malSploitBase

This repository contains a collection of exploit code and research related to various malware and crimeware tools. The exploits are categorized into different sections, including Banking, Exploit Pack, and Http Botnets. The Banking section contains exploits for various banking malware, such as...

Exploit for CVE-2021-4483

It is an offensive tool for PHP The repository contains a collection of PHP code snippets and functions for auditing and exploiting vulnerabilities, including a proof-of-concept exploit for CVE-2021-4483, an exploit module for targeting PHP applications, and a toolkit for auditing PHP code. The...

tactical-exploitation

This is a tactical exploitation toolkit repository. It contains a Python script called "easywin.py" that provides a toolkit for exploit-less attacks aimed at Windows and Active Directory environments. The script leverages information gathering and brute force capabilities against the SMB protocol...

APTSimulator

This is a toolset for simulating an APT Advanced Persistent Threat attack on a Windows system. The tool, called APT Simulator, is a Windows Batch script that uses a set of tools and output files to make a system look as if it was compromised. It is designed to be simple and easy to use, requiring...

Exploit for CVE-2016-4655

This is a PoC exploit for iOS 9.3.5, targeting CVE-2016-4655 and CVE-2016-4656. The exploit aims to gain root access over the device by exploiting kernel vulnerabilities. The supported devices are listed in offsetfinder.h. The exploit is based on the original disclosure by Lookout and the OS X...

pagodo

This is an offensive tool for web application discovery. The primary CVE ID is not present in the provided context. The target product/service or framework is Google Search, and the vulnerability class/vector is not explicitly stated. The probable entry points are scripts/modules such as...

Exploit for CVE-2021-34525

This is an offensive tool for Windows. It is a PoC exploit for CVE-2021-34525, an exploit module targeting Windows systems. The tool is designed to exploit a vulnerability in the Windows operating system, allowing an attacker to gain elevated privileges. The exploit is likely to be used for testi...

PrivExchange

This is a proof-of-concept PoC tool for abusing Microsoft Exchange to obtain Domain Admin privileges. The tool, named PrivExchange, requires the Impacket library and can be used to subscribe to push notifications on Exchange Web Services, which will make Exchange connect back to the attacker and...

Exploit for CVE-2020-1472

PoC exploit for CVE-2020-1472, a vulnerability in the Windows Netlogon service that allows an attacker to authenticate as the domain controller account with a zero-length password. The exploit uses the impacket library to connect to the Netlogon service and send a zero-length challenge and...

Exploit for Path Traversal in Mikrotik Routeros

This is a PoC exploit for CVE-2018-14847, a vulnerability in RouterOS. The repository contains a simple implementation of a Winbox server, which is a protocol used to manage RouterOS devices. The server accepts a single Winbox message, parses it, and responds with a message indicating insufficien...

Exploit for Out-of-bounds Read in Openssl

It is an exploit module/toolkit targeting OpenSSL versions vulnerable to CVE-2014-0160, also known as the Heartbleed vulnerability. The tool, ssltest.py, scans multiple hosts for this vulnerability in an efficient multi-threaded manner without exploiting the server. The probable entry point is th...

ExploitRemotingService

This is a .NET Remoting Service exploit tool. It is a proof-of-concept PoC exploit for a vulnerability in the .NET Remoting Service. The tool is designed to demonstrate the exploitation of this vulnerability, which allows an attacker to execute arbitrary code on a remote system. The tool consists...

scripts

This repository contains a collection of scripts written by AverageSecurityGuy for use in penetration testing engagements. The scripts are categorized into various folders, each containing a specific type of script, such as password brute forcing, cloud interaction, database testing, enumeration,...

pasta

The repository is a collection of code snippets and notes for learning PHP, specifically for those studying the language. The code snippets cover a range of topics, including forms, good coding practices, interview tasks, and database-related concepts. The repository is organized into several...

mona

This is a repository for mona.py, a Python script used to automate and speed up specific searches while developing exploits, particularly for the Windows platform. Mona.py runs on Immunity Debugger and WinDBG, and requires Python 2.7. The script is designed to work with 32-bit processes, although...

AutoBlue-MS17-010

This is a semi-automated, fully working, no-bs, non-metasploit version of the public exploit code for MS17-010. The exploit is designed to target Windows systems vulnerable to the EternalBlue vulnerability, which is a remote code execution RCE vulnerability in the SMBv1 protocol. The exploit code...

