shiro-exploit

This is a Python script for exploiting a vulnerability in Apache Shiro, a Java-based security framework. The script is designed to bypass authentication and authorization checks in Shiro, allowing an attacker to gain unauthorized access to sensitive data. The script uses the Crypto.Cipher module ...

Exploit for Path Traversal in Apache Http_Server

This is a PoC exploit for CVE-2021-41773, a remote code execution vulnerability in Apache HTTP Server versions 2.4.49 and 2.4.50. The exploit targets the CGI enabled feature of these versions, allowing an attacker to execute arbitrary code on the server. The exploit is written in Python and uses...

kerma

This repository is an exploit toolkit for a critical vulnerability in Mikrotik RouterOS Winbox. The vulnerability is present in all versions from 6.29 to 6.42. The toolkit includes several scripts and tools to exploit the vulnerability and extract user credentials. The PoC.py script is the main...

ysoserial

This is a Java-based proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool, named ysoserial, is designed to create gadgets that can be used to execute arbitrary commands on a vulnerable application. The gadgets are created by wrapping a...

ExploitOnCLI

This is an offensive tool for searching exploits in multiple databases. The tool, named ExploitOnCLI or EOC, is written in PHP for Linux and allows users to search for exploits in various databases, including Exploit-DB, PacketStormSecurity, IEDB, Siph0n, CXSecurity, and Exploit4Arab. The tool ca...

Windows

It is an offensive tool for Windows exploitation. The repository contains a collection of tools for exploiting Windows, including exploits, post-exploitation agents, and PowerShell tools. The tools are organized into categories, such as Exploitation, PowerShell, and Misc. Some of the tools includ...

Exploit for CVE-2023-36880

Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1. It is a PoC exploit for CVE-2023-36880. The code performs the following steps: 1. Loads a vulnerable version of the "prefsenclavex64.dll" enclave 2. Call the vulnerable "SealSettings"...

browserify-sourcemap-poc

This is a proof-of-concept repository for browserify source mapping. The repository contains a index.js file that reads the contents of three JavaScript files foo.js, bar.js, and sub/foo.js and creates a source map for each file. The source map is then used to map the original source code to the...

portia

This repository is an offensive tool for Windows. It is a collection of scripts and modules for automating various tasks, including privilege escalation, lateral movement, and convenience modules. The primary tool is called "Portia," which is a genus of jumping spider known for its intelligent...

docker-security-course

This is a vulnerable nodejs app for demos, as stated in the README.md file. The app is designed to demonstrate the use of Docker to clean up after a breach and prevent them from happening again in the future. The app is built using the Dockerfile, which creates an image with the name "node-hack"...

Zeratool

This repository, Zeratool, is an automatic exploit generation tool for exploitable CTF Capture The Flag problems. It uses the angr concolic analysis engine to analyze binaries and identify vulnerabilities, and then weaponizes these vulnerabilities for remote code execution through pwntools. The...

peda

This repository is an offensive tool for exploit development. It is a Python Exploit Development Assistance for GDB PED A, which is a script that helps speed up the exploit development process on Linux/Unix. The tool is designed to work with GDB 7.x and Python 2.6+. The tool has various features,...

personal-security-checklist-1

This repository is an open-source project for a curated checklist of 300+ tips for protecting digital security and privacy in 2022. It is a community-driven project that allows contributors to suggest and submit points to be added, amended, or removed from the list. The project has a code of...

security-analytics

This repository is a community-driven set of security analytics for auditing cloud usage and detecting threats to data & workloads in Google Cloud. It provides a list of sample security analytics for auditing cloud usage and detecting threats, which may assist detection engineers, threat hunters,...

threat-detection-as-code

This repository is a community-driven set of security analytics for auditing cloud usage and detecting threats to data & workloads in Google Cloud. It provides a list of sample security analytics for auditing cloud usage and for detecting threats to your data & workloads in Google Cloud. The...

gin

It is an offensive tool for web frameworks. The primary target is Gin, a HTTP web framework written in Go Golang, which features a Martini-like API with much better performance. The vulnerability class/vector is not specified, but the code and metadata suggest that it may be related to a remote...

marshalsec

It is an offensive tool for Java deserialization vulnerabilities. The repository contains a Java tool called "marshalsec" that exploits Java object deserialization vulnerabilities, allowing for remote code execution. The tool includes payload generators for various Java serialization libraries,...

charlotte

This is a C++ shellcode launcher, fully undetected as of May 13th, 2021. It dynamically invokes Windows API functions, XOR encrypts shellcode and function names, and uses random XOR keys and variables per run. The code is designed to be stealthy and evade detection. The code is written in C++ and...

hackingtool

This is an all-in-one hacking tool for hackers, written in Python. The tool is designed to be run on Linux, Kali Linux, or Parrot OS. It provides a menu-driven interface for various hacking tasks, including information gathering, wireless attacks, SQL injection, phishing, web attacks,...

boopkit

This is a Linux rootkit and backdoor built using eBPF Extended Berkeley Packet Filter. The tool is called "boopkit" and is designed to establish a reverse TCP connection from a remote server to a local machine. The tool has several options, including: -lhost and -lport to specify the local host a...

