Vxscan

This is a Python script for a comprehensive scanning tool called Vxscan. The tool is designed to perform various scans on a target, including sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password...

Exploit for Path Traversal in Codiad

Exploit-Framework Exploits: |Vendor|Vulnerability|Effected Version|Description|Author| |:-:|:-:|:-:|:-:|:-:| |zblog|NOTCVE| https://github.com/WangYihang/Exploit-Framework/wiki Contribution: 1. Guidance of writing exploit module TODO: - 解析字符串 - 深层模块化 - 上下文栈维护 - 日志 - 自动补全 - Exploit 搜索 - Wiki -...

isf

This repository is an Industrial Exploitation Framework ISF for testing and exploiting industrial control systems ICS. It is a Python-based framework similar to Metasploit. The framework is based on the open-source project routersploit and includes various clients and modules for different ICS...

pwntools

This is an offensive tool for binary exploitation. It is a Python library called pwntools, which provides a set of tools for binary exploitation and reverse engineering. The library is designed to be used by security researchers and penetration testers to identify and exploit vulnerabilities in...

MS17-010

This repository is for public analysis of the MS17-010 vulnerability. The repository contains various proof-of-concept PoC exploits and scripts for exploiting the vulnerability, which affects the Windows SMB protocol. The exploits are designed to demonstrate the vulnerability's impact and are not...

Exploit for Deserialization of Untrusted Data in Apache Tomcat

CVE-2020-9484 is a vulnerability in the Apache Tomcat web server. The vulnerability allows an attacker to execute arbitrary code on the server by exploiting a deserialization vulnerability in the Apache Commons Collections library, which is used by Tomcat. The exploit code is written in Groovy an...

Exploit for Use After Free in Microsoft

This is a Metasploit module for exploiting the BlueKeep vulnerability CVE-2019-0708 in Microsoft Remote Desktop. The module is designed to check a range of hosts for the vulnerability by binding the MST120 channel outside of its normal slot and sending non-DoS packets which respond differently on...

Exploit for Out-of-bounds Write in Php

It is an exploit module for CVE-2019-11043. The target product/service is Apache Log4j, and the vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the JNDI exploit, which is a known vulnerability in Log4j. Notable dependencies/tooling include the Apache Log4j...

vulhub

It is an offensive tool for Vulnerability Research. This repository contains pre-built vulnerable environments based on Docker-Compose. The tool allows users to easily create and manage vulnerable environments for testing and research purposes. The environments are designed to be easy to use and...

Exploit for CVE-2013-0422

K8tools 2020628 声明: 工具仅供安全研究或授权渗透，非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大，可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行，大部份经过修改编译兼容性稳定性更好 注意：不保证永久有效,喜欢自行保存。 综合工具 + 反弹工具 Ladon 6.6.6 反弹MSF/NC ShellTCP/HTTP/HTTPS + 扫描工具 Ladon 6.6 SMB漏洞检测 SMBGhost...

vulhub1

It is an offensive tool for web application vulnerability exploitation. The primary CVE ID is not explicitly mentioned, but the tool appears to be designed for exploiting vulnerabilities in web applications, particularly those related to web frameworks such as Flask. The tool is likely used for...

isf

This is a Python-based framework for Industrial Control System ICS exploitation, similar to Metasploit. It's called ICSSploit and is a fork of the routersploit project. The framework is designed to be used for penetration testing and vulnerability assessment of industrial control systems. The...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. No pre-existing knowledge of docker is required, just execute two simple commands and you have a vulnerable environment. The target product/service or framework is docker-compose, the vulnerability class/vector is not...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for vulnerability research and testing. The primary CVE ID present in the context is not explicitly stated, but the repository contains various vulnerable environments, including ones...

Exploit for CVE-2020-16898

CVE-2020-16898 CVE-2020-16898 Windows TCP/IP远程代码执行漏洞 EXP&POC 复现 forforever：https://www.cnblogs.com/forforever/p/13846077.html poc CVE-2020-16898Checker-poc 命令： 管理员启动powershell/CMD Powershell.exe -ExecutionPolicy UnRestricted -File .\CVE-2020-16898-poc.ps1 exp cve-2020-16898-exp2...

pikachu

It is an offensive tool for web application security training. The primary CVE ID is not explicitly mentioned, but the tool is designed to simulate various web application vulnerabilities, including but not limited to, Burt Force 暴力破解漏洞, XSS 跨站脚本漏洞, CSRF 跨站请求伪造, SQL-Inject SQL注入漏洞, RCE 远程命令/代码执行,...

pocsuite3

This is a Python package called pocsuite3, which is a remote vulnerability testing and proof-of-concept development framework. It is developed by the Knownsec 404 Team and comes with a powerful proof-of-concept engine, many powerful features for penetration testers and security researchers. The...

