PayloadsAllTheThings

This repository is an offensive tool for Web Application Security and Pentest/CTF. It contains a list of useful payloads and bypass for various web application security vulnerabilities and penetration testing. The repository includes tools and exploits for vulnerabilities such as CRLF injection,...

Exploit for Out-of-bounds Write in Php

This is an exploit module for a bug in php-fpm CVE-2019-11043. The bug allows a web user to execute code on a vulnerable server if the server has a specific configuration. The exploit targets the php-fpm service running on a server with a configuration that includes a "location" block with a...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability is not explicitly stated, but the repository contains various vulnerable environments, including ones related to Flask, Apache, Nginx, and more. The repository is maintained by phith0n and is...

Exploit for CVE-2020-1938

This is a proof-of-concept PoC exploit for CVE-2020-1938, a vulnerability in Apache Tomcat's AJP protocol. The exploit is written in Python 2.7 and uses the ajpy library to interact with the AJP protocol. The exploit is designed to perform a Local File Inclusion LFI attack on the target Tomcat...

Exploit for SQL Injection in Djangoproject Django

CVE-2020-7471 这个仓库提供 CVE-2020-7471 Potential SQL injection via StringAggdelimiter 漏洞的环境和 POC 受影响的 django 版本 - 1.11 到 1.11.28（不含） - 2.2 到 2.2.10（不含） - 3.0 到 3.0.3（不含） 下载使用前需要如下操作： 1. 安装 django 漏洞版本，我测试用的是 python pip install django==3.0.2 -i https://pypi.tuna.tsinghua.edu.cn/simple 2. 参考...

Exploit for CVE-2019-15231

This repository contains a collection of exploits for various vulnerabilities, including unauthenticated remote command execution RCE and directory traversal. The exploits are written in Python and utilize various libraries such as requests and pymongo. The repository includes exploits for the...

Exploit for Use After Free in Microsoft

CVE-2019-0708 is a remote code execution vulnerability in Microsoft Windows Remote Desktop Services. This repository contains a proof-of-concept PoC exploit for this vulnerability, as well as a scanner for detecting vulnerable hosts. The PoC exploit is written in Python and uses the SMBLoris...

pikachu

This is an offensive tool for Web application security testing. It is a web application that contains various web security vulnerabilities, including Burt Force brute-force, XSS cross-site scripting, CSRF cross-site request forgery, SQL-Inject SQL injection, RCE remote code execution, Files...

Exploit for Use After Free in Microsoft

sectoolset -- Github安全相关工具集合 主要内容： 0x00 漏洞利用实战练习&CTF安全竞赛 0x01 安全扫描器 0x02 安全防守 0x03 渗透测试 0x04 漏洞库及利用工具（POC，EXP 0x05 二进制及代码分析工具 0x06 威胁情报&蜜罐 0x07 安全文档资料 0x11 所有内容 乌云镜像 乌云镜像 乌云镜像,河蟹 近期安全热点 facebook又爆出大量数亿用户隐私数据泄露 CVE-2019-14378 QEMU VM Escape严重漏洞，影响KVM等QEMU为后端的虚拟平台 CVE-2019-10173 Xstream 远程代码执行漏洞...

icsmaster

This is an offensive tool repository for industrial control system ICS security research. It contains a collection of resources, including papers, exploits, firmware, Nmap scripts, and tools, related to ICS security. The repository is organized into several categories, including a directory of...

exploitdb

This repository is an official collection of exploits and Proof-of-Concepts for various software vulnerabilities, maintained by Offensive Security. The repository is updated daily with the most recently added submissions. Exploits are located in the /exploits/ directory, and shellcodes can be fou...

Exploit for Race Condition in Canonical Ubuntu_Linux

This is a PoC exploit for CVE-2016-5195, a vulnerability in the Linux kernel that allows an attacker to gain root privileges by exploiting a flaw in the way the kernel handles page-zero writes. The exploit is implemented in C++ and Go, and is designed to work on various Linux distributions,...

vulhub

It is an offensive tool for vulnerability research and education. The repository, vulhub, contains pre-built vulnerable environments based on Docker-Compose, allowing users to easily create and experiment with vulnerable systems for research and educational purposes. The tool is designed to be...

welpwn

This is an exploit module for a vulnerability in a binary, targeting a heap-based overflow in a baby heap implementation. The exploit is designed to execute a shell on the vulnerable system. The exploit uses a combination of alloc, show, and delete functions to manipulate the heap and create a...

PowerSploit1

This is a PowerShell module for code execution and antivirus bypass. The module contains several functions, including: 1. Find-AVSignature: This function locates tiny AV signatures using the same method as DSplit from "class101" on heapoverflow.com. 2. Invoke-DllInjection: This function injects a...

