Exploit for CVE-2017-0213

windows-kernel-exploits 简介 windows-kernel-exploits 漏洞列表 Security Bulletin KB Description Operating System - MS17-017 KB4013081 GDI Palette Objects Local Privilege Escalation windows 7/8 - CVE-2017-8464 LNK Remote Code Execution Vulnerability windows 10/8.1/7/2016/2010/2008 - CVE-2017-0213...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability is a Flask SSTI Server-Side Template Injection vulnerability. The target product/service is Flask, a Python web framework. The probable entry point is the flask/ssti directory, where the...

Exploit for Race Condition in Canonical Ubuntu_Linux

This is a PoC Proof of Concept exploit for CVE-2016-5195, also known as Dirty COW. The exploit relies on ptrace to patch the vDSO Virtual Dynamic Shared Object and gain root privileges. The exploit is architecture-dependent and may not work on every Linux version. The payload is written in assemb...

Exploit for CVE-2018-8453

cve-2018-8453-exp cve-2018-8453 exp 本程序为cve-2018-8453的利用程序。 开发\测试平台：x86: windows 10 rs2 15063 x64: windos 10 rs2 16299 附： 使用Palette来读写内核 严重声明： 本工具仅用于技术研究学习。非法使用造成一切后果，均与本人无关。...

fastjson-poc

This is a Java-based proof-of-concept PoC code for exploiting a remote code execution RCE vulnerability in the FastJSON library, specifically in versions 1.2.22 to 1.2.24. The code is designed to bypass the autotype mechanism in FastJSON, which is a security feature that prevents certain types of...

PowerSploit

This is an offensive tool for Windows PowerShell. It is a module for PowerSploit, a PowerShell framework for penetration testing and red teaming. The module contains several functions for code execution, including reflective DLL injection and DLL injection into a process. The functions can be use...

penetration

The repository contains a collection of exploit files and scripts for various vulnerabilities in web applications, specifically CMS platforms. The exploits are categorized by the affected CMS, with each category containing multiple exploit files. The exploits are written in various programming...

exploitdb

The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...

信息收集

This repository is an information collection tool for penetration testing and vulnerability assessment. It is a collection of scripts and tools for gathering information about a target system or network. The repository is written in Python and includes various modules for different tasks such as...

penetration

This repository contains a collection of exploit files for various vulnerabilities in web applications, specifically CMS Content Management System platforms. The exploits are categorized by the CMS platform they target, and each file contains a description of the vulnerability and the exploit cod...

Exploit for CVE-2017-0144

PoC exploit for CVE-2017-0144 Eternalblue-Doublepulsar. The target product/service is Windows operating system, specifically the SMB Server Message Block protocol. The vulnerability class/vector is a remote code execution RCE vulnerability, which allows an attacker to execute arbitrary code on th...

Exploit for CVE-2017-0144

PoC exploit for CVE-2017-0144 EternalBlue using the Doublepulsar backdoor, implemented as a Metasploit module. The target product/service is Windows, and the vulnerability class is RCE Remote Code Execution. The probable entry point is the Metasploit module, and the notable dependency is the...

Exploit for CVE-2017-0144

PoC exploit for CVE-2017-0144, a remote code execution vulnerability in SMBv1. The exploit targets Windows 7 and 2008 R2 systems. The probable entry point is the eternalblue.py script, which is a Python implementation of the NSA EternalBlue SMB exploit. Not specified how it is typically invoked...

EquationExploit

Based on the provided code, it appears to be a Windows executable file likely a PE file that contains a malicious payload. The code is written in C and is designed to be compiled and executed on a Windows system. The code is a PE file, which is a type of executable file used on Windows systems. T...

MS17-010

This repository is for public analysis of the MS17-010 vulnerability. The repository contains various scripts and exploits for demonstrating the vulnerability, including EternalBlue, Eternalchampion, and Eternalromance. The exploits are designed to target Windows systems and can be used to gain...

vmware_escape

This is an exploit module for VMware Workstation prior to version 12.5.5. The exploit targets a vulnerability in the way VMware handles certain types of memory access, allowing an attacker to execute arbitrary code on the host system. The exploit is designed to be used by an attacker who has gain...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

This is a PoC exploit for CVE-2020-0796, a Windows SMBv3 LPE Local Privilege Escalation vulnerability. The exploit is written in C++ and uses the Windows API to manipulate system handles and exploit the vulnerability. The code includes a function to get the address of a handle, and another functi...

pwn_category

This is a PoC exploit for a vulnerability in the GNU C Library glibc version 2.3.4. The exploit targets the printfchk function, which is used to perform formatted printing. The vulnerability allows for arbitrary read and write operations in the heap, which can be used to achieve code execution. T...

metasploit-framework

This is a Metasploit Framework repository. The framework is a penetration testing tool that allows users to create and execute exploits against various targets. The repository contains a wide range of modules, including exploits, payloads, and auxiliary tools. The framework is written in Ruby and...

antSword

This is a comprehensive analysis of the provided code and metadata from the AntSword repository. Classification: Exploit module/toolkit targeting web applications Primary CVE ID: Not specified Target product/service or framework: Web applications Vulnerability class/vector: Not specified Probable...

vulhub

It is an offensive tool for Docker environments. The repository contains a collection of pre-built vulnerable Docker environments, including Flask SSTI Server-Side Template Injection and other vulnerabilities. The tool is designed to help users test and demonstrate vulnerabilities in a controlled...

