vulhub

It is an offensive tool for vulnerability research and education. The repository, vulhub, contains pre-built vulnerable environments based on Docker-Compose, allowing users to easily create and experiment with vulnerable systems for research and educational purposes. The tool is designed to be...

welpwn

This is an exploit module for a vulnerability in a binary, targeting a heap-based overflow in a baby heap implementation. The exploit is designed to execute a shell on the vulnerable system. The exploit uses a combination of alloc, show, and delete functions to manipulate the heap and create a...

PowerSploit1

This is a PowerShell module for code execution and antivirus bypass. The module contains several functions, including: 1. Find-AVSignature: This function locates tiny AV signatures using the same method as DSplit from "class101" on heapoverflow.com. 2. Invoke-DllInjection: This function injects a...

Exploit for Authorization Bypass Through User-Controlled Key in Vmware Cloud_Foundation

PoC exploit for CVE-2021-22023, a remote code execution vulnerability in Fastjson versions = 1.2.47. The target product/service is Fastjson, a popular Java library for JSON parsing and generation. The vulnerability class/vector is remote code execution RCE. The probable entry point is the...

maltrail

Maltrail is a malicious traffic detection system that utilizes publicly available blacklists containing malicious and/or generally suspicious trails. It also uses optional advanced heuristic mechanisms to help in discovery of unknown threats. The system can be configured to ignore certain events...

lua-resty-waf

This repository is an exploit module/toolkit targeting OpenResty, a high-performance web server built on the Nginx core. The primary vulnerability class/vector is not explicitly stated, but based on the code and metadata, it appears to be a remote code execution RCE vulnerability. The probable...

Exploit for CVE-2013-0422

K8tools 20200118 声明: 工具仅供安全研究或授权渗透，非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大，可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行，大部份经过修改编译兼容性稳定性更好 注意：不保证永久有效,喜欢自行保存。 综合工具 + 扫描工具 Ladon 6.0 大型内网渗透扫描神器内置48个功能,支持Cobalt Strike + 扫描工具 Ladon 5.7...

Exploit for Improper Input Validation in Joomla Joomla\!

CMS-Hunter 简介 Content Management System Vulnerability Hunter 说明：目前来看，本项目会进行长期维护，有修改的建议或者想法欢迎联系作者。 CMS 漏洞列表 Discuz - Discuz＜3.4birthprovince前台任意文件删除 DedeCMS - DedeCMSv5.7shopsdelivery存储型XSS - DedeCMSv5.7carbuyaction存储型XSS - DedeCMSv5.7友情链接CSRFGetShell - DedeCMS V5.7 SP2后台存在代码执行漏洞 Drupal -...

Exploit for Improper Input Validation in Redhat Openshift

This is a pre-built vulnerable environment based on Docker-Compose, maintained by Vulhub. The repository contains a collection of vulnerable environments for testing and training purposes. The environments are designed to be easy to use and require no prior knowledge of Docker. The repository...

Exploit for Classic Buffer Overflow in Point-To-Point_Protocol_Project Point-To-Point_Protocol

PoC exploit for CVE-2020-8597, a buffer overflow vulnerability in the eap.c file of the pppd daemon in ppp versions 2.4.2 through 2.4.8. The vulnerability allows for a buffer overflow in the eaprequest and eapresponse functions, which can be exploited by sending a long "EAP: unauthenticated peer...

PowerShell-Suite

This is a PowerShell script called Bypass-UAC, which is designed to bypass User Account Control UAC on Windows systems. The script uses a technique called "auto-elevating IFileOperation COM object method calls" to achieve this. The script supports several methods for bypassing UAC, including:...

Exploit for Path Traversal in Pivotal_Software Spring_Framework

Web-Security-Learning 项目地址： https://github.com/CHYbeta/Web-Security-Learning 最近更新日期为：2018/10/31。 同步更新于： chybeta: Web-Security-Learning 目录： - Web-Security-Learning - Web Security - sql注入 - MySql - MSSQL - PostgreSQL - MongoDB - 技巧 - 工具 - XSS - CSRF - 其他前端安全 - SSRF - XXE - JSONP注入 - SSTI - 代码执行 /...

Exploit for Improper Input Validation in Jenkins

hackUtils It is a hack tool kit for pentest and web security research, which is based on BeautifulSoup bs4 module http://www.crummy.com/software/BeautifulSoup/bs4/. Usage: hackUtils.py options Options: -h, --help Show basic help message and exit -b keyword, --baidu=keyword Fetch URLs from Baidu...

shadowbroker

This repository, Zam-0703/shadowbroker, contains a collection of exploits and tools for various vulnerabilities. The repository was created by the Shadow Brokers, a group known for releasing stolen NSA hacking tools. The repository includes exploits for several vulnerabilities, including:...

