exploitdb-bin-sploitsss

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. It is intended to serve as the...

exploitdbddd

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit Database is an...

Exploit for CVE-2013-6026

PoC exploit for CVE-2013-6026, a severe vulnerability allowing unauthenticated access to the administration panel of many routers made by D-Link. The target product/service is D-Link routers, and the vulnerability class/vector is auth bypass. The probable entry point is the Shodan search engine,...

vulhub

It is an offensive tool for Web Application. The repository contains a collection of pre-built vulnerable docker environments, including a web application vulnerable to various attacks. The tool is designed to help developers and security researchers test and demonstrate the effectiveness of web...

bin-sploitskkk

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains binary exploits located in the /bin-sploits/ directory. The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by...

exploitdb-bin-sploits

This repository is an official collection of exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. It is a valuable resource for those who need actionable data right away. The repository is updated daily with the most recently adde...

exploitdb

The Exploit Database Git Repository This is an official repository of The Exploit Database, a project sponsored by Offensive Security. Our repositories are: - Exploits & Shellcodes: https://github.com/offensive-security/exploitdb - Binary Exploits:...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

This repository is an offensive tool for a vulnerability environment. It is a Docker-Compose file for a vulnerability environment. The repository contains a .gitignore file, a README.md file, and several other files that are used to configure the environment. The .gitignore file contains a list o...

PowerSploit

This is an offensive tool for Windows PowerShell exploitation. It is a collection of PowerShell scripts that can be used to exploit vulnerabilities in Windows systems. The repository contains several modules, including AntivirusBypass, CodeExecution, and others. The AntivirusBypass module contain...

Fuxi-Scanner

This is an open-source network security vulnerability scanner called Fuxi-Scanner. It is a Python-based tool that provides multiple security functions, including vulnerability detection and management, authentication testing, IT asset discovery and management, port scanning, subdomain scanning, a...

vulhub

This is a Docker Compose file for a vulnerability environment. It is a collection of services and their configurations that can be used to test and demonstrate various vulnerabilities. The file is written in YAML format and defines the services, their ports, and their dependencies. The services...

Exploit for CVE-2005-2006

This is an open-source application server attack toolkit called clusterd. It automates the fingerprinting, reconnaissance, and exploitation phases of an application server attack. The toolkit currently supports six different application server platforms, including JBoss, ColdFusion, and WebLogic...

maltrail

Maltrail is a malicious traffic detection system that utilizes publicly available blacklists containing malicious and/or generally suspicious trails. It can detect various types of malicious activity, including domain name, URL, IP address, and HTTP User-Agent header value. Maltrail also uses...

exploit-database

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit Database is a...

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

This repository is an offensive tool for a vulnerability environment. It is a collection of Docker Compose files for various vulnerabilities, allowing users to easily set up and test vulnerable environments. The repository includes files for vulnerabilities such as CVE-2016-9086, CVE-2017-1000353...

shadowbroker

This repository, jasonhan233/shadowbroker, is an offensive tool collection containing exploits and payloads. The repository was initially reported for containing sensitive data, and several files were deleted as a result. The remaining files include a mix of exploit code, payloads, and...

vulhub

It is an offensive tool for web application exploitation. The repository contains a Docker Compose file for a vulnerability environment. The tool is designed to exploit vulnerabilities in web applications. The tool is likely used for testing and demonstrating vulnerabilities in web applications. ...

2016PilotOneClick

This is a collection of utilities and scripts to gain root access on a 2016 model Honda Pilot head unit and simplify the installation of third-party non-Honda apps. The scripts implement a dirtyCOW exploit to gain root access and use a bash script to automate the installation process. The scripts...

exploit-database

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The aim is to serve as the most...

exploit-database-bin-sploits

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The aim is to serve as the most...

Exploit for CVE-2017-0213

windows-kernel-exploits 简介 windows-kernel-exploits 漏洞列表 Security Bulletin KB Description Operating System - MS17-017 KB4013081 GDI Palette Objects Local Privilege Escalation windows 7/8 - CVE-2017-8464 LNK Remote Code Execution Vulnerability windows 10/8.1/7/2016/2010/2008 - CVE-2017-0213...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Nvidia Tegra_Bootrom_Rcm

This is a proof-of-concept arbitrary code loader for Tegra processors, which takes advantage of CVE-2018-6242 "Fusée Gelée" to gain arbitrary code execution and load small payloads over USB. The vulnerability is documented in the 'report' subfolder, and more details and guides are to follow. The...

fuzzdb-collect

Based on the provided context, it appears that the repository contains a tool for brute-forcing file extensions with 3-character names. The tool is designed to test...