Kernel-Bridge

This repository is an offensive tool for Windows kernel hacking. It is a Windows kernel hacking framework, driver template, hypervisor, and API written in C++. The primary function of this framework is to provide a set of tools for kernel-mode code injection, hooking, and manipulation. The...

RootHelper

This is an offensive tool for Linux privilege escalation. The primary CVE ID is not explicitly mentioned, but the tool fetches scripts that aid in privilege escalation, suggesting that it targets vulnerabilities in Linux systems. The tool, called RootHelper, downloads and unzips scripts that...

clusterd

This is an open-source application server attack toolkit called clusterd. It automates the fingerprinting, reconnaissance, and exploitation phases of an application server attack. The toolkit currently supports six different application server platforms, with several more in development and...

msdat

This is an offensive tool for Microsoft SQL Server MSSQL database exploitation. The tool is called "MSDAT" and is designed to perform various attacks on MSSQL databases, including reading and writing files, executing system commands, and more. The tool uses a variety of techniques, including OLE...

rapidscan

This is a Python-based web vulnerability scanner called RapidScan. It is designed to automate the process of security scanning by using a multitude of available Linux security tools and some custom scripts. The tool is still under development and currently supports around 80 vulnerability tests...

teler-waf

This repository is an open-source Go HTTP middleware called teler-waf, which protects local web services from various threats, including OWASP Top 10 vulnerabilities, malicious actors, botnets, and brute force attacks. The repository contains a variety of files, including issue templates, pull...

smbmap

This is a Python script for a tool called SMBMap, which is designed to enumerate Samba share drives across an entire domain. The tool allows users to list share drives, drive permissions, share contents, upload/download functionality, file name auto-download pattern matching, and even execute...

CTF-All-In-One

This is a repository for a book titled "CTF-All-In-One" by firmianay. The book is a comprehensive guide to CTF Capture The Flag competitions, covering various topics such as Linux, Web security, reverse engineering, and cryptography. The repository contains the source code and materials for the...

offensiveinterview

It is an offensive tool for penetration testing and red teaming. The repository contains a collection of interview questions to screen offensive red team/pentest candidates, categorized into open-ended, knowledge-based, and scenario-based questions. The questions cover various topics such as...

Exploit for CVE-2012-0053

This repository is an offensive tool for web application exploitation, specifically for cross-site scripting XSS attacks. It contains a collection of payloads and scripts that can be used to exploit vulnerabilities in web applications. The payloads are designed to be injected into a vulnerable we...

ysoserial

This is a proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool, called ysoserial, is a collection of utilities and property-oriented programming "gadget chains" discovered in common Java libraries that can, under the right conditions, exploit Jav...

anti-xss

It is an offensive tool for PHP. The primary CVE ID is not explicitly mentioned in the provided context, but the tool is designed to prevent Cross-site scripting XSS attacks. The target product/service is PHP, and the vulnerability class/vector is XSS. The probable entry points are not explicitly...

PinTools

This repository is an example and proof-of-concept PoC for dynamic binary analysis using the Pin tool. The code is designed to detect the classical use-after-free vulnerability. The Pin tool is a dynamic binary instrumentation framework that allows developers to analyze and modify the behavior of...

wazuh

This repository is an open-source security platform called Wazuh, which provides unified XDR and SIEM protection for endpoints and cloud workloads. The repository contains various files and templates for issue reporting, testing, and integration with external services. The probable entry points f...

spraywmi

Exploit module/toolkit targeting Windows systems via WMI Windows Management Instrumentation spraying. The tool, named SprayWMI, is designed to mass spray Unicorn PowerShell injection to CIDR notations. It is a Python-based tool that uses the pexpect library to interact with the Windows Management...