Exploit for Authorization Bypass Through User-Controlled Key in Vmware Cloud_Foundation

PoC exploit for CVE-2021-22023, a remote code execution vulnerability in Fastjson versions = 1.2.47. The target product/service is Fastjson, a popular Java library for JSON parsing and generation. The vulnerability class/vector is remote code execution RCE. The probable entry point is the...

maltrail

Maltrail is a malicious traffic detection system that utilizes publicly available blacklists containing malicious and/or generally suspicious trails. It also uses optional advanced heuristic mechanisms to help in discovery of unknown threats. The system can be configured to ignore certain events...

lua-resty-waf

This repository is an exploit module/toolkit targeting OpenResty, a high-performance web server built on the Nginx core. The primary vulnerability class/vector is not explicitly stated, but based on the code and metadata, it appears to be a remote code execution RCE vulnerability. The probable...

Exploit for CVE-2013-0422

K8tools 20200118 声明: 工具仅供安全研究或授权渗透，非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大，可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行，大部份经过修改编译兼容性稳定性更好 注意：不保证永久有效,喜欢自行保存。 综合工具 + 扫描工具 Ladon 6.0 大型内网渗透扫描神器内置48个功能,支持Cobalt Strike + 扫描工具 Ladon 5.7...

Exploit for Improper Input Validation in Joomla Joomla\!

CMS-Hunter 简介 Content Management System Vulnerability Hunter 说明：目前来看，本项目会进行长期维护，有修改的建议或者想法欢迎联系作者。 CMS 漏洞列表 Discuz - Discuz＜3.4birthprovince前台任意文件删除 DedeCMS - DedeCMSv5.7shopsdelivery存储型XSS - DedeCMSv5.7carbuyaction存储型XSS - DedeCMSv5.7友情链接CSRFGetShell - DedeCMS V5.7 SP2后台存在代码执行漏洞 Drupal -...

Exploit for Improper Input Validation in Redhat Openshift

This is a pre-built vulnerable environment based on Docker-Compose, maintained by Vulhub. The repository contains a collection of vulnerable environments for testing and training purposes. The environments are designed to be easy to use and require no prior knowledge of Docker. The repository...

Exploit for Classic Buffer Overflow in Point-To-Point_Protocol_Project Point-To-Point_Protocol

PoC exploit for CVE-2020-8597, a buffer overflow vulnerability in the eap.c file of the pppd daemon in ppp versions 2.4.2 through 2.4.8. The vulnerability allows for a buffer overflow in the eaprequest and eapresponse functions, which can be exploited by sending a long "EAP: unauthenticated peer...

PowerShell-Suite

This is a PowerShell script called Bypass-UAC, which is designed to bypass User Account Control UAC on Windows systems. The script uses a technique called "auto-elevating IFileOperation COM object method calls" to achieve this. The script supports several methods for bypassing UAC, including:...

Exploit for Path Traversal in Pivotal_Software Spring_Framework

Web-Security-Learning 项目地址： https://github.com/CHYbeta/Web-Security-Learning 最近更新日期为：2018/10/31。 同步更新于： chybeta: Web-Security-Learning 目录： - Web-Security-Learning - Web Security - sql注入 - MySql - MSSQL - PostgreSQL - MongoDB - 技巧 - 工具 - XSS - CSRF - 其他前端安全 - SSRF - XXE - JSONP注入 - SSTI - 代码执行 /...

Exploit for Improper Input Validation in Jenkins

hackUtils It is a hack tool kit for pentest and web security research, which is based on BeautifulSoup bs4 module http://www.crummy.com/software/BeautifulSoup/bs4/. Usage: hackUtils.py options Options: -h, --help Show basic help message and exit -b keyword, --baidu=keyword Fetch URLs from Baidu...

shadowbroker

This repository, Zam-0703/shadowbroker, contains a collection of exploits and tools for various vulnerabilities. The repository was created by the Shadow Brokers, a group known for releasing stolen NSA hacking tools. The repository includes exploits for several vulnerabilities, including:...

Exploit for Improper Authentication in Microsoft

It is an exploit module targeting Microsoft Exchange Server. The primary CVE ID is CVE-2020-0688. The vulnerability class is a deserialization vulnerability, specifically a TextFormattingRunProperties deserialization vulnerability. The probable entry point is the exploit.py script. Notable...

Privilege-Escalation-Tater

It is an offensive tool for Windows Privilege Escalation. The primary CVE ID is not present in the provided context, but it is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit. The target product/service or framework is Windows, and the vulnerability class/vector...

Exploit for CVE-2015-0273

phpcodz Php Codz Hacking http://www.80vul.com/pch/ What is PHP? PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. If you are new to PHP and want to get some idea of how it works, try the introductory tutorial. Afte...

SCANNER-INURLBR

It is an offensive tool for web application vulnerability scanning and exploitation. The primary CVE ID present in the provided context is not explicitly stated, but the tool is designed for Google Hacking and advanced searches to find potential vulnerabilities in web applications. The target...

msf_module

msf-module wooyun还在的时候根据别人的审计写的一些msf插件，有几个还是挺好用的 module列表 auxiliary + zoomeye-search.rb exploits + Dswjcms-upload-wooyun-2015-0160899.rb + Lotapp-exec-wooyun-2015-0133750.rb + OEM-exec-wooyun-2010-0192732.rb + ZTE-exec-wooyun-2016-190343.rb + discuz-ssrf-wooyun-2011-0151179.rb +...

poc

This is a collection of proof-of-concept PoC exploits for various vulnerabilities, primarily targeting web applications. The PoCs are written in Python and utilize the Beebeeto framework. Here's a summary of the PoCs: 1. Discuz x3.0 /static/image/common/focus.swf Cross Site Scripting XSS POC: Thi...