Exploit for CVE-2017-8570

The provided repository is an exploit toolkit for CVE-2017-8570, a vulnerability in Microsoft Office PPSX files. The toolkit is designed to generate malicious PPSX files that can deliver payloads to a target system. The payloads can be either local or remote, depending on the user's preference. T...

Exploit for CVE-2017-8570

This repository contains a Proof of Concept PoC exploit for CVE-2017-8570, a vulnerability in Microsoft Office that allows an attacker to execute arbitrary code by embedding a malicious script in a Rich Text Format RTF file. The exploit uses the "Packager.dll" file-dropping trick to drop a ".sct"...

PWN_learning

This repository is an exploit for a stack smash vulnerability in a CTF challenge called "Smashes". The exploit is written in Python and uses the pwntools library. The vulnerability is caused by a buffer overflow in the stackchkfail function, which is called when a stack buffer overflow is detecte...

Exploit for Improper Input Validation in Joomla Joomla\!

CMS-Hunter 简介 Content Management System Vulnerability Hunter 说明：目前来看，本项目会进行长期维护，有修改的建议或者想法欢迎联系作者。 CMS 漏洞列表 Discuz - Discuz＜3.4birthprovince前台任意文件删除 DedeCMS - DedeCMSv5.7shopsdelivery存储型XSS - DedeCMSv5.7carbuyaction存储型XSS - DedeCMSv5.7友情链接CSRFGetShell Drupal - Drupal远程代码执行漏洞CVE-2017-6920 Struts -...

metasploit-framework

This is the Metasploit Framework repository. It is an offensive tool for penetration testing and vulnerability exploitation. The primary vulnerability class/vector targeted by this framework is not explicitly stated, but it is likely to be a wide range of vulnerabilities, including remote code...

metasploit-framework

This is an exploit module for the Metasploit Framework, a penetration testing tool. The module is designed to exploit a vulnerability in a specific target, but the target is not specified in the provided code. The module is written in Ruby and uses the Metasploit framework to interact with the...

Exploit for Race Condition in Linux Linux_Kernel

This is a PoC exploit for CVE-2017-1000405, also known as the Huge Dirty Cow vulnerability. The target product/service is the Linux kernel, and the vulnerability class/vector is a use-after-free bug in the handling of transparent huge pages. The probable entry point is the main.c file, which...

Exploit for Buffer Underflow in Microsoft

github 军火库 web，安全，渗透，军火库 漏洞及渗透练习平台： WebGoat漏洞练习环境 https://github.com/WebGoat/WebGoat https://github.com/WebGoat/WebGoat-Legacy Damn Vulnerable Web Application漏洞练习平台 https://github.com/RandomStorm/DVWA 数据库注入练习平台 https://github.com/Audi-1/sqli-labs 用node编写的漏洞练习平台，like OWASP Node Goat...

Exploit for CVE-2017-8570

Based on the provided context, here is a summary of the analysis: Classification: Exploit toolkit for CVE-2017-8570, a Microsoft Office PPSX RCE vulnerability. Primary Functionality: The toolkit generates a malicious PPSX file and delivers a payload either local or remote to the victim. Key...

Exploit for CVE-2017-8570

PoC exploit for CVE-2017-8570. The exploit toolkit, CVE-2017-8570, is a Python script designed to generate malicious PPSX files that can deliver payloads to users. It can be used in two scenarios: delivering local payloads or remote payloads. To deliver local payloads, the script generates a...

Exploit for Open Redirect in Git-Scm Git

PoC exploit for CVE-2017-1000117, a vulnerability in the way Git handles submodule initialization. The target is Git, a vulnerability class/vector of arbitrary file write, probable entry point is the Git submodule initialization process, notable dependency is Git, and execution context is a Git...