Exploit for Code Injection in Microsoft

somepocsuite 用于企业内部进行漏洞排查与验证的的pocsuite3验证POC代码（pocsuite3是知道创宇安全团队的开源漏洞测试框架）。 由于原Pocsuite已停止更新，因此将原来的POC代码全部重新改写并迁移到pocsuite3，原POC备份在PocsuiteV2中。 插件代码编写 使用pocsuite3 漏洞测试框架，插件编写请参考 pocsuite3 项目插件编写要求。 PoC 编写规范及要求说明 | 序号 | poc | 说明 | | ---- | --------------------------------------- |...

vulhub

It is an offensive tool for web application security training. The repository contains a collection of pre-built vulnerable environments based on Docker-Compose. The tool is designed to provide a simple way to create and manage vulnerable environments for web application security training. The...

Gopherus

This is an offensive tool for exploiting various vulnerabilities in servers. The tool is called Gopherus and is designed to generate payloads for exploiting Server-Side Request Forgery SSRF vulnerabilities in various services, including MySQL, PostgreSQL, FastCGI, Memcached, Redis, Zabbix, and...

IMChecker

This repository is an offensive tool for API misuse detection, specifically designed to identify API misuse bugs in C programs. The tool is called IMChecker, and it uses a constraint-directed static analysis technique powered by a domain-specific language DSL for specifying API usage constraints...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector targeted by Vulhub is not explicitly stated, but based on the provided code and metadata, it appears to be a collection of various vulnerabilities, including but not limited to, SQL...

shadowbroker

This repository, csharphpython/shadowbroker, contains a collection of exploits and tools leaked by the Shadow Brokers, a group known for releasing sensitive information. The repository includes a variety of exploits targeting different systems and vulnerabilities, including: 1. EARLYSHOVEL: a...

BurpSuite-collections

No description...

nishang

This repository is an offensive tool for Windows exploitation, specifically for adding backdoors to Windows systems. It contains a collection of PowerShell scripts that can be used to add various types of backdoors, including constrained delegation backdoors, registry backdoors, and screensaver...

BurpSuite-collections

No description...

My-PWN-Life

This repository is an exploit for a buffer overflow vulnerability in a binary called "bof". The exploit is written in Python and uses the pwntools library to interact with the binary. The binary is a simple program that takes user input and stores it in a buffer. The buffer is not properly...

vulhub

It is an offensive tool for Vulnerability Environment Based on Docker-Compose. The repository contains a collection of pre-built vulnerable docker environments, allowing users to easily create and test vulnerable environments without requiring prior knowledge of docker. The tool includes various...

CTF-All-In-One

This repository is an offensive tool for CTF Capture The Flag competitions, specifically targeting Linux binary security. The repository contains a collection of tools and resources for learning and practicing binary exploitation, reverse engineering, and other related skills. The repository...

linuxkernel_pwn

It is an offensive tool for Linux kernel exploitation. The repository contains a Makefile that compiles and builds two exploits: expdoublefetch and expsidechannel. The primary CVE ID is not explicitly mentioned, but the exploits target Linux kernel vulnerabilities. The probable entry points are t...

vulhub

It is an offensive tool for vulnerable environments. The repository contains a collection of pre-built vulnerable docker environments, including Flask SSTI, Apache Parsing Vulnerability, and others. The tool allows users to easily create and run vulnerable environments for testing and training...

PoC

PoC exploit for CVE-2018-XXXX-XXXX, Exploit module/targeting Axis Communications MPQT/PACS Heap Overflow and Information Leakage. The exploit targets a heap overflow vulnerability in the Axis Communications MPQT/PACS series, which allows for information leakage and heap overflow. The vulnerabilit...

vulhub

It is an offensive tool for Vulnerability Research. The repository contains a collection of pre-built vulnerable Docker environments, allowing users to test and research vulnerabilities without requiring prior knowledge of Docker. The tool is designed to be user-friendly, with a simple two-comman...

dahua

This is a collection of proof-of-concept PoC exploit code and research notes for various vulnerabilities in IP cameras and other network devices. The code is written in Python and C, and the notes provide information on the vulnerabilities, including the attack vector, authentication requirements...

icsmaster

This repository is an offensive tool for ICS Industrial Control Systems security research. It contains a collection of resources, including papers, exploits, firmware, Nmap scripts, and tools, related to ICS security. The repository is organized into several sections, including a directory of...