Exploit for Improper Authentication in Microsoft

It is an exploit module targeting Microsoft Exchange Server. The primary CVE ID is CVE-2020-0688. The vulnerability class is a deserialization vulnerability, specifically a TextFormattingRunProperties deserialization vulnerability. The probable entry point is the exploit.py script. Notable...

Privilege-Escalation-Tater

It is an offensive tool for Windows Privilege Escalation. The primary CVE ID is not present in the provided context, but it is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit. The target product/service or framework is Windows, and the vulnerability class/vector...

Exploit for CVE-2015-0273

phpcodz Php Codz Hacking http://www.80vul.com/pch/ What is PHP? PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. If you are new to PHP and want to get some idea of how it works, try the introductory tutorial. Afte...

SCANNER-INURLBR

It is an offensive tool for web application vulnerability scanning and exploitation. The primary CVE ID present in the provided context is not explicitly stated, but the tool is designed for Google Hacking and advanced searches to find potential vulnerabilities in web applications. The target...

msf_module

msf-module wooyun还在的时候根据别人的审计写的一些msf插件，有几个还是挺好用的 module列表 auxiliary + zoomeye-search.rb exploits + Dswjcms-upload-wooyun-2015-0160899.rb + Lotapp-exec-wooyun-2015-0133750.rb + OEM-exec-wooyun-2010-0192732.rb + ZTE-exec-wooyun-2016-190343.rb + discuz-ssrf-wooyun-2011-0151179.rb +...

poc

This is a collection of proof-of-concept PoC exploits for various vulnerabilities, primarily targeting web applications. The PoCs are written in Python and utilize the Beebeeto framework. Here's a summary of the PoCs: 1. Discuz x3.0 /static/image/common/focus.swf Cross Site Scripting XSS POC: Thi...

Exploit for Classic Buffer Overflow in Microsoft

This is a PoC exploit for CVE-2017-7269, a vulnerability in Microsoft IIS 6.0. The target product/service is Microsoft IIS 6.0, and the vulnerability class/vector is a remote code execution RCE vulnerability. The probable entry point is the exploit.py script, which is invoked using the python...

Exploit for Classic Buffer Overflow in Microsoft

This is a Python script that exploits the CVE-2017-7269 vulnerability in IIS servers. The script sends a specially crafted HTTP request to the target server, which triggers a remote code execution vulnerability. The script then receives the response from the server and prints it to the console...

Exploit for Use After Free in Microsoft

This repository is a PoC Proof of Concept scanner for the CVE-2019-0708 vulnerability, also known as "BlueKeep", which is a remote code execution RCE vulnerability in Microsoft Windows Remote Desktop Services. The scanner is a fork of the rdesktop client, a Remote Desktop Protocol client, and is...

kernel_exploit_series

This repository is an exploit series for learning how to exploit kernel vulnerabilities, specifically targeting the Linux kernel. The repository contains various exploit modules and tools, including: 1. 1-heapsprayUAF: This directory contains exploit code for a use-after-free UAF vulnerability in...

Vxscan

This is a Python script called Vxscan, which is a comprehensive scanning tool for sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning, SQL injection, and other functions. The...

Exploit for CVE-2013-0422

K8tools 20200118 声明: 工具仅供安全研究或授权渗透，非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大，可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行，大部份经过修改编译兼容性稳定性更好 注意：不保证永久有效,喜欢自行保存。 综合工具 + 扫描工具 Ladon 6.0 大型内网渗透扫描神器内置48个功能,支持Cobalt Strike + 扫描工具 Ladon 5.7...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to demonstrate various types of vulnerabilities. The probable entry points are not specified, but the environments are...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an offensive tool for Vulnerability Research and Exploitation. The primary CVE ID present in the provided context is CVE-2016-9086. The target product/service or framework is GitLab. The vulnerability class/vector is a remote code execution vulnerability. The probable entry point is the...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the collection includes various environments with different vulnerabilities, such as SQL injection, cross-site scripting XSS, and server-side template...

Exploit for Deserialization of Untrusted Data in Oracle Weblogic_Server

ysoserial-cve-2018-2628 0x1. 准备工作 - 准备好POC脚本及Payload Object生成、JRMPListener运行所需软件环境 Python 2.7.x Oracle Java SE 1.7+ - 准备好一套安装好Patch Set Update 180417补丁的WebLogic Server 10.3.6环境（仅有AdminServer即可） 如果有现成的、已经安装好这个PSU版本的WebLogic环境，则可跳过这一步。 - 准备好POC工具 从本项目里下载POC脚本（wls-cve-2018-2628-poc.py）...