Exploit for Out-of-bounds Read in Openssl

This repository contains a collection of tools and exploits for various vulnerabilities, including: A payload for the Apache Struts 2 vulnerability CVE-2017-5638 that allows remote code execution. A tool for exploiting the Heartbleed vulnerability CVE-2014-0160 in OpenSSL. A tool for exploiting t...

poc

This repository appears to be a collection of proof-of-concept PoC exploits for various vulnerabilities, primarily targeting web applications. The PoCs are written in Python and utilize the Beebeeto framework. The PoCs cover a range of vulnerabilities, including SQL injection, cross-site scriptin...

Exploit for Race Condition in Sudo_Project Sudo

PoC exploit for CVE-2017-1000367, a vulnerability in the Linux sudo command. The target is the Linux operating system, specifically the sudo command. The vulnerability class is a privilege escalation vulnerability, allowing an attacker to gain root privileges. The probable entry point is the...

lua-resty-waf

It is an offensive tool for web application firewalls WAFs. The repository, huangjacky/lua-resty-waf, contains a high-performance WAF built on the OpenResty stack. The tool is designed to protect against various types of attacks, including HTTP violations, HTTP anomalies, SQL injection, and gener...

shadowbroker

This repository, kaleozhou/shadowbroker, is an offensive tool repository containing exploits for various vulnerabilities in different software and systems. The exploits are categorized into several types, including SMB Server Message Block exploits, email server exploits, and others. The reposito...

tplmap

This is an offensive tool for web application penetration testing. It is a Python tool called Tplmap, which assists in the exploitation of Code Injection and Server-Side Template Injection SSTI vulnerabilities. The tool uses a number of sandbox escape techniques to gain access to the underlying...

shadowbroker

This repository is an offensive tool for various exploits. It contains a collection of exploits and utilities for various vulnerabilities, including those in Windows, Linux, and other systems. The exploits are categorized into different types, such as SMB, RPC, and IIS exploits. The primary targe...

shadowbroker

The repository cjd9023/shadowbroker contains a collection of exploits and tools leaked by the Shadow Brokers, a group known for releasing sensitive information. The exploits are categorized into two main sections: "Exploits" and "Utilities." The "Exploits" section includes 25 exploits targeting...

EQGRP

This is an exploit module for the Linux operating system, specifically targeting the 7z file archiver. The module is designed to exploit a vulnerability in the 7z program, allowing an attacker to execute arbitrary code on the system. The exploit is likely to be used for remote code execution RCE ...

EQGRP

This is a repository containing three ELF files: 7z, 7z.so, and 7za. The files are likely related to the 7-Zip file archiver, a popular tool for compressing and decompressing files. The ELF files are likely used as plugins or extensions for the 7-Zip software. The files are compiled for Linux and...

metasploit-framework

This is the Metasploit Framework repository, a comprehensive collection of exploit modules and tools for penetration testing and vulnerability assessment. The framework is written in Ruby and is widely used by security professionals and researchers. The repository contains a large number of...

exploit-database

This is an official repository of the Exploit Database, a project sponsored by Offensive Security. The repository contains a comprehensive collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit...

exploit-database

This is the official Exploit Database repository, a collection of public exploits and vulnerable software gathered through direct submissions, mailing lists, and other public sources. The repository is updated daily with the most recently added submissions. It includes a search utility called...

penetration

相信很多小伙伴都知道XSS测试，至于如何更加有效地插入载荷是一件重复性的高强度劳动工作, 在此本文介绍了一款自动进行插入XSS，并且可以自定义攻击载荷。 这些载荷从几十条到几百条甚至几千条。该脚本也同时包含了一些绕过各种WAF的语句。 0×01 BruteXSS BruteXSS是一个非常强大和快速的跨站点脚本暴力注入。它用于暴力注入一个参数。 该BruteXSS从指定的词库加载多种有效载荷进行注入并且使用指定的载荷和扫描检查这些参数很容易受到XSS漏洞。 得益于非常强大的扫描功能。在执行任务时,BruteXSS是非常准确而且极少误报。...

CTF_PWN

This repository is an offensive tool for CTF Capture The Flag challenges. It contains a PoC Proof of Concept exploit for an unspecified vulnerability, likely in a Linux system. The exploit is written in C and uses the GNU C Library glibc to perform a buffer overflow attack. The target of the...