ScanCVE

This is a PoC exploit for CVE-2021-NNNN, an exploit module/toolkit targeting GitHub. The target product/service is GitHub, and the vulnerability class/vector is not explicitly stated, but it appears to be related to CVE monitoring and alerting. The probable entry point is the ScanCVE.py script,...

dedecmscan

This is a Python script for a web application vulnerability scanner, specifically targeting DedeCMS versions. The script is designed to identify various vulnerabilities in the application, including SQL injection, cross-site scripting XSS, and other potential issues. The script consists of severa...

pwntools

This is an open-source repository for the pwntools project, a Python library for reverse engineering and exploitation. The repository contains various files and workflows for contributing to the project, including issue templates, pull request templates, and workflows for continuous integration a...

vulhub2

It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector ...

SpringBootVulExploit

This repository contains a collection of Spring Boot vulnerability exploit checklists, which are used for authorized testing and security research purposes. The repository includes various exploits and techniques for exploiting Spring Boot applications, including: 1. Spring Boot Vulnerability...

marshalsec

This is a Java-based tool called "marshalsec" that exploits Java object deserialization vulnerabilities in various marshalling libraries. The tool is designed to test and demonstrate the exploitation of these vulnerabilities, which can lead to remote code execution RCE and other security issues...

Exploit for CVE-2019-2888

CVE-2019-2888 WebLogic EJBTaglibDescriptor XXE漏洞 https://www.oracle.com/security-alerts/cpuoct2019.html fernflower.jar weblogic.jar/weblogic/servlet/ejb2jsp/dd/EJBTaglibDescriptor.class ╭─root@jas502n /var ╰─ find ./ |grep EJBTaglibDescriptor  ✔  8388  18:32:43...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Advantech Webaccess

This is a PoC Proof of Concept exploit for CVE-2016-0856, a vulnerability in the Windows RPC Remote Procedure Call service. The exploit targets the RpcClient and RpcDcClient classes, which are part of the bwconn.dll library. The exploit is written in Python and uses the ctypes library to interact...

Exploit for Use After Free in Microsoft

System-Vulnerability 实时更新较好用最新漏洞EXP，仅供已授权渗透测试使用 --- Windows --2019.9.20 CVE-2019-0708 Blue Keep Rce --2019.11.20 CVE-2019-1388 UAC 提权 --2020.3 CVE-2020-0796 - SMBv3 poc --2020.4 CVE-2020-0796 - SMBv3 提权 --2020.5 全版本窃取令牌提权 --2020.6 CVE-2020-0796 - SMBv3 getshell Linux --2019.11 CVE-2019-14287 sudo...

vulhub

It is an offensive tool for Docker environments. The repository contains a collection of pre-built vulnerable Docker environments, allowing users to easily set up and test various vulnerabilities without requiring prior knowledge of Docker. The environments are designed to be simple to use, with...

Pocsuite

This is an offensive tool for penetration testing and vulnerability assessment. It is a Python-based framework called Pocsuite, developed by the Knownsec 404 Team. The tool is designed to perform remote vulnerability testing and proof-of-concept development. The target product/service or framewor...

Exploit for Use of Hard-coded Cryptographic Key in Apache Aurora

Awesome-shiro CVE-2016-4437 Shiro=1.2.4反序列化，爆破模块和key、代码执行、反弹shell的工具 ---- 漏洞原因 因为shiro对cookie里的rememberme字段进行了反序列化，所以如果知道了shiro的编码方式，然后将恶意命令用它的编码方式进行编码并放在http头的cookie里，在shiro对提交的cookie的rememberme字段进行反序列化时，也就执行了插入的命令，最终造成了命令执行 shiro默认使用了CookieRememberMeManager，其处理cookie的流程是：...

vulhub

It is an offensive tool for web application security training. The primary target is not explicitly stated, but based on the provided code and metadata, it appears to be a collection of vulnerable environments based on Docker-Compose. The tool includes various vulnerable environments, such as Fla...

isf1

This is an offensive tool for Industrial Control Systems ICS exploitation. It is a Python-based framework, similar to Metasploit, designed for ICS exploitation. The framework is called ICSSploit and is a fork of the routersploit project. The tool has various modules for different types of ICS...

vulhub

It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector ...