vulhub

This is an open-source collection of pre-built vulnerable docker environments. It is a collection of docker-compose files that can be used to create vulnerable environments for testing and training purposes. The environments are designed to be easy to use and require no pre-existing knowledge of...

Exploit for Improper Input Validation in Redhat Openshift

This is a pre-built vulnerable Docker environment collection called Vulhub. It is an open-source project that provides a collection of vulnerable Docker environments for testing and learning purposes. The project is maintained by phith0n and is available on GitHub. The repository contains a varie...

Exploit for CVE-2020-14882

This is a Python script designed to exploit the CVE-2020-14882 vulnerability in Oracle WebLogic Server. The script is intended to be used for research purposes only and should not be used for malicious activities. Here's a breakdown of the script: Importing Libraries The script starts by importin...

Exploit for Deserialization of Untrusted Data in Redhat Data_Grid

This repository contains a collection of Python scripts for exploiting Java deserialization vulnerabilities in various applications, including Cisco Prime Infrastructure, JBoss, Jenkins, and OpenNMS. The scripts use the ysoserial tool to generate the payload. The scripts can be categorized into...

bettercap-proxy-modules

This is a collection of HTTP proxy modules for the BetterCap framework, a tool for performing network attacks and penetration testing. The modules are designed to be used with the BetterCap proxy server, which can be configured to intercept and modify HTTP traffic between a client and a server. T...

Exploit for Observable Discrepancy in Intel Atom_C

PoC exploit for CVE-2017-5753 and CVE-2017-5715, variants of the Spectre attack. The target product/service is the CPU, specifically the x86 architecture. The vulnerability class/vector is speculative execution, allowing an attacker to trick error-free programs into leaking their secrets. The...

penetration

This repository contains a collection of 0-day exploits for various web applications, including CMS platforms. The exploits are categorized by the affected application, and each category contains multiple exploits. The exploits are written in various programming languages, including PHP, Python,...

vulhub

It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector ...

Exploit for CVE-2018-9995

This is a PoC exploit for CVE-2018-9995, a vulnerability in DVR systems that allows for the exposure of credentials. The exploit is written in Python and uses the requests library to send HTTP requests to the DVR system. The exploit targets various DVR systems, including Novo, CeNova, QSee, Pulni...

Exploit for Argument Injection in Php

This repository is an exploit module for CVE-2018-19518, a vulnerability in the PHPMailer library. The exploit is written in Python and targets the PHPMailer library's use of the "mail" function to send emails. The vulnerability allows an attacker to inject malicious code into the email body, whi...

vulhub

It is an offensive tool for Docker environments. The repository contains a collection of pre-built vulnerable Docker environments, including various web applications and services, designed to demonstrate common vulnerabilities. The tool is used to create a vulnerable environment for testing and...

Exploit for Improper Input Validation in Joomla Joomla\!

CMS-Hunter 简介 Content Management System Vulnerability Hunter 说明：目前来看，本项目会进行长期维护，有修改的建议或者想法欢迎联系作者。 CMS 漏洞列表 Discuz - Discuz＜3.4birthprovince前台任意文件删除 DedeCMS - DedeCMSv5.7shopsdelivery存储型XSS - DedeCMSv5.7carbuyaction存储型XSS - DedeCMSv5.7友情链接CSRFGetShell - DedeCMS V5.7 SP2后台存在代码执行漏洞 Drupal -...

marshalsec

This repository is an offensive tool for Java deserialization exploitation. It is a Java-based tool for exploiting Java object deserialization vulnerabilities, which can lead to remote code execution RCE and other security issues. The tool includes various payload generators for different Java...

shadowbroker

This repository, xyx2524/shadowbroker, contains a collection of exploits and tools for various vulnerabilities. The repository includes a README file that links to a Steemit post and an archive of a GitHub repository, misterch0c/shadowbroker. The post and repository contain information on a group...

Awesome-Red-Teaming

This is a list of resources for Red Teaming, a list that will be updated regularly with the latest adversarial tactics and techniques based on the Mitre ATT&CK framework. The list covers various topics such as Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credenti...

vulhub1

It is an offensive tool for web application exploitation. The primary vulnerability targeted is a Server-Side Template Injection SSTI in Flask, as evidenced by the presence of the flask/ssti directory. The tool is likely designed to exploit this vulnerability, allowing an attacker to inject...

Exploit for CVE-2020-16898

PoC exploit for CVE-2020-16898, a Windows TCP/IP Remote Code Execution Vulnerability. The exploit targets the Windows TCP/IP stack and uses a specially crafted IPv6 packet to trigger a buffer overflow, leading to remote code execution. The exploit is implemented in Python using the Scapy library...

nishang

This repository is an offensive tool for Windows systems, specifically for adding backdoors and executing malicious scripts. The primary vulnerability class is privilege escalation, as the tools aim to gain elevated privileges on the target system. The probable entry points include PowerShell...

Exploit for CVE-2020-16898

It is an exploit module targeting Apache Log4j. The vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the "exploit.py" script. Not specified. Preconditions are a vulnerable version of Apache Log4j. The expected impact is RCE...

