1899 matches found
Exploit for Out-of-bounds Write in Php
This is an exploit module for a bug in php-fpm CVE-2019-11043. The bug is possible to trigger from the outside in certain nginx + php-fpm configurations, allowing a web user to execute code if the configuration is vulnerable. The exploit targets the "PHPVALUE" directive in the php.ini file, which...
Exploit for Out-of-bounds Write in Php
This is an exploit module for a bug in php-fpm CVE-2019-11043. The bug is possible to trigger from the outside in certain nginx + php-fpm configurations, allowing a web user to execute code if the configuration is vulnerable. The exploit targets the "shortopentag" and "htmlerrors" php.ini setting...
WriteUp_GoogleCTF_2017
This is a PoC exploit for a vulnerability in the Inst Prof binary, which is a x8664 Linux binary with PIE and NX enabled. The exploit allocates two pages using code reuse, one page to stack pivot and the other page to execute a shellcode. The shellcode is executed by dereferencing a text pointer...
Exploit for CVE-2017-0144
PoC exploit for CVE-2017-0144, also known as Eternalblue-Doublepulsar. This Metasploit module exploits the vulnerability to install a Doublepulsar backdoor on a Windows system. The module targets the SMB protocol, specifically the Ring 0 SMB TCP 445 backdoor. The exploit is designed to run on...
Exploit for Cross-site Scripting in Google Chrome
It is an exploit module for CVE-2017-5124, a Chrome UXSS vulnerability. The target product/service is Google Chrome, and the vulnerability class/vector is User Interface UI Scripting UXSS. The probable entry point is the PoC.mht file, which is a MHTML file containing a malicious XML stylesheet th...
pocsuite
This is a Python-based framework for remote vulnerability testing and proof-of-concept development, known as Pocsuite. It is developed by the Knownsec Security Team and comes with a powerful proof-of-concept engine, many niche features for penetration testers and security researchers. The framewo...
Exploit for CVE-2013-0422
K8tools 20190428 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 博客: https://www.cnblogs.com/k8gege 下载: https://github.com/k8gege/K8tools PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 综合工具 K8飞刀Final.rar + K8data.mdb K8飞刀漏洞数据库20190402 + K8expList.txt...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
This is a proof-of-concept PoC exploit for CVE-2020-0796, also known as SMBGhost, a pre-authentication remote code execution vulnerability in Windows SMBv3. The exploit targets the SMBGhost vulnerability in Windows operating systems, specifically Windows 10 and Windows Server 2016 and 2019. The...
Pocsuite
This repository is an offensive tool for penetration testing and vulnerability assessment. It is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec Security Team. The primary purpose of this tool is to assist penetration testers and...
vulhub
It is an open-source collection of pre-built vulnerable docker environments. The repository carvin0316/vulhub contains a collection of vulnerable environments based on Docker-Compose. The target product/service or framework is not explicitly stated, but the environments are designed to be...
IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists...
Gopherus
This is a Python script for generating gopher links to exploit Server-Side Request Forgery SSRF vulnerabilities in various servers. The script is designed to be used with the Metasploit framework. The script defines several classes for different types of servers, including MySQL, FastCGI,...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2017-11882 文章链接 隐藏17年的Office远程代码执行漏洞(CVE-2017-11882) http://www.cnblogs.com/Hi-blog/p/7878054.html...
vulhub
It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to be vulnerable to various types of attacks. The probable entry points are not specified, but the environments are likel...
Exploit for CVE-2020-2551
CVE-2020-2551 Weblogic IIOP 反序列化 测试环境 Weblogic10.3.6+jdk1.6 打包好的jar包 提取码:a6ob 漏洞利用 下载jar包,然后使用marshalsec起一个恶意的RMI服务,本地编译一个exp.java java package payload; import java.io.IOException; public class exp public exp String cmd = "curl http://172.16.1.1/success"; try...
shiro-check-rce
shiro反序列化漏洞检测RCE工具...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796-SMB 该资源为CVE-2020-0796漏洞复现,包括Python版本和C++版本。主要是集合了github大神们的资源,希望您喜欢 C++ Python EXP POC 漏洞利用: - 本地EXP提权:https://github.com/danigargu/CVE-2020-0796 - 本地EXE提权: https://github.com/f1tz/CVE-2020-0796-LPE-EXP - POC版本提权: https://github.com/eerykitty/CVE-2020-0796-PoC -...