Information_Collection_Handbook

It is an offensive tool for information collection. The repository contains a collection of tools and scripts for gathering information about a target, including domain information, application information, and more. The tools are likely used for reconnaissance and intelligence gathering purposes...

Exploit for Path Traversal in Citrix Application_Delivery_Controller_Firmware

Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway CVE-2019-19781...

Exploit for Deserialization of Untrusted Data in Oracle Weblogic_Server

CVE-2018-2628 CVE-2018-2628漏洞工具包 根据Github上整理出的漏洞利用工具包含： 1.CVE-2018-2628漏洞检测工具 //漏洞存在检测的POC 2.weblogicpoc.py //漏洞利用的POC 3.ysoserial-0.1-cve-2018-2628-all.jar //借鉴的漏洞利用工具https://github.com/tdy218/ysoserial-cve-2018-2628/releases 具体的漏洞复现过程请移步简书：https://www.jianshu.com/p/6649118ba7b6...

EQGRP

This is a repository containing the decrypted contents of a file named "eqgrp-auction-file.tar.xz". The repository includes three files: "Linux/bin/7z", "Linux/bin/7z.so", and "Linux/bin/7za". These files are likely related to the 7-Zip file archiver. The "Linux/bin/7z" file is an ELF Executable...

tater

It is an offensive tool for Windows Privilege Escalation. The tool is called Tater, a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit. The target product/service or framework is Windows, and the vulnerability class/vector is Privilege Escalation. The probable entr...

PowerShell-Suite

This is an exploit module/toolkit targeting Windows UAC User Account Control bypass. The module, named "Bypass-UAC," provides a framework for performing UAC bypasses based on auto-elevating IFileOperation COM object method calls. It implements a function that rewrites PowerShell's PEB Process...

Exploit for Path Traversal in Pivotal_Software Spring_Framework

Web-Security-Learning 项目地址： https://github.com/CHYbeta/Web-Security-Learning 最近更新日期为：2018/10/31。 同步更新于： chybeta: Web-Security-Learning 目录： - Web-Security-Learning - Web Security - sql注入 - MySql - MSSQL - PostgreSQL - MongoDB - 技巧 - 工具 - XSS - CSRF - 其他前端安全 - SSRF - XXE - JSONP注入 - SSTI - 代码执行 /...

Information_Collection_Handbook

This is a collection of tools and resources for information gathering, specifically for penetration testing and vulnerability assessment. The repository is maintained by Qftm and is available on GitHub. The repository contains a variety of tools and scripts for gathering information about a targe...

SCANNER-INURLBR

It is an offensive tool for web application vulnerability scanning. The primary CVE ID present in the context is not explicitly mentioned, but the tool is designed for Google Hacking and web application vulnerability scanning. The target product/service or framework is not explicitly stated, but...

awesome-jenkins-rce-2019

No description...

metasploit-framework

This is an offensive tool for Metasploit Framework. It is a collection of Ruby code that provides a framework for developing and executing exploits, as well as a platform for testing and validating vulnerabilities. The repository contains a wide range of modules and tools for various tasks,...

Exploit for OS Command Injection in Cacti

The official exploit for Cacti v1.2.8 Remote Code Execution CVE-2020-8813...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to demonstrate various types of vulnerabilities. The probable entry points are the docker-compose files, which define the...

PSKernel-Primitives

This repository contains a collection of PowerShell primitives for exploitation, specifically targeting Windows systems. The code is written in PowerShell and utilizes various Windows APIs to achieve its goals. The repository includes several functions, each with a specific purpose: 1...

Exploit for Path Traversal in Pivotal_Software Spring_Framework

Web-Security-Learning 项目地址： https://github.com/CHYbeta/Web-Security-Learning 最近更新日期为：2018/10/31。 同步更新于： chybeta: Web-Security-Learning 目录： - Web-Security-Learning - Web Security - sql注入 - MySql - MSSQL - PostgreSQL - MongoDB - 技巧 - 工具 - XSS - CSRF - 其他前端安全 - SSRF - XXE - JSONP注入 - SSTI - 代码执行 /...

wolfssl

This is a collection of files related to the wolfSSL library, a cryptographic library for embedded systems. The library is designed to be compatible with Arduino projects and provides a range of cryptographic functions, including SSL/TLS, RSA, and AES. The files include: IDE/ARDUINO/README.md: A...