Exploit for CVE-2020-2551

CVE-2020-2551 Weblogic IIOP 反序列化 测试环境 Weblogic10.3.6+jdk1.6 打包好的jar包 提取码：a6ob 漏洞利用 下载jar包，然后使用marshalsec起一个恶意的RMI服务，本地编译一个exp.java java package payload; import java.io.IOException; public class exp public exp String cmd = "curl http://172.16.1.1/success"; try...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to demonstrate various types of vulnerabilities. The probable entry points are the docker-compose files, which are used t...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but it appears to be a collection of various vulnerabilities in different environments, including web applications and services. The probable entry points...

Exploit for CVE-2013-0422

K8tools 20190324 声明: 工具仅供安全研究或授权渗透，非法用途后果自负。 博客: https://www.cnblogs.com/k8gege 下载: https://github.com/k8gege/K8tools 密码: k8gege k8team K8team PS: 不定期更新,文件比较大，可按需下载。 提权工具均可在远控cmd或WebShell下运行，大部份经过修改重新编译兼容性稳定性比网上要好 综合工具 + 综合工具 K8飞刀Final.rar 提权工具 + 提权工具 iislpe.exe IIS全版本提权仅限IIS帐户、服务帐户 + 提权工具 pr.exe...

Exploit for Incorrect Authorization in Jenkins Git

CVE-2018-1000110: User and Node Enumeration Through Jenkins Git Plugin v3.7 Description: An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users. Versions...

Exploit for Improper Access Control in Oracle Jdk

This repository contains a collection of exploit files and proof-of-concept PoC vulnerability demonstration files from the team at Hacker House. The files are categorized into several subdirectories, each containing a specific type of exploit or vulnerability. The files include: 1. AIX-0days.txt:...

PowerSploit

This is an offensive tool for Windows PowerShell exploitation. It is a PowerShell post-exploitation framework called PowerSploit, which includes various modules for code execution, DLL injection, and antivirus bypass. The framework is designed to be used by penetration testers and red teamers to...

exploitdb

The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...

shadowbroker

This repository, secretboyadmin/shadowbroker, contains a collection of exploits and tools for various vulnerabilities. The repository was reported to contain sensitive data, and the files listed in the README.md file were deleted. The repository includes a mix of Windows and Linux exploits,...

exploitdb

The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...

wifi-arsenal

This repository is an offensive tool for WiFi attacks. It is a collection of tools and scripts for various WiFi attacks, including denial of service, encryption attacks, WEP/WPA/WPA2 attacks, WPS attacks, and others. The repository includes tools for injection, rogue AP/fake AP/MITM, sniffing,...

metasploit-framework

This is the Metasploit Framework repository, a widely used penetration testing tool. It is an offensive tool for penetration testing and vulnerability assessment. The primary target of this tool is the Metasploit Framework itself, which is a Ruby-based framework for developing and executing...

commix

This is an automated tool for testing web-based applications to find command injection vulnerabilities. It is written in Python and can be used by web developers, penetration testers, or security researchers. The tool is designed to test web-based applications with the view to find bugs, errors, ...

jailbreakme-unified

This is a web-based jailbreak solution that unifies existing jailbreak solutions and new ones. It is created by Sem Voigtländer and supports various iOS versions, including 8.4.1, 9.3 up to 9.3.3, 11.3.1, and 12.0 up to 12.0.1 64-bit, as well as 3.1.2 up to 4.0.1 and 8.4.1 and 9.1 up to 9.3.4...

shadowbroker

This repository, bahuwang/shadowbroker, contains a collection of exploits and tools leaked by the Shadow Brokers, a group known for releasing sensitive information. The repository includes a README file that lists the contents of the repository, which includes various exploit modules and tools...

Exploit for Improper Authentication in Eclipse Mosquitto

PoC exploit for CVE-2017-7650, Redis 4.x/5.x RCE. The target product/service is Redis, a key-value store, and the vulnerability class/vector is Remote Code Execution RCE. The probable entry point is the RedisModules module, and the execution context is a Python script redis-rce.py invoked via CLI...

Exploit for CVE-2017-0213

windows-kernel-exploits 简介 windows-kernel-exploits 漏洞列表 Security Bulletin KB Description Operating System - MS17-017 KB4013081 GDI Palette Objects Local Privilege Escalation windows 7/8 - CVE-2017-8464 LNK Remote Code Execution Vulnerability windows 10/8.1/7/2016/2010/2008 - CVE-2017-0213...

Exploit for CVE-2016-0728

This repository is an offensive tool for Linux kernel exploitation. It contains exploits for various real-world kernel vulnerabilities, including CVE-2016-0728. The primary vulnerability being targeted is a REFCOUNT overflow/Use-After-Free in keyrings. The repository includes two exploit modules:...

AFLplusplus

This is a code repository for AFLplusplus, a tool for fuzz testing and vulnerability discovery. The repository contains various files and directories related to the project, including configuration files, makefiles, and documentation. The repository is organized as follows: .clang-format is a...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector targeted by this repository is not explicitly stated, but it appears to be a collection of various vulnerabilities in different environments. The probable entry points for these...