K8tools
It is an offensive tool for web application exploitation. The repository, K8tools, contains a collection of tools for various purposes, including internal penetration, privilege escalation, remote overflow, vulnerability exploitation, scanning, password cracking, and anti-kill tools. The primary...
vulhub
It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not specified, but the environments are designed to be vulnerable to various attacks. The probable entry points are not explicitly stated, but the environments are likely to be...
Exploit for CVE-2020-2551
PoC exploit for CVE-2020-2551, a Python example targeting Weblogic RCE via IIOP. The target vulnerability is a remote code execution vulnerability in Oracle WebLogic Server. The exploit uses the GIOP General Inter-ORB Protocol and CORBA Common Object Request Broker Architecture to establish a...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft
This is a PoC exploit for CVE-2013-0001, a SQL injection vulnerability scanner written in Python. The target product/service is a web application, and the vulnerability class is SQL injection. The probable entry point is the sqliscanner.py script, which is invoked by running the script with the -...
Exploit for CVE-2018-11776
PoC exploit for CVE-2018-11776, a Struts2 RCE vulnerability. The target product/service is Apache Struts 2, and the vulnerability class/vector is Remote Command Execution RCE. The probable entry point is the "help.action" URL, which is accessed via a specially crafted OGNL payload. The exploit is...
Exploit for Improper Encoding or Escaping of Output in F5 Nginx
It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID is not explicitly stated, but the repository contains various vulnerable environments and exploits for different vulnerabilities, including CVE-2016-9086, CVE-2017-1000353, CVE-2013-4547,...
vulhub
It is an open-source collection of pre-built vulnerable docker environments. The repository contains a variety of vulnerable environments, including Flask SSTI, Apache Parsing Vulnerability, and more. The target product/service or framework is not explicitly stated, but the environments are...
vulhub
This repository is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for vulnerability research and testing. The target product/service or framework is not explicitly stated, but it appears to be a collection of vulnerable environments for various...
vulhub
It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the project includes various vulnerable environments, such as Flask SSTI, Apache Parsing Vulnerability, and Jenkins RCE. The probable entry points are...
vasto
This is a copy of the VASTO exploit kit for virtualization platforms. The kit consists of two modules: Abiquo Guest Stealer and Abiquo Poison. Abiquo Guest Stealer is a module that exploits a path traversal vulnerability in Abiquo's REST APIs to retrieve files on the remote system under the Tomca...
Zeratool
This repository, Zeratool, is an automatic exploit generation tool for exploitable CTF Capture The Flag problems. It uses the angr concolic analysis framework to analyze binaries and identify vulnerabilities. The tool can generate exploits for buffer overflow and format string vulnerabilities, an...
PowerSploit
This is an offensive tool for Windows. It is a PowerShell module called PowerSploit, which contains various functions for code execution, DLL injection, and antivirus bypass. The module includes several sub-modules, such as CodeExecution and AntivirusBypass, each with its own set of functions. Th...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
This is a proof-of-concept PoC exploit for CVE-2020-0796, also known as SMBGhost. The exploit targets a remote code execution vulnerability in the Windows SMBv3 server. The PoC is written in Python and uses a shellcode written in x64 assembly language. The PoC consists of two main components: 1. ...
vulhub
It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not specified, but it includes various types of vulnerabilities such as SQL injection, cross-site scripting XSS, and remote code execution RCE. The target product/service or...
vulhub
This is an open-source collection of pre-built vulnerable docker environments. It is not a PoC exploit for a specific CVE, but rather a toolkit for testing and learning about various vulnerabilities. The primary purpose of Vulhub is to provide a simple way to create and run vulnerable environment...
vulhub
This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is an offensive tool for testing and training purposes, specifically designed for vulnerability research and penetration testing. The target product/service or framework is various, as it...
SecGen
This is a Ruby application called SecGen, which generates vulnerable virtual machines for security penetration testing. The application uses Vagrant, Puppet, and Ruby to create randomly vulnerable virtual machines based on a scenario specification. The scenario can specify constraints and...
