1899 matches found
Exploit for Code Injection in Redhat Richfaces
CVE-2018-14667-poc Richfaces漏洞环境及PoC 靶场:vulenvironment下的war包直接丢到tomcat即可 PoC build:build artifactId run:java -jar CVE-2018-14667-poc.jar "cmd" about debug 直接将vulenvironment下的war包下的war解压,然后从idea导入,并将tomcat下的lib添加到library path request demo: GET...
isf
This is an offensive tool for ICS exploitation. It is a Python-based framework for ICS exploitation, similar to Metasploit. The framework is based on the open-source project "routersploit" and is designed for exploitation of industrial control systems ICS. The tool provides a range of features,...
vulhub
It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to be vulnerable to various attacks. The target product/service or framework varies depending on the specific environment...
pwntools
This repository is an offensive tool for binary exploitation. The primary vulnerability targeted by this tool is not explicitly stated in the provided context, but it is likely a remote code execution RCE vulnerability, given the nature of the tool. The target product/service or framework is not...
Auto-Root-Exploit
It is an offensive tool for Linux kernel exploitation. The tool, Auto-Root-Exploit, targets various versions of the Linux kernel, specifically those between 2.6 and 2.6.31.5, with the primary focus on exploiting vulnerabilities in these versions. The tool's primary entry point is the autoroot.sh...
metasploit-framework
This is an exploit module for the Metasploit Framework, a penetration testing tool. The module is designed to target a specific vulnerability in a Windows system, exploiting the SMB protocol to gain remote code execution. The module is written in Ruby and is part of the Metasploit Framework's...
Exploit for CVE-2013-0422
K8tools 20200118 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 扫描工具 Ladon 6.0 大型内网渗透扫描神器内置48个功能,支持Cobalt Strike + 扫描工具 Ladon 5.7...
vulhub
This is an open-source collection of pre-built vulnerable docker environments. It is a collection of docker-compose files that can be used to create vulnerable environments for testing and training purposes. The environments are designed to be easy to use and require no pre-existing knowledge of...
Exploit for Improper Input Validation in Redhat Openshift
This is a pre-built vulnerable Docker environment collection called Vulhub. It is an open-source project that provides a collection of vulnerable Docker environments for testing and learning purposes. The project is maintained by phith0n and is available on GitHub. The repository contains a varie...
Exploit for CVE-2020-14882
This is a Python script designed to exploit the CVE-2020-14882 vulnerability in Oracle WebLogic Server. The script is intended to be used for research purposes only and should not be used for malicious activities. Here's a breakdown of the script: Importing Libraries The script starts by importin...
Exploit for Deserialization of Untrusted Data in Redhat Data_Grid
This repository contains a collection of Python scripts for exploiting Java deserialization vulnerabilities in various applications, including Cisco Prime Infrastructure, JBoss, Jenkins, and OpenNMS. The scripts use the ysoserial tool to generate the payload. The scripts can be categorized into...
bettercap-proxy-modules
This is a collection of HTTP proxy modules for the BetterCap framework, a tool for performing network attacks and penetration testing. The modules are designed to be used with the BetterCap proxy server, which can be configured to intercept and modify HTTP traffic between a client and a server. T...
Exploit for Observable Discrepancy in Intel Atom_C
PoC exploit for CVE-2017-5753 and CVE-2017-5715, variants of the Spectre attack. The target product/service is the CPU, specifically the x86 architecture. The vulnerability class/vector is speculative execution, allowing an attacker to trick error-free programs into leaking their secrets. The...
penetration
This repository contains a collection of 0-day exploits for various web applications, including CMS platforms. The exploits are categorized by the affected application, and each category contains multiple exploits. The exploits are written in various programming languages, including PHP, Python,...
vulhub
It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector ...
Exploit for CVE-2018-9995
This is a PoC exploit for CVE-2018-9995, a vulnerability in DVR systems that allows for the exposure of credentials. The exploit is written in Python and uses the requests library to send HTTP requests to the DVR system. The exploit targets various DVR systems, including Novo, CeNova, QSee, Pulni...
Exploit for Argument Injection in Php
This repository is an exploit module for CVE-2018-19518, a vulnerability in the PHPMailer library. The exploit is written in Python and targets the PHPMailer library's use of the "mail" function to send emails. The vulnerability allows an attacker to inject malicious code into the email body, whi...
vulhub
It is an offensive tool for Docker environments. The repository contains a collection of pre-built vulnerable Docker environments, including various web applications and services, designed to demonstrate common vulnerabilities. The tool is used to create a vulnerable environment for testing and...
Exploit for Improper Input Validation in Joomla Joomla\!
