My-CTF-Web-Challenges

This is a collection of CTF Capture The Flag web challenges created by orange. The repository contains source code, write-ups, and idea explanations for various challenges. The challenges are categorized by year, with challenges from HITCON 2018, 2019, and 2020, as well as other CTF events. The...

vulhub

It is an offensive tool for Docker environments. The repository contains a collection of vulnerable Docker environments, which can be used for testing and training purposes. The environments are pre-built and can be easily deployed using Docker and Docker Compose. The repository includes a variet...

vulscan

This is a Python-based web application for vulnerability scanning and management. The application is built using Django and has several features, including: 1. Vulnerability Scanning: The application can scan for vulnerabilities in websites and applications using a list of predefined POC Proof of...

Exploit for Race Condition in Canonical Ubuntu_Linux

PoC exploit for CVE-2016-5195 Dirty COW. The target product/service is Linux, specifically the vDSO Virtual Dynamic Shared Object component. The vulnerability class/vector is a privilege escalation vulnerability, allowing an unprivileged user to gain root privileges. The probable entry point is t...

vulhub2

It is an offensive tool for web application security training. The primary vulnerability targeted by this tool is not explicitly stated, but based on the provided code and metadata, it appears to be a web application vulnerability. The tool is designed to test the security of web applications, an...

vulhubs

It is an offensive tool for web application security training. The primary vulnerability targeted by this tool is not explicitly stated, but based on the provided code and metadata, it appears to be a collection of vulnerable docker environments for web application security training. The tool...

vulhub

It is an offensive tool for Docker environments. The primary vulnerability is not specified, but the repository contains a collection of vulnerable Docker environments, including CouchDB, FFmpeg, Git, InfluxDB, and others. The environments are designed to be vulnerable to various attacks, allowin...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is an offensive tool for testing and demonstrating vulnerabilities in various software and systems. The primary purpose of Vulhub is to provide a simple and easy-to-use platform for...

vulhub1

It is an offensive tool for web application security training. The repository contains a collection of vulnerable docker environments for web application security training. The tool is designed to be easy to use, requiring only two simple commands to set up a vulnerable environment. The tool is...

Pocsuite

It is an offensive tool for vulnerability exploitation. The primary CVE ID is not explicitly stated in the provided context, but the tool is likely used for exploiting vulnerabilities in web applications. The target product/service or framework is not explicitly stated, but it is likely a web...

vulhub

It is an offensive tool for Docker environments. The repository contains a collection of vulnerable Docker environments, including CouchDB, FFmpeg, Git, InfluxDB, and Oracle Java. The environments are designed to be used for testing and training purposes, allowing users to practice exploiting...

PolyAsciiShellGen

It is an offensive tool for x86 platforms. The primary CVE ID present in the provided context is not explicitly stated, but the tool is related to bypassing MSB data filters for buffer overflow exploits on Intel x86 platforms, as described in the paper "Bypassing MSB Data Filters for Buffer...

Exploit for Out-of-bounds Write in Php

PoC exploit for CVE-2019-11043, an exploit for a bug in php-fpm. The exploit targets a vulnerability in certain nginx + php-fpm configurations, allowing a web user to execute code if the configuration is vulnerable. The exploit assumes that the nginx configuration has a location block that forwar...

Gopherus

This is a Python script for a tool called Gopherus, which is designed to exploit Server-Side Request Forgery SSRF vulnerabilities in various services. The tool can generate payloads for different services, including MySQL, PostgreSQL, FastCGI, Memcached, Redis, Zabbix, and SMTP. The script uses a...

vulhub

It is an offensive tool for web application security training. The repository contains a collection of pre-built vulnerable docker environments for web application security training. The tool is designed to be user-friendly, requiring no prior knowledge of docker, and can be installed and run wit...

Exploit for Deserialization of Untrusted Data in Redhat Jboss_Enterprise_Application_Platform

PenetrationTestingPOCWithPython - IOT Device - Web APP - 提权辅助相关 - PC - tools - books - 说明 PenetrationTestingPOCWithPython 搜集有关渗透测试中用python编写的POC、脚本 请善用搜索Ctrl+F查找 IOT Device - 天翼创维awifi路由器存在多处未授权访问漏洞 - 华为WS331a产品管理页面存在CSRF漏洞 - CVE-2019-16313 蜂网互联企业级路由器v4.31密码泄露漏洞 - D-Link路由器RCE漏洞 -...

Exploit for CVE-2019-1322

Erebus CobaltStrike后渗透测试插件 Auther by S0cke3t 更新日志 2020-03-08 添加cookie steal 支持搜狗,360,360极速,QQ,火狐,谷歌,2345 更多使用事项请移步Browser-cookie-steal 详见:post----Steal-cookie 更新日志 2019-12-30 添加SafetyKatz 此功能为一个修改的mimikatz,截至目前2019-12-30此方式可绕过大部分AV检测和运行 详见:Interact----SafetyKatz 命令 添加Seatbelt...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 提权 Windows SMBv3 LPE Exploit Authors Daniel García Gutiérrez @danigargu Manuel Blanco Parajón @dialluvioso References https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796 https://www.synacktiv.com/posts/exploit/im-smbghost-daba-dee-daba-da.html...