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Activemq
This repository is an offensive tool for collecting or writing various vulnerability PoCs proofs of concept and exploits. The primary tool in this repository is a Python script named ActiveMQExP/ActiveMQExPV1.0.py, which is designed to exploit a vulnerability in Apache ActiveMQ, specifically...
EQGRP
This is a repository containing the decrypted content of eqgrp-auction-file.tar.xz. The repository includes three files: Linux/bin/7z, Linux/bin/7z.so, and Linux/bin/7za. These files are likely related to the 7-Zip file archiver. The files are in ELF Executable and Linkable Format format, which i...
shadowbroker
This repository, xftx/shadowbroker, contains a collection of exploits and tools leaked by the Shadow Brokers. The repository includes a README.md file that provides information on the contents of the repository, including the exploits and tools it contains. The exploits and tools are organized in...
Awesome_shiro
Awesomeshiro反序列化漏洞复现...
AndroidSecNotes
原文 by 瘦蛟舞 0x00 序 随着移动安全越来越火,各种调试工具也都层出不穷,但因为环境和需求的不同,并没有工具是万能的。另外工具是死的,人是活的,如果能搞懂工具的原理再结合上自身的经验,你也可以创造出属于自己的调试武器。因此,笔者将会在这一系列文章中分享一些自己经常用或原创的调试工具以及手段,希望能对国内移动安全的研究起到一些催化剂的作用。 文章中所有提到的代码和工具都可以在我的github下载到,地址是: https://github.com/zhengmin1989/TheSevenWeapons 0x01 利用函数挂钩实现native层的hook...
vulhub
It is an offensive tool for web application security training. The repository contains a collection of pre-built vulnerable environments based on Docker-Compose, allowing users to easily set up and test various web application vulnerabilities. The tool is designed for security training and...
metasploit-framework
This is the Metasploit Framework repository, a widely used penetration testing tool. The framework is written in Ruby and provides a comprehensive set of modules for exploiting vulnerabilities, conducting social engineering attacks, and gathering information about targets. The repository contains...
PRET
The repository michaelxiaxc/PRET is a Printer Exploitation Toolkit that allows users to test the security of their printers. The tool connects to a device via network or USB and exploits the features of a given printer language, currently supporting PostScript, PJL, and PCL. The main idea of PRET...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796 PoC aka CoronaBlue aka SMBGhost is a proof-of-concept exploit for a bug in Windows 10 1903/1909's new SMB3 compression capability. The bug is caused by a lack of bounds checking in the offset size of the SMB2CompressionTransformHeader, which can lead to a buffer overflow and crash t...
Vxscan
This is a Python script called Vxscan, which is a comprehensive scanning tool. It is primarily used for sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning, and SQL injection. T...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
This repository is an exploit module for the SMBGhost RCE vulnerability, identified as CVE-2020-0796. The exploit is a proof-of-concept PoC and is intended for demonstration purposes only. It has not been thoroughly tested outside of the author's lab environment and should not be used for any...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796 PoC aka CoronaBlue aka SMBGhost is a proof-of-concept exploit for a bug in Windows 10 1903/1909's new SMB3 compression capability. The bug is caused by a lack of bounds checking in the offset size of the SMB2CompressionTransformHeader, which leads to a buffer overflow and kernel cra...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
PoC exploit for CVE-2020-0796 - SMBv3 RCE. The target product/service is SMBv3, and the vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the scanner.py script, which sends a SMB negotiate request to the target server. Notable dependencies/tooling include the...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
PoC exploit for CVE-2020-0796 - SMBv3 RCE. The target product/service is SMB Server Message Block protocol, specifically SMBv3. The vulnerability class/vector is Remote Code Execution RCE. The probable entry point is the scanner.py script, which sends a specially crafted SMB negotiate request to...
vulhub
It is an offensive tool for web application security training. The target product/service or framework is a collection of vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector is various, including SQL injection, cross-site...
Some-PoC-oR-ExP
This repository contains a collection of proof-of-concept PoC exploits and exploits for various vulnerabilities. The primary classification of this repository is 'PoC exploit for CVE-YYYY-NNNN'. The primary CVE ID present in the context is CNVD-2020-10487, which is related to a Tomcat-Ajp LFI...