CMS-Hunter 简介 Content Management System Vulnerability Hunter 说明:目前来看,本项目会进行长期维护,有修改的建议或者想法欢迎联系作者。 CMS 漏洞列表 Discuz - Discuz<3.4birthprovince前台任意文件删除 DedeCMS - DedeCMSv5.7shopsdelivery存储型XSS - DedeCMSv5.7carbuyaction存储型XSS - DedeCMSv5.7友情链接CSRFGetShell - DedeCMS V5.7 SP2后台存在代码执行漏洞 Drupal -...
marshalsec
This repository is an offensive tool for Java deserialization exploitation. It is a Java-based tool for exploiting Java object deserialization vulnerabilities, which can lead to remote code execution RCE and other security issues. The tool includes various payload generators for different Java...
shadowbroker
This repository, xyx2524/shadowbroker, contains a collection of exploits and tools for various vulnerabilities. The repository includes a README file that links to a Steemit post and an archive of a GitHub repository, misterch0c/shadowbroker. The post and repository contain information on a group...
Awesome-Red-Teaming
This is a list of resources for Red Teaming, a list that will be updated regularly with the latest adversarial tactics and techniques based on the Mitre ATT&CK framework. The list covers various topics such as Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credenti...
vulhub1
It is an offensive tool for web application exploitation. The primary vulnerability targeted is a Server-Side Template Injection SSTI in Flask, as evidenced by the presence of the flask/ssti directory. The tool is likely designed to exploit this vulnerability, allowing an attacker to inject...
Exploit for CVE-2020-16898
PoC exploit for CVE-2020-16898, a Windows TCP/IP Remote Code Execution Vulnerability. The exploit targets the Windows TCP/IP stack and uses a specially crafted IPv6 packet to trigger a buffer overflow, leading to remote code execution. The exploit is implemented in Python using the Scapy library...
nishang
This repository is an offensive tool for Windows systems, specifically for adding backdoors and executing malicious scripts. The primary vulnerability class is privilege escalation, as the tools aim to gain elevated privileges on the target system. The probable entry points include PowerShell...
Exploit for CVE-2020-16898
It is an exploit module targeting Apache Log4j. The vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the "exploit.py" script. Not specified. Preconditions are a vulnerable version of Apache Log4j. The expected impact is RCE...
Exploit for Improper Access Control in Elasticsearch
欢迎各位大佬提BUG,当前版本 AssetScanV1.3 周期 初版:2019年11月28日 V1.0初版编写完成 修改1:2019年12月02日 感谢Shadow·J反馈kali下文件导入异常 修改2:2019年12月03日 V1.1发布,新增ARP存活检测(回滚,测bug) 修改3:2019年12月04日 V1.2发布,修复漏洞脚本异常,修复weblogic脚本 修改4:2019年12月05日 V1.2修改,感谢sevck提供设计思路以及代码不规范问题 修改5:2019年12月05日 V1.2修改,修复IP数据处理异常 修改6:2019年12月19日...
Exploit for CVE-2020-1938
CVE-2020-1938Tomcat-fileinclude and filered Tomcat的文件包含及文件读取漏洞利用POC 文件读取 Usage :python2 "Tomcat-ROOT路径下文件读取CVE-2020-1938.py" -p 8009 -f /test.txt 127.0.0.1 文件包含 Usage :python2 "Tomcat-ROOT路径下文件包含CVE-2020-1938.py" -p 8009 -f /test.txt 127.0.0.1 复现详情:http://www.svenbeast.com/post/fqSI9laE8/ img:...
suricata-rules
This repository contains Suricata IDS Intrusion Detection System rules for detecting various types of malicious activity, including CobaltStrike, CryptoMiner, and other threats. The rules are designed to identify specific patterns and behaviors associated with these threats. The rules are organiz...
ctf
This repository contains a writeup for the CSAW CTF 2015. The writeup includes descriptions of various challenges, including web, exploit, crypto, reversing, and forensics challenges. The writeup is organized into sections, with each section describing a specific challenge. The challenges include...
ctf2
This repository is a writeup of the CSAW CTF 2015, a capture the flag CTF competition. The writeup is written in Polish, with an English version available for those who prefer it. The writeup covers various challenges from the competition, including web, exploit, crypto, reversing, and forensics...
Exploit for Buffer Underflow in Microsoft
简介 安全行业小工具以及学习资源收集项目,此项目部分内容来自:https://www.t00ls.net/thread-38964-1-1.html 感谢其分享,这里只是作为个人备份,如有问题可邮件通知。 安全资源 安全资源包括安全书籍,资料,安全教程,学习平台等等。 设备基线加固资料 https://github.com/re4lity/Benchmarks https://learn.cisecurity.org/benchmarks https://nvd.nist.gov/ncp/repository 内网渗透学习资料...
vulhub1
It is an offensive tool for web application vulnerability training. The target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Git, InfluxDB, and more. The vulnerability class/vector is no...