Exploit for CVE-2020-0797

This repository is a PoC exploit for CVE-2020-0796, a wormable SMBv3 vulnerability. The vulnerability allows an attacker to execute code on a target SMB Server or SMB Client by sending a specially crafted packet. The exploit is implemented in Python and uses the socket library to send a packet to...

Exploit for CVE-2020-2551

CVE-2020-2551 Weblogic IIOP 反序列化 测试环境 Weblogic10.3.6+jdk1.6 打包好的jar包 提取码：a6ob 漏洞利用 下载jar包，然后使用marshalsec起一个恶意的RMI服务，本地编译一个exp.java java package payload; import java.io.IOException; public class exp public exp String cmd = "curl http://172.16.1.1/success"; try...

Exploit for CVE-2020-1472

CVE-2020-1472 is a vulnerability in the Windows Netlogon service that allows an unauthenticated attacker to set the password of the Domain Controller account to an empty string NT hash=31d6cfe0d16ae931b73c59d7e0c089c0. This vulnerability is also known as the "Zerologon" vulnerability. The exploit...

Exploit for CVE-2020-1472

PoC exploit for CVE-2020-1472, a vulnerability in the Windows Netlogon service that allows for authentication bypass. The exploit uses the Impacket library to test the vulnerability and attempts to perform a Netlogon authentication bypass. The script will immediately terminate when successfully...

BurpSuite-collections

No description...

Exploit for CVE-2019-2888

CVE-2019-2888 WebLogic EJBTaglibDescriptor XXE漏洞 https://www.oracle.com/security-alerts/cpuoct2019.html fernflower.jar weblogic.jar/weblogic/servlet/ejb2jsp/dd/EJBTaglibDescriptor.class ╭─root@jas502n /var ╰─ find ./ |grep EJBTaglibDescriptor  ✔  8388  18:32:43...

pentest-wiki

This repository is an information gathering library for penetration testers and researchers, containing various tools and documentation for gathering information about a target organization. The repository includes scripts and guides for performing whois searches, querying whois databases, and...

PowerSploit

This is an offensive tool for Windows PowerShell exploitation. The repository contains a PowerShell post-exploitation framework called PowerSploit, which provides various tools for exploiting vulnerabilities in Windows systems. The framework includes modules for antivirus bypass, code execution,...

Exploit for CVE-2013-0422

K8tools 2020628 声明: 工具仅供安全研究或授权渗透，非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大，可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行，大部份经过修改编译兼容性稳定性更好 注意：不保证永久有效,喜欢自行保存。 综合工具 + 反弹工具 Ladon 6.6.6 反弹MSF/NC ShellTCP/HTTP/HTTPS + 扫描工具 Ladon 6.6 SMB漏洞检测 SMBGhost...

Exploit for Unrestricted Upload of File with Dangerous Type in Apache Activemq

This repository is an offensive tool for collecting or writing various vulnerability PoCs proofs of concept and exploits. The primary vulnerability addressed by the repository is CNVD-2020-10487, a Tomcat-Ajp local file inclusion LFI vulnerability. The repository contains two main files:...

Exploit for Improper Initialization in Docker

sectoolset -- Github安全相关工具集合 主要内容： 0x00 漏洞利用实战练习&CTF安全竞赛 0x01 安全扫描器 0x02 安全防守 0x03 渗透测试 0x04 漏洞库及利用工具（POC，EXP 0x05 二进制及代码分析工具 0x06 威胁情报&蜜罐 0x07 安全文档资料 0x11 所有内容 乌云镜像 乌云镜像 乌云镜像,河蟹 近期安全热点 Nmap 7.9发布，更新Npcap，大量指纹更新 Windows Server域控 Netlogon特权提升漏洞 CVE-2020-1472 暗网中网络安全行业暴露状况研究 五眼联盟国家网络安全技术指导书...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Sophos Unified_Threat_Management_Software

SSHTron SSHTron is a multiplayer lightcycle game that runs through SSH. 通过下面命令连接到游戏: $ ssh 192.168.1.111:2022 Controls: WASD or vim keybindings to move do not use your arrow keys. Escape or Ctrl+C to exit. Want to choose color yourself? 有7种颜色可供选择: Red, Green, Yellow, Blue, Magenta, Cyan and White...

exploitdb

The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...

HackSysExtremeVulnerableDriver

This is a repository for the HackSys Extreme Vulnerable Driver HEVD, a tool for testing and demonstrating various types of vulnerabilities in Windows drivers. The repository contains build scripts for both 32-bit and 64-bit architectures on Windows and Linux. The repository includes scripts for...

Exploit for CVE-2016-2384

This repository contains proof-of-concept exploits for two Linux kernel vulnerabilities: CVE-2016-2384 and CVE-2017-6074. CVE-2016-2384 is a double-free vulnerability in the USB MIDI driver. The exploit is a part of a proof-of-concept exploit for the vulnerability in the usb-midi driver. It is...

Exploit for Race Condition in Canonical Ubuntu_Linux

This is a PoC exploit for CVE-2016-5195, also known as the Dirty Cow vulnerability. The exploit targets Linux systems and uses the Dirty Cow vulnerability to gain root access. The vulnerability allows an attacker to write to a read-only page in memory, which can be used to execute arbitrary code...

Exploit for CVE-2015-3636

PoC exploit for CVE-2015-3636, a vulnerability in the Linux kernel affecting 32-bit Android OS. The exploit targets the Linux kernel's socket timestamping functionality, specifically the SIOCGSTAMPNS ioctl command. The vulnerability allows an attacker to execute arbitrary code with elevated...

vulhub1

It is an offensive tool for web application exploitation. The primary vulnerability targeted by this repository is not explicitly stated, but it appears to be a collection of pre-built vulnerable environments based on Docker-Compose. The repository contains various Docker-Compose files for...

vulhub

It is an offensive tool for web application security testing. The repository contains a collection of pre-built vulnerable docker environments for testing web application security. The tool is designed to be easy to use, requiring only two simple commands to compile and run a vulnerable...

Hacking-Cheatsheet

It is an offensive tool for network scanning and enumeration. The primary CVE ID is not present in the provided context. The target product/service or framework is Nmap, a network scanning and exploration tool. The vulnerability class/vector is not explicitly stated, but the tool is used for...

vulhub

It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector ...

Exploit for Missing Authentication for Critical Function in Sap Netweaver_Application_Server_Java

PoC exploit for CVE-2020-6287, a vulnerability in SAP NetWeaver AS Java. The exploit targets the CTCWebService component, allowing an unauthenticated attacker to add a user with no administrator permission set. The vulnerability is present in the CTCWebServiceBean?wsdl endpoint, which is accessed...

vulhub

It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and more. The vulnerability class/vector is...

Exploit for Improper Handling of Exceptional Conditions in Apache Struts

CNVD-ID CNVD-2017-02474 发布时间 2017-03-07 危害级别 高 AV:N/AC:L/Au:N/C:C/I:C/A:C 影响产品 Apache struts =2.3.5，=2.5， CVE Identifier CVE-2017-5638 Problem It is possible to perform a RCE attack with a malicious Content-Type value. If the Content-Type value isn't valid an exception is thrown which is then use...

CVE

This is a collection of HTML files from a blog about reverse engineering and security. The files are dated from August 2019 to September 2019 and appear to be written in Chinese. The content includes various topics such as: Creating and finding SEH Structured Exception Handler in Windows Input...

Exploit for Code Injection in Microsoft

somepocsuite 用于企业内部进行漏洞排查与验证的的pocsuite3验证POC代码（pocsuite3是知道创宇安全团队的开源漏洞测试框架）。 由于原Pocsuite已停止更新，因此将原来的POC代码全部重新改写并迁移到pocsuite3，原POC备份在PocsuiteV2中。 插件代码编写 使用pocsuite3 漏洞测试框架，插件编写请参考 pocsuite3 项目插件编写要求。 PoC 编写规范及要求说明 | 序号 | poc | 说明 | | ---- | --------------------------------------- |...

SpringBootVulExploit

This repository contains a collection of Spring Boot vulnerability exploits and research materials. The repository includes various projects, each targeting a specific vulnerability in Spring Boot applications. The vulnerabilities include: 1. JNDI Object deserialization RCE Remote Code Execution ...

vulhub

It is an offensive tool for web application security testing. The repository contains a collection of pre-built vulnerable docker environments, allowing users to test web application security without requiring prior knowledge of docker. The tool is designed to be easy to use, with a simple...

shadowbroker

This repository contains a collection of exploits and tools, including the "Lost In Translation" leak from the Shadow Brokers. The repository includes exploits for various vulnerabilities, such as RedHat 7.0-7.1 Sendmail 8.11.x, Solaris 6, 7, 8, 9 & 10, and Samba 3.0.x Linux. The exploits are...

Exploit for CVE-2016-0728

PoC exploit for CVE-2016-0728 Linux Kernel Vulnerability. The target product/service is the Linux Kernel, and the vulnerability class/vector is a privilege escalation vulnerability. The probable entry point is the cve20160728.c file, which is compiled into an executable named cve20160728. Not...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary CVE ID present in the context is not explicitly stated, but the repository contains various vulnerable environments, including ones...

Exploit for Code Injection in Microsoft

somepocsuite 用于企业内部进行漏洞排查与验证的的pocsuite3验证POC代码（pocsuite3是知道创宇安全团队的开源漏洞测试框架）。 由于原Pocsuite已停止更新，因此将原来的POC代码全部重新改写并迁移到pocsuite3，原POC备份在PocsuiteV2中。 插件代码编写 使用pocsuite3 漏洞测试框架，插件编写请参考 pocsuite3 项目插件编写要求。 PoC 编写规范及要求说明 | 序号 | poc | 说明 | | ---- | --------------------------------------- |...