Exploit for Classic Buffer Overflow in Microsoft

This is a PoC exploit for CVE-2017-7269, a vulnerability in Microsoft IIS 6.0. The target product/service is Microsoft IIS 6.0, and the vulnerability class/vector is a remote code execution RCE vulnerability. The probable entry point is the exploit.py script, which is invoked using the python...

Exploit for Classic Buffer Overflow in Microsoft

This is a Python script that exploits the CVE-2017-7269 vulnerability in IIS servers. The script sends a specially crafted HTTP request to the target server, which triggers a remote code execution vulnerability. The script then receives the response from the server and prints it to the console...

Exploit for Use After Free in Microsoft

This repository is a PoC Proof of Concept scanner for the CVE-2019-0708 vulnerability, also known as "BlueKeep", which is a remote code execution RCE vulnerability in Microsoft Windows Remote Desktop Services. The scanner is a fork of the rdesktop client, a Remote Desktop Protocol client, and is...

kernel_exploit_series

This repository is an exploit series for learning how to exploit kernel vulnerabilities, specifically targeting the Linux kernel. The repository contains various exploit modules and tools, including: 1. 1-heapsprayUAF: This directory contains exploit code for a use-after-free UAF vulnerability in...

Vxscan

This is a Python script called Vxscan, which is a comprehensive scanning tool for sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning, SQL injection, and other functions. The...

Exploit for CVE-2013-0422

K8tools 20200118 声明: 工具仅供安全研究或授权渗透，非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大，可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行，大部份经过修改编译兼容性稳定性更好 注意：不保证永久有效,喜欢自行保存。 综合工具 + 扫描工具 Ladon 6.0 大型内网渗透扫描神器内置48个功能,支持Cobalt Strike + 扫描工具 Ladon 5.7...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to demonstrate various types of vulnerabilities. The probable entry points are not specified, but the environments are...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an offensive tool for Vulnerability Research and Exploitation. The primary CVE ID present in the provided context is CVE-2016-9086. The target product/service or framework is GitLab. The vulnerability class/vector is a remote code execution vulnerability. The probable entry point is the...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the collection includes various environments with different vulnerabilities, such as SQL injection, cross-site scripting XSS, and server-side template...

Exploit for Deserialization of Untrusted Data in Oracle Weblogic_Server

ysoserial-cve-2018-2628 0x1. 准备工作 - 准备好POC脚本及Payload Object生成、JRMPListener运行所需软件环境 Python 2.7.x Oracle Java SE 1.7+ - 准备好一套安装好Patch Set Update 180417补丁的WebLogic Server 10.3.6环境（仅有AdminServer即可） 如果有现成的、已经安装好这个PSU版本的WebLogic环境，则可跳过这一步。 - 准备好POC工具 从本项目里下载POC脚本（wls-cve-2018-2628-poc.py）...

Exploit for CVE-2020-2551

CVE-2020-2551 Weblogic IIOP 反序列化 测试环境 Weblogic10.3.6+jdk1.6 打包好的jar包 提取码：a6ob 漏洞利用 下载jar包，然后使用marshalsec起一个恶意的RMI服务，本地编译一个exp.java java package payload; import java.io.IOException; public class exp public exp String cmd = "curl http://172.16.1.1/success"; try...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to demonstrate various types of vulnerabilities. The probable entry points are the docker-compose files, which are used t...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but it appears to be a collection of various vulnerabilities in different environments, including web applications and services. The probable entry points...

Exploit for CVE-2013-0422

K8tools 20190324 声明: 工具仅供安全研究或授权渗透，非法用途后果自负。 博客: https://www.cnblogs.com/k8gege 下载: https://github.com/k8gege/K8tools 密码: k8gege k8team K8team PS: 不定期更新,文件比较大，可按需下载。 提权工具均可在远控cmd或WebShell下运行，大部份经过修改重新编译兼容性稳定性比网上要好 综合工具 + 综合工具 K8飞刀Final.rar 提权工具 + 提权工具 iislpe.exe IIS全版本提权仅限IIS帐户、服务帐户 + 提权工具 pr.exe...

Exploit for Incorrect Authorization in Jenkins Git

CVE-2018-1000110: User and Node Enumeration Through Jenkins Git Plugin v3.7 Description: An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users. Versions...

Exploit for Improper Access Control in Oracle Jdk

This repository contains a collection of exploit files and proof-of-concept PoC vulnerability demonstration files from the team at Hacker House. The files are categorized into several subdirectories, each containing a specific type of exploit or vulnerability. The files include: 1. AIX-0days.txt:...

PowerSploit

This is an offensive tool for Windows PowerShell exploitation. It is a PowerShell post-exploitation framework called PowerSploit, which includes various modules for code execution, DLL injection, and antivirus bypass. The framework is designed to be used by penetration testers and red teamers to...

exploitdb

The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...