Exploit for Improper Access Control in Elasticsearch

欢迎各位大佬提BUG,当前版本 AssetScanV1.3 周期 初版：2019年11月28日 V1.0初版编写完成 修改1：2019年12月02日 感谢Shadow·J反馈kali下文件导入异常 修改2：2019年12月03日 V1.1发布，新增ARP存活检测（回滚，测bug） 修改3：2019年12月04日 V1.2发布，修复漏洞脚本异常，修复weblogic脚本 修改4：2019年12月05日 V1.2修改，感谢sevck提供设计思路以及代码不规范问题 修改5：2019年12月05日 V1.2修改，修复IP数据处理异常 修改6：2019年12月19日...

Exploit for CVE-2020-1938

CVE-2020-1938Tomcat-fileinclude and filered Tomcat的文件包含及文件读取漏洞利用POC 文件读取 Usage :python2 "Tomcat-ROOT路径下文件读取CVE-2020-1938.py" -p 8009 -f /test.txt 127.0.0.1 文件包含 Usage :python2 "Tomcat-ROOT路径下文件包含CVE-2020-1938.py" -p 8009 -f /test.txt 127.0.0.1 复现详情：http://www.svenbeast.com/post/fqSI9laE8/ img:...

suricata-rules

This repository contains Suricata IDS Intrusion Detection System rules for detecting various types of malicious activity, including CobaltStrike, CryptoMiner, and other threats. The rules are designed to identify specific patterns and behaviors associated with these threats. The rules are organiz...

ctf

This repository contains a writeup for the CSAW CTF 2015. The writeup includes descriptions of various challenges, including web, exploit, crypto, reversing, and forensics challenges. The writeup is organized into sections, with each section describing a specific challenge. The challenges include...

ctf2

This repository is a writeup of the CSAW CTF 2015, a capture the flag CTF competition. The writeup is written in Polish, with an English version available for those who prefer it. The writeup covers various challenges from the competition, including web, exploit, crypto, reversing, and forensics...

Exploit for Buffer Underflow in Microsoft

简介 安全行业小工具以及学习资源收集项目，此项目部分内容来自：https://www.t00ls.net/thread-38964-1-1.html 感谢其分享，这里只是作为个人备份，如有问题可邮件通知。 安全资源 安全资源包括安全书籍，资料，安全教程，学习平台等等。 设备基线加固资料 https://github.com/re4lity/Benchmarks https://learn.cisecurity.org/benchmarks https://nvd.nist.gov/ncp/repository 内网渗透学习资料...

vulhub1

It is an offensive tool for web application vulnerability training. The target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Git, InfluxDB, and more. The vulnerability class/vector is no...

Exploit for Path Traversal in Pivotal_Software Spring_Framework

Web-Security-Learning 项目地址： https://github.com/CHYbeta/Web-Security-Learning 知识星球【漏洞攻防】：https://t.zsxq.com/mm2zBeq 目录： - Web-Security-Learning - Web Security - sql注入 - MySql - MSSQL - PostgreSQL - MongoDB - 技巧 - 工具 - XSS - CSRF - 其他前端安全 - SSRF - XXE - JSONP注入 - SSTI - 代码执行 / 命令执行 - 文件包含 - 文件上传 /...

Exploit for CVE-2020-1472

PoC exploit for CVE-2020-1472, a Windows ZeroLogon vulnerability. The exploit targets the Netlogon service on a Domain Controller DC and allows an attacker to set an empty password for the DC's machine account. This is achieved by exploiting the vulnerability in the Netlogon service, which allows...

Exploit for CVE-2020-1472

PoC exploit for CVE-2020-1472, a vulnerability in the Windows Netlogon service that allows for authentication bypass. The exploit uses the Impacket library to test the vulnerability and attempts to perform a Netlogon authentication bypass. The script will immediately terminate when successfully...

vulhub

It is an offensive tool for web application security training. The primary target is the web application, specifically the Flask framework. The vulnerability class/vector is Server-Side Template Injection SSTI. The probable entry points are scripts/modules such as flask/ssti/exploit.py. Notable...

Exploit for Absolute Path Traversal in Rarlab Winrar

This is a PoC exploit for CVE-2018-20250. The exploit targets a vulnerability in the Microsoft Visual C++ compiler, specifically in the way it handles certain types of code. The vulnerability allows for arbitrary code execution. The exploit is likely to be used to demonstrate the vulnerability an...

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

No description...

Exploit for CVE-2019-13272

No description...

Exploit for Path Traversal in Citrix Application_Delivery_Controller_Firmware

This is a Python script that exploits the CVE-2019-19781 vulnerability in Citrix Application Delivery Controller and Citrix Gateway. The script is designed to upload a malicious XML file to the vulnerable device, which will execute the code contained within, resulting in remote code execution. Th...

Exploit for Use of Hard-coded Cryptographic Key in Apache Aurora

Awesome-shiro CVE-2016-4437 Shiro=1.2.4反序列化，爆破模块和key、代码执行、反弹shell的工具 ---- 漏洞原因 因为shiro对cookie里的rememberme字段进行了反序列化，所以如果知道了shiro的编码方式，然后将恶意命令用它的编码方式进行编码并放在http头的cookie里，在shiro对提交的cookie的rememberme字段进行反序列化时，也就执行了插入的命令，最终造成了命令执行 shiro默认使用了CookieRememberMeManager，其处理cookie的流程是：...

Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat

No description...

Exploit for OS Command Injection in Webmin

This repository contains a proof-of-concept PoC exploit for CVE-2019-15107, a vulnerability in the NetScape 2.0 browser. The exploit is a GIF file that, when opened, will execute arbitrary code on the victim's system. The exploit targets the vulnerability in the browser's GIF89a parser, which...

ICS-security

This repository is an offensive tool for ICS Industrial Control Systems security research. It contains a collection of resources, including papers, exploits, firmware, Nmap scripts, and tools, related to ICS security. The repository is organized into several categories, including a directory of...

Exploit for Improper Verification of Cryptographic Signature in Microsoft

PoC exploit for CVE-2013-3900 IEC 60870-5-104 protocol vulnerability Target product/service: IEC 60870-5-104 protocol Vulnerability class/vector: Authentication bypass Probable entry points: TCP port 2404 Notable dependencies/tooling: Scapy Execution context: Send a specially crafted packet to th...

Exploit for SQL Injection in Drupal

vulnerability-list 常见漏洞快速检测，目前包含以下漏洞。 Tomcat： - CVE201712615 / CVE201712617 - tomcatweakpassword - examplevulnerability检测tomcat的examples等目录是否存在 moon.py -u tomcat http://xx.xx.xx.xx:xxxx Fckeditor - 获取版本及常见上传页面检测 - fck moon.py -u fck http://xx.xx.xx.xx/fckxx Weblogic - CVE201710271...

penetration

This repository contains a collection of exploits and vulnerabilities for various web applications, including CMS platforms. The exploits are categorized by the affected application, and each category contains multiple exploits. The exploits are written in various programming languages, including...

vulhub

This is a Docker Compose file for a vulnerability environment. It is a collection of services that can be used to test and demonstrate various types of vulnerabilities. The file is written in YAML format and defines the services, their ports, and the networks they use. The file contains several...

SQLInjectionWiki

This is a comprehensive wiki on SQL injection, a type of web application security vulnerability. The wiki is maintained by NetSPI and is available in both English and Chinese versions. The wiki covers various aspects of SQL injection, including detection, exploitation, and mitigation. The wiki...

Exploit for CVE-2018-9995

This is a Python script, getDVRCredentials.py, that exploits a vulnerability in DVR systems to obtain exposed credentials. The script is designed to target various DVR systems, including Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login. The script...

Scanners-Box

This is a collection of open-source scanning tools, referred to as "Scanners Box" or "scanbox," maintained by the user "We5ter" on GitHub. The repository contains various tools for scanning and testing different aspects of a system or network, including subdomain enumeration, database vulnerabili...

maltrail

This is a malicious traffic detection system, utilizing publicly available blacklists containing malicious and/or generally suspicious trails. The system can detect various types of malicious traffic, including domain name, URL, IP address, and HTTP User-Agent header value. It also uses advanced...

CMSmap

This is a Python-based CMS Content Management System scanner called CMSmap. It is designed to automate the process of detecting security flaws in popular CMSs such as WordPress, Joomla, Drupal, and Moodle. The tool is still in its early stages and may contain bugs or flaws. The tool uses a...

VEF

This is a Vulnerability Exploitation Framework VEF repository, which is a collection of tools and scripts for exploiting vulnerabilities in various systems and applications. The framework is written in Python and utilizes various APIs from different vulnerability databases, including Censys, Fofa...

Exploit for CVE-2018-2894

Weblogic CVE-2018-2894 CVE-2018-2894 0x01 前言 Oracle 7月更新中，修复了Weblogic Web Service Test Page中一处任意文件上传漏洞，Web Service Test Page 在“生产模式”下默认不开启，所以该漏洞有一定限制， 利用该漏洞，可以上传任意jsp文件，进而获取服务器权限。 0x02 漏洞环境 Ubuntu 16.04 https://github.com/vulhub/vulhub/blob/master/weblogic/CVE-2018-2894/ 执行如下命令，启动weblogic 12.2.1....

Exploit for CVE-2018-2894

Weblogic任意文件上传漏洞（CVE-2018-2894） 最近大家都在说这个漏洞，大家都注意到config.do这里发生了问题，但是其实根据 https://mp.weixin.qq.com/s/y5JGmM-aNaHcs6P9a-gRQ 这里的信息，begin.do也是有问题。少扯淡，下面给出具体利用方法： 问题就出现下下面这个页面。 上传时候，修改name的值就可以了 避免大家麻烦，给出来： /../../../../../../wlserver/server/lib/consoleapp/webapp/framework/skins/wlsconsole/images/ 然后...