CVE-2019-1003001, and CVE-2019-1003002, which are related to a vulnerability in Jenkins' Script Security, Pipeline: Groovy, and Pipeline: Declarative plugins. The exploit allows users with Overall/Read permission and Job/Configure and optional Job/Build to bypass...

CTF-All-In-One

This repository is an offensive tool for CTF Capture The Flag competitions, specifically targeting Linux systems. The primary vulnerability class is not explicitly stated, but based on the content, it appears to be focused on binary exploitation Pwn. The tool is designed to be used in a CTF...

Exploit for Path Traversal in Vmware Cloud_Foundation

Ladon Scanner For Golang Wiki http://k8gege.org/Ladon/LadonGo.html 简介...

Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server

weblogic-scan weblogic 漏洞扫描工具 妄想试图weblogic一把梭 目前检测的功能 - x console 页面探测 & 弱口令扫描 - x uuid页面的SSRF - x CVE-2017-10271 wls-wsat页面的反序列化 - x CVE-2018-2628 反序列化 - x CNVD-C-2019-48814 后期可以的话还会继续加功能的，主要是一些反序列化的poc真的不好写，我也不咋会.. USE 使用前请先填写config.py中的server参数...

metasploit-framework

This repository is an offensive tool for Metasploit Framework. The Metasploit Framework is a comprehensive platform for developing and executing exploits, post-exploitation tools, and malware. It is a powerful tool for penetration testers, security researchers, and red teamers. The framework...

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

It is an offensive tool for various areas. The repository contains a collection of vulnerable docker environments, including: CouchDB FFmpeg Git InfluxDB Jenkins Nginx Oracle Java Apache HTTP Server GitLab FastJSON Jenkins Electron The vulnerabilities include: CVE-2016-9086 GitLab CVE-2016-10134...

exploitdb

This is a repository of exploits and proof-of-concepts for various vulnerabilities in software and systems. The repository is maintained by Offensive Security and is used by penetration testers and vulnerability researchers. The exploits are categorized into different types, including exploits,...

Zeratool

This is an offensive tool for CTF Capture The Flag problems. It is designed to automatically generate exploits and remotely capture flags for exploitable CTF problems. The tool, called Zeratool, uses the angr binary analysis framework to concolically analyze binaries by hooking printf and looking...

Exploit for CVE-2020-2551

描述 在Oracle官方发布的2020年1月关键补丁更新公告CPU（Critical Patch Update）中，公布了一个Weblogic WLS组件IIOP协议中的远程代码执行漏洞（CVE-2020-2551）。 该漏洞可以绕过 Oracle 官方在 2019 年 10 月份发布的最新安全补丁。攻击者可以通过 IIOP 协议远程访问 Weblogic Server 服务器上的远程接口，传入恶意数据，从而获取服务器 权限并在未授权情况下远程执行任意代码。官方给出的CVSS 评分为 9.8。 IIOP 协议以 Java 接口的形式对远程对象进行访问，默认启用，可通过 7001...

Information_Collection_Handbook

The repository is an information collection handbook for penetration testing and source code analysis. It contains a collection of tools and resources for gathering information about a target, including domain name information, application information, and source code analysis. The repository...

vulhub

This is a collection of vulnerable Docker environments, known as Vulhub. It's an open-source project that provides pre-built vulnerable environments for testing and learning purposes. The project is maintained by phith0n and is available on GitHub. The repository contains a variety of vulnerable...

Exploit for SQL Injection in Zabbix

This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is an offensive tool for web application security testing and vulnerability research. The primary purpose of Vulhub is to provide a simple and convenient way to test and demonstra...

maltrail

This is a Python script repository for a malicious traffic detection system called Maltrail. The repository contains various files and directories, including configuration files, data storage files, and scripts for data processing and analysis. The script uses a variety of techniques to detect...

Exploit for Off-by-one Error in Sudo_Project Sudo

PoC exploit for CVE-2021-3156, a heap overflow vulnerability in sudoedit. The target product/service is sudoedit, a command-line utility for editing files with superuser privileges. The vulnerability class/vector is a heap overflow, which can lead to a privilege escalation LPE. The probable entry...

Exploit for CVE-2021-3129

CVE-2021-3129 Laravel debug rce 食用方法 执行docker-compse up -d启动环境 访问8888端口后点击首页面的generate key就可以复现了 关于docker环境想说的几点： - 把.env.example复制到.env作用是开启debug环境 - 关闭了php.ini的phar.readonly - 在resources/view/里添加了一个hello模板并引用了一个未定义变量，同时在routes/web.php添加路由这个我加在源码里了，没写dockerfile里 复现效果 脚本已放出，脚本要和phpggc项目文件夹在同一级目录下...

Exploit for Off-by-one Error in Sudo_Project Sudo

This is a Python script repository for exploiting the CVE-2021-3156 vulnerability in sudo. The vulnerability is a heap-based overflow in the sudo package, which can be exploited to gain root privileges. The repository contains several exploit scripts, each targeting a specific version of the sudo...

Exploit for Off-by-one Error in Sudo_Project Sudo

This is a PoC exploit for CVE-2021-3156, a heap-based overflow vulnerability in sudo. The exploit is written in C and uses a combination of techniques to achieve arbitrary code execution. The exploit creates a shared library libnssX/P0PSH3LLZ .so.2 that is loaded by sudo, which contains a buffer...

Exploit for Path Traversal in Vmware Cloud_Foundation

PoC exploit for CVE-2021-21972, a remote code execution vulnerability in VMware vCenter 6.5-7.0. The exploit uploads the web shell "shell.jsp" to the target server, which is then executed to gain remote code execution. The exploit is invoked by running the Python script "vcenterrce.py" with the U...

awesome-jenkins-rce-2019

No description...

Exploit for Path Traversal in Vmware Cloud_Foundation

CVE-2021-21972 CVE-2021-21972 Works On - VMware-VCSA-all-6.7.0-8217866、VMware-VIM-all-6.7.0-8217866 ✔ - VMware-VCSA-all-6.5.0-16613358 ✔ For vCenter6.7 U2+ vCenter 6.7U2+ running website in memory,so this exp can't work for 6.7 u2+. Need test - vCenter 6.5 LinuxVCSA/Window Waiting For Test -...

pocsuite3

This is a Python package called pocsuite3, which is a remote vulnerability testing and proof-of-concept development framework. It is developed by the Knownsec 404 Team and comes with a powerful proof-of-concept engine, many powerful features for the ultimate penetration testers and security...

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

It is an offensive tool for Web applications. The primary CVE ID is 'CVE-2020-5902'. The target product/service is BIG-IP F5, and the vulnerability class/vector is Remote Code Execution RCE. The probable entry point is undisclosed pages in the Traffic Management User Interface TMUI, also referred...

Exploit for Off-by-one Error in Sudo_Project Sudo

This is a PoC exploit for CVE-2021-3156, a vulnerability in the GNU C Library glibc that allows for a buffer overflow attack. The exploit is written in C and is designed to work on Ubuntu 18.04 and 20.04 systems. The exploit creates a malicious shared library, "libnssX.so.2", that is designed to ...

BHR_Labs

No description...

Exploit for SQL Injection in Zabbix

This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is an offensive tool for web application security training and testing. The primary vulnerability class targeted by Vulhub is web application vulnerabilities, including Remote Cod...

vulhub

It is an offensive tool for vulnerable environments. The repository contains pre-built vulnerable environments based on Docker-Compose. The tool is designed to provide a simple way to create and manage vulnerable environments for testing and training purposes. The target product/service or...

metasploit-framework

This is an exploit module for the Metasploit Framework, a penetration testing tool. The module is designed to exploit a vulnerability in a specific target, which is not explicitly stated in the provided code. However, based on the code and the context, it appears that the target is a Windows...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

PoC exploit for CVE-2020-0796, a buffer overflow vulnerability in Windows 10 1903/1909's SMB3 compression capability. The exploit connects to the target host, compresses the authentication request with a bad offset field set in the transformation header, causing the decompressor to buffer overflo...

Exploit for Use After Free in Microsoft

CVE-2019-0708-poc CVE-2019-0708 远程代码执行漏洞批量检测 3389hosts为待检测IP地址清单，一行一个 pool = ThreadPool10 为自定义扫描线程 注意 Windows python3环境 使用 1. 编辑3389hosts，将待检测的IP地址写入文件，一行一个 2. 命令行切换到代码所在的目录，运行python cve-2019-0708.py...

Software-Security-Learning

It is an offensive tool for binary exploitation. The primary CVE ID is not explicitly mentioned, but the repository contains information on various software security topics, including binary exploitation. The target product/service or framework is not specified, but the repository includes tools...

Exploit for Improper Restriction of XML External Entity Reference in Apache Solr

注意: 切勿利用本工具对未授权的网站进行非法攻击。由此产生的法律后果由使用者自行承担!!! AttackWebFrameworkTools 1.0 2021-03-06 AttackWebFrameworkTools For RedTeam 更新状态日志: 2021-03-06 新增DVR 摄像头exp 新增Nexus Repository Manager exp。修改默认线程数为20。增加超时时间。增加界面显示shell的路径。修复cookie bug 2021-03-03 修复某些类延时时间过短导致漏洞检测不准确。下一个版本将调整默认线程数字预计是20或者10 2021-02-27 ...

thorn-linux

This is a Debian-based research and development platform for information security called Thorn Linux. It is designed to keep users up to date with the latest cybersecurity news while providing a hardened and anonymized penetration-testing environment. The platform includes a highly customized...

vxhunter

This is an offensive tool for embedded device analysis. It is a toolset for VxWorks based embedded device analyses, specifically designed for analyzing VxWorks firmware. The toolset includes plugins written in Python for analyzing firmware loading address, fixing function names with symbol tables...

nightmare

This repository is an open-source project for teaching binary exploitation and reverse engineering skills through a series of challenges. It is a collection of CTF Capture The Flag challenges designed to help learners develop their skills in exploiting binaries and reversing assembly code. The...

PayloadsAllTheThings

This repository is an offensive tool for Web Application Security and Pentest/CTF. It contains a list of useful payloads and bypass for various web application security vulnerabilities. The repository includes tools and exploits for vulnerabilities such as CRLF injection, CSRF injection, and CORS...

SpringBootVulExploit

This repository contains a collection of Spring Boot vulnerability exploit checklists, including information on how to exploit various vulnerabilities in Spring Boot applications. The repository includes several subdirectories, each containing a specific exploit: 1...

TPScan

thinkphp rce sql tools...

Exploit for Use After Free in Apache Http_Server

CVE-2019-0211 介绍 CVE-2019-0211 软件架构 软件架构说明 安装教程 1. xxxx 2. xxxx 3. xxxx 使用说明 1. xxxx 2. xxxx 3. xxxx 参与贡献 1. Fork 本仓库 2. 新建 Featxxx 分支 3. 提交代码 4. 新建 Pull Request 特技 1. 使用 Readme\XXX.md 来支持不同的语言，例如 Readme\en.md, Readme\zh.md 2. Gitee 官方博客 blog.gitee.com 3. 你可以 https://gitee.com/explore 这个地址来了解 Git...

Exploit for CVE-2019-11580

CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE Usage: python CVE-2019-11580.py http://xx.xx.xx.xx/ Crowd-2.11.0 VulnVersion Donwload https://product-downloads.atlassian.com/software/crowd/downloads/atlassian-crowd-2.11.0.tar.gz Powered by Atlassian Crowd Version: 2.11.0 Build:725 -...

Exploit for SQL Injection in Zabbix

This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary CVEs mentioned in the repository are CVE-2016-10134, CVE-2017-2824, and CVE-2020-11800. The target product/service or framework is not explicitl...

SHIRO-550

No description...

uafuzz

This is an offensive tool for Binary Analysis. The repository, cherrywb/uafuzz, is a directed fuzzer dedicated to Use-After-Free UAF bugs at the binary level. It aims to detect UAF bugs, which appear when a heap element is used after having been freed. The tool uses a combination of static...

Exploit for Out-of-bounds Write in Microsoft

CVE-2018-0802 介绍 RTF118820802 软件架构 软件架构说明 安装教程 1. xxxx 2. xxxx 3. xxxx 使用说明 1. xxxx 2. xxxx 3. xxxx 参与贡献 1. Fork 本仓库 2. 新建 Featxxx 分支 3. 提交代码 4. 新建 Pull Request 特技 1. 使用 Readme\XXX.md 来支持不同的语言，例如 Readme\en.md, Readme\zh.md 2. Gitee 官方博客 blog.gitee.com 3. 你可以 https://gitee.com/explore 这个地址来了解 Gite...

vulhub

This repository is an open-source collection of pre-built vulnerable Docker environments, known as Vulhub. It is an offensive tool for testing and demonstrating vulnerabilities in various software and systems. The primary vulnerability class targeted by Vulhub is not explicitly stated, but it...

suricata-rules

It is an offensive tool for cryptocurrency mining. The repository contains rules for detecting DNS queries to public cryptocurrency mining pool domains. The rules are designed to identify queries to various mining pool domains, including pool.minergate.com, pool.minexmr.com, opmoner.com,...

exploitdb

The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is an offensive tool for testing and practicing vulnerability exploitation. The primary vulnerability targeted by this repository is not explicitly stated, but it includes various...

exploitdb

This repository is an official collection of exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. It is a repository for exploits and Proof-of-Concepts rather than advisories, making it a valuable resource for those who need...