Exploit for CVE-2013-0422

K8tools 20190521 声明: 工具仅供安全研究或授权渗透，非法用途后果自负。 博客: https://www.cnblogs.com/k8gege 下载: https://github.com/k8gege/K8tools PS: 不定期更新,文件比较大，可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行，大部份经过修改编译兼容性稳定性更好 注意：不保证永久有效,喜欢自行保存。 综合工具 + 综合工具 K8飞刀Final.rar + K8data.mdb K8飞刀漏洞数据库20190402 + K8expList.txt...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an offensive tool for vulnerability research and education. The primary CVE ID is not explicitly mentioned, but the repository contains various vulnerable environments based on Docker-Compose, including ones for CVE-2016-9086, CVE-2017-1000353, and CVE-2018-1000006. The target product/servi...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

PoC exploit for CVE-2020-0796 - SMBv3 RCE. The target product/service is SMB Server Message Block protocol, specifically SMBv3. The vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the scanner.py script, which sends a specially crafted SMB negotiate request to...

Exploit for Race Condition in Canonical Ubuntu_Linux

This is a PoC exploit for CVE-2016-5195, a vulnerability in the Linux kernel that allows for a Dirty Cow DC attack. The exploit is implemented in C++ and Go, with a legacy version in C++. The exploit targets the Linux kernel's memory mapping feature, which allows an attacker to map a file into a...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID is not explicitly mentioned, but the repository contains various vulnerable environments based on Docker-Compose, including ones for CVE-2016-9086, CVE-2017-1000353, and CVE-2018-1000006. The target...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary vulnerability class/vector targeted by this repository is Server-Side Template Injection SSTI, specifically in Flask applications. Th...

Exploit for Improper Resource Shutdown or Release in Microsoft

CVE-2018-8120 CVE-2018-8120 Windows LPE exploit 测试支持: Win7 x32, Win7 x64, Win2008 x32, Win2008 R2 x32, Win2008 R2 Datacenter x64, Win2008 Enterprise x64 WinXP x32, Win2003 x32,Win2003 x64 原exp不支持xp，2003，当前代码在原基础上增加了对这两个系统的支持。 Usage shell CVE-2018-8120 exploit by...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 Windows SMBv3 LPE Exploit Authors Daniel García Gutiérrez @danigargu Manuel Blanco Parajón @dialluvioso References https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796 https://www.synacktiv.com/posts/exploit/im-smbghost-daba-dee-daba-da.html...

Exploit for Injection in Oracle Agile_Plm

CVE-2019-2725 CVE-2019-2725CNVD-C-2019-48814、WebLogic wls9-async 命令回显 10.3.6 12.1.3 ResultBaseExec.java 用于测试defineClass，将把恶意类从base64还原出来，执行代码，主要是比较方便（可用可不用）。 JDK7u21.java 会生成weblogic-2019-272512.1.3命令执行.txt中的xml，请使用jdk6编译。 CVE-2019-2725.py 检测命令是否会执行。...

Exploit for CVE-2020-1938

说明 工具仅用于安全研究以及内部自查, 禁止使用工具发起非法攻击, 造成的后果由使用者负责 Apache Tomcat文件包含漏洞（CVE-2020-1938 / CNVD-2020-1048 ）批量检测工具. 此项目在Kit4y的项目的基础上进行修改. 代码修改 当ip.txt中只有1个域名或ip时, 会使得threadCount为1, 程序实际上没有运行, 增加判断线程数的代码 ... if threadCount == 1: threadCount = 2 for i in range0,threadCount-1: ... 修改少量代码, 以兼容Python3. 修改前的代码...

Exploit for CVE-2017-0213

windows-kernel-exploits 简介 windows-kernel-exploits 漏洞列表 Security Bulletin KB Description Operating System - MS17-017 KB4013081 GDI Palette Objects Local Privilege Escalation windows 7/8 - CVE-2017-8464 LNK Remote Code Execution Vulnerability windows 10/8.1/7/2016/2010/2008 - CVE-2017-0213...

Exploit for CVE-2018-8581

CVE-2018-8581 这是一个邮箱层面的横向渗透和提权漏洞 它可以在拥有了一个普通权限邮箱账号密码后，完成对其他用户包括域管理员邮箱收件箱的委托接管 本EXP脚本是在原PoC基础上修改的增强版一键脚本，它将在配置好相关参数后，自动完成目标邮箱inbox收件箱的添加委托和删除委托操作，以方便甲方安全部门和红队对授权企业完成一次模拟攻击过程 原PoC是两个脚本配合使用完成添加收信规则的操作，在甲方红队实际工作中不怎么实用，而原PoC除了需要邮箱外，还需要设置目标邮箱用户的SID，但在参考文章中提到的获取用户SID的方法，我在实际环境中测试Exchange Server...

Exploit for Deserialization of Untrusted Data in Oracle Weblogic_Server

CVE-2018-2628 is a remote command execution vulnerability in Oracle WebLogic Server. The exploit code is written in Python and uses the CVE-2018-2628 Weblogic GetShell.py script to exploit the vulnerability. The script sends a specially crafted request to the vulnerable server, which allows an...