Exploit for Out-of-bounds Read in Openssl

This is an exploit module/toolkit targeting the Heartbleed vulnerability CVE-2014-0160. The target product/service is OpenSSL, and the vulnerability class/vector is a buffer overflow in the TLS heartbeat extension, allowing for memory disclosure. The probable entry point is the ssl3writebytes...

mitmf

This is a Python-based framework for Man-In-The-Middle MITM attacks, called MITMf. It is designed to provide a one-stop-shop for various network attacks and techniques. The framework contains a built-in SMB, HTTP, and DNS server that can be controlled and used by various plugins. It also includes...

exploitdb

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a searchable archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit Database is...

nishang

This repository is an offensive tool for Windows systems. It contains a collection of PowerShell scripts that can be used to exploit various vulnerabilities and gain unauthorized access to a system. The scripts are designed to be used by attackers to gain a foothold on a system and then escalate...

exploitdb-bin-sploits

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains binary exploits located in the /bin-sploits/ directory. The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by...

windows-privesc-check

It is an offensive tool for Windows privilege escalation checking. The tool, windows-privesc-check, is a standalone executable that runs on Windows systems, attempting to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or access local apps. I...

Exploit for OS Command Injection in Gnu Bash

PoC exploit for CVE-2014-6271 Shellshock. The target product/service is Apache httpd, and the vulnerability class/vector is RCE Remote Code Execution via environment variable manipulation. The probable entry point is the CGI Common Gateway Interface handler. Notable dependencies/tooling include t...

gosec

This is a Go AST Abstract Syntax Tree scanner for identifying security vulnerabilities in Go code. The scanner is called "gosec" and is part of the GolangCI project. It can be installed using the command "go get github.com/golangci/gosec/cmd/gosec/...". The scanner can be configured to run a subs...

graphql-playground

It is an offensive tool for GraphQL. This repository contains a proof-of-concept PoC exploit for a vulnerability in the GraphQL Playground, a popular IDE for GraphQL development. The exploit targets an XSS Reflection attack vulnerability in the graphql-playground-html package, which was resolved ...

Exploit for Out-of-bounds Write in Apple Mac_Os_X

This is a PoC exploit for CVE-2019-8695, which is a vulnerability in the MySQL server that allows authentication without knowing the cleartext password. The exploit targets the Secure Password Authentication plugin aka mysqlnativepassword, the default method used by MySQL. The target...

sinatra

This is a Sinatra repository, a DSL for creating web applications in Ruby with minimal effort. The repository contains various files, including a .github/workflows/test.yml file that defines a GitHub Actions workflow for testing, and a Gemfile that lists dependencies for the project. The Gemfile...

disable_eval

This is a Ruby gem called "disableeval" that provides a method to protect against eval-related security vulnerabilities. The gem is designed to prevent remote code execution RCE attacks by disabling the eval method and its variants. The gem provides two main components: 1. A Rack middleware that...

pwntools

This is a CTF Capture The Flag framework and exploit development library. It is written in Python and provides a set of tools for developing and executing exploits. The library is designed to be extensible and customizable, allowing users to easily add new functionality and plugins. The library i...

Exploit for Out-of-bounds Write in Linux Linux_Kernel

This is a collection of proof-of-concept PoC code for various kernel vulnerabilities. Here's a breakdown of the code and its implications: CVE-2015-0569 This PoC exploits a buffer overflow vulnerability in the prima wlan driver. The code writes a large buffer to a kernel memory location, causing ...

pwntools

This is a CTF Capture The Flag framework and exploit development library. It is a Python library that provides a set of tools for developing exploits and performing penetration testing. The library is designed to be extensible and customizable, allowing users to easily add new features and plugin...

Exploit for CVE-2016-1057

This is a PoC exploit for CVE-2016-1057, a remote jailbreak for MikroTik's RouterOS. The exploit targets devices running v6.x.x and allows for remote code execution. The vulnerability exists on other device versions as well, but the exploit only supports v6.x.x. The exploit script is designed to...

hackingtool

This is an offensive tool for penetration testing and hacking. It is a collection of various tools for different types of attacks, including information gathering, web attacks, SQL injection, phishing, and more. The tool is written in Python and is designed to be run on Linux systems, including...

JNDIExploit

This is a Java-based exploit tool for JNDI Java Naming and Directory Interface injection vulnerabilities. The tool is designed to inject a payload into the JNDI repository, allowing an attacker to execute arbitrary code on the target system. The tool is based on the Rogue JNDI project and support...

pwntools

This is a CTF framework and exploit development library. It is a Python library for exploit development and reverse engineering. The library provides a set of tools for creating and executing exploits, as well as for analyzing and debugging binary files. The library is designed to be extensible a...