Exploit for Path Traversal in Pivotal_Software Spring_Framework
Web-Security-Learning 项目地址: https://github.com/CHYbeta/Web-Security-Learning 知识星球【漏洞攻防】:https://t.zsxq.com/mm2zBeq 目录: - Web-Security-Learning - Web Security - sql注入 - MySql - MSSQL - PostgreSQL - MongoDB - 技巧 - 工具 - XSS - CSRF - 其他前端安全 - SSRF - XXE - JSONP注入 - SSTI - 代码执行 / 命令执行 - 文件包含 - 文件上传 /...
Exploit for CVE-2020-1472
PoC exploit for CVE-2020-1472, a Windows ZeroLogon vulnerability. The exploit targets the Netlogon service on a Domain Controller DC and allows an attacker to set an empty password for the DC's machine account. This is achieved by exploiting the vulnerability in the Netlogon service, which allows...
Exploit for CVE-2020-1472
PoC exploit for CVE-2020-1472, a vulnerability in the Windows Netlogon service that allows for authentication bypass. The exploit uses the Impacket library to test the vulnerability and attempts to perform a Netlogon authentication bypass. The script will immediately terminate when successfully...
vulhub
It is an offensive tool for web application security training. The primary target is the web application, specifically the Flask framework. The vulnerability class/vector is Server-Side Template Injection SSTI. The probable entry points are scripts/modules such as flask/ssti/exploit.py. Notable...
Exploit for Absolute Path Traversal in Rarlab Winrar
This is a PoC exploit for CVE-2018-20250. The exploit targets a vulnerability in the Microsoft Visual C++ compiler, specifically in the way it handles certain types of code. The vulnerability allows for arbitrary code execution. The exploit is likely to be used to demonstrate the vulnerability an...
Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager
No description...
Exploit for CVE-2019-13272
No description...
Exploit for Path Traversal in Citrix Application_Delivery_Controller_Firmware
This is a Python script that exploits the CVE-2019-19781 vulnerability in Citrix Application Delivery Controller and Citrix Gateway. The script is designed to upload a malicious XML file to the vulnerable device, which will execute the code contained within, resulting in remote code execution. Th...
Exploit for Use of Hard-coded Cryptographic Key in Apache Aurora
Awesome-shiro CVE-2016-4437 Shiro=1.2.4反序列化,爆破模块和key、代码执行、反弹shell的工具 ---- 漏洞原因 因为shiro对cookie里的rememberme字段进行了反序列化,所以如果知道了shiro的编码方式,然后将恶意命令用它的编码方式进行编码并放在http头的cookie里,在shiro对提交的cookie的rememberme字段进行反序列化时,也就执行了插入的命令,最终造成了命令执行 shiro默认使用了CookieRememberMeManager,其处理cookie的流程是:...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat
No description...
Exploit for OS Command Injection in Webmin
This repository contains a proof-of-concept PoC exploit for CVE-2019-15107, a vulnerability in the NetScape 2.0 browser. The exploit is a GIF file that, when opened, will execute arbitrary code on the victim's system. The exploit targets the vulnerability in the browser's GIF89a parser, which...
ICS-security
This repository is an offensive tool for ICS Industrial Control Systems security research. It contains a collection of resources, including papers, exploits, firmware, Nmap scripts, and tools, related to ICS security. The repository is organized into several categories, including a directory of...
Exploit for Improper Verification of Cryptographic Signature in Microsoft
PoC exploit for CVE-2013-3900 IEC 60870-5-104 protocol vulnerability Target product/service: IEC 60870-5-104 protocol Vulnerability class/vector: Authentication bypass Probable entry points: TCP port 2404 Notable dependencies/tooling: Scapy Execution context: Send a specially crafted packet to th...
Exploit for SQL Injection in Drupal
vulnerability-list 常见漏洞快速检测,目前包含以下漏洞。 Tomcat: - CVE201712615 / CVE201712617 - tomcatweakpassword - examplevulnerability检测tomcat的examples等目录是否存在 moon.py -u tomcat http://xx.xx.xx.xx:xxxx Fckeditor - 获取版本及常见上传页面检测 - fck moon.py -u fck http://xx.xx.xx.xx/fckxx Weblogic - CVE201710271...
penetration
This repository contains a collection of exploits and vulnerabilities for various web applications, including CMS platforms. The exploits are categorized by the affected application, and each category contains multiple exploits. The exploits are written in various programming languages, including...
vulhub
This is a Docker Compose file for a vulnerability environment. It is a collection of services that can be used to test and demonstrate various types of vulnerabilities. The file is written in YAML format and defines the services, their ports, and the networks they use. The file contains several...
SQLInjectionWiki
This is a comprehensive wiki on SQL injection, a type of web application security vulnerability. The wiki is maintained by NetSPI and is available in both English and Chinese versions. The wiki covers various aspects of SQL injection, including detection, exploitation, and mitigation. The wiki...