Pikachu

This is a proof-of-concept PoC exploit for a vulnerable web application system called Pikachu. The system contains a variety of common web security vulnerabilities, including SQL injection, cross-site scripting XSS, cross-site request forgery CSRF, remote code execution RCE, and more. The...

wazuh

This repository is an issue template for Wazuh, a free and open-source platform for threat prevention, detection, and response. The repository contains various templates for reporting bugs, making feature requests, and testing integration and component tests. The templates are organized by...

zscan

This is a collection of tools for scanning and blasting exploiting services on a network. The tool is called Zscan and is written in Go. It has several modules for different types of scans and exploits, including: Port scanning Service blasting exploiting FTP blasting HTTP blasting LDAP blasting...

PowerSploit

This is an offensive tool for Windows PowerShell exploitation. It is a collection of PowerShell scripts that can be used to exploit vulnerabilities in Windows systems. The repository contains several modules, including AntivirusBypass and CodeExecution, which provide various functions for bypassi...

Exploit for CVE-2023-1234

This repository is an offensive tool for Linux server clusters. It is a PoC exploit for CVE-2023-1234, which is not specified in the provided context. The target product/service or framework is not explicitly stated, but it appears to be a Linux server cluster management tool. The vulnerability...

Exploit for Out-of-bounds Read in Openssl

PoC exploit for CVE-2014-0160 Heartbleed. The target product/service is OpenSSL, and the vulnerability class/vector is memory disclosure specifically, the ability to extract private keys. The probable entry point is the ssl3writebytes function, which is sometimes exported in OpenSSL libraries. Th...

K8tools

It is an offensive tool for web application exploitation. The repository, K8tools, contains a collection of tools for various purposes, including internal penetration, privilege escalation, remote overflow, vulnerability exploitation, scanning, password cracking, and evasion. The primary focus is...

metasploit-framework

This repository is an offensive tool for Metasploit Framework. It is a collection of files and workflows used to build and test the Metasploit Framework, a penetration testing tool. The repository contains various templates for reporting issues, suggesting new features, and submitting pull...

Vxscan

This is a Python-based comprehensive scanning tool called Vxscan. It is designed to perform various scanning tasks such as sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning, S...

applications_hap

It is an offensive tool for mobile applications. The repository contains a collection of HAP HarmonyOS Application Package files, which are likely used for testing or demonstrating various mobile applications on the HarmonyOS platform. The files include demos for features such as flashlight, medi...

sslscan

This is a tool for scanning SSL/TLS protocols and ciphers on a target server. The tool is called sslscan and is written in C. It is designed to be a command-line interface for scanning SSL/TLS protocols and ciphers on a target server. The tool can be built on various platforms, including Linux an...

payloadsallthethings

This is an offensive tool for AWS exploitation. The repository contains a collection of tools and scripts for testing the security of Amazon Web Services AWS environments. The tools include: Pacu: an AWS exploitation framework designed for testing the security of AWS environments Bucket Finder: a...

Exploit for Improper Authentication in Oracle Database_Server

This is an offensive tool for Oracle Database exploitation. The repository contains several modules that exploit various vulnerabilities in Oracle Database, including: 1. CVE-2012-3137: This module exploits a vulnerability in Oracle Database that allows an attacker to obtain remote passwords usin...

enumy

Enumy Enumy is an ultra fast portable executable that you drop on target Linux machine during a pentest or CTF in the post exploitation phase. Running enumy will enumerate the box for common security vulnerabilities. Installation You can download the final binary from the release x86 or x64 tab...

BlackCode

No description provided...

Exploit for Code Injection in Vmware Spring_Framework

No description...

advisory-db

This is a security advisory database repository for Rust crates published via crates.io. The repository contains a collection of security advisories filed against various Rust crates, with each advisory containing information in TOML format. The advisories are categorized by crate name, and each...

metasploit-framework

This is an offensive tool for penetration testing. It is the Metasploit Framework, a comprehensive platform for developing and executing exploits. The framework is written in Ruby and provides a wide range of features for penetration testing, including exploit development, vulnerability scanning,...

advisory-db

This is a security advisory database for Rust crates published through crates.io. The database is maintained by the RustSec project and contains information on security vulnerabilities in various Rust crates. The database is stored in TOML format and can be consumed by various tools for auditing...

Crypt-SSLeay

This is a Perl module called Crypt::SSLeay, which provides OpenSSL support for LWP Library for WWW in Perl. The module is used to handle SSL/TLS connections and is part of the LWP distribution. The module has a version of 0.7304 and is maintained by A. Sinan Unur, David Landgren, Joshua Chamas, a...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Qemu

Experiments related to CVE-2015-3456 There is: - exploit/ is an "exploit" it just crashes QEMU. - mock/ contains a stripped down version of QEMU. Only the vulnerability remains. - patch/ contains a program to patch a running instance of QEMU. The main point is to not need debug symbols, nor the...

defusedxml

This is a Python library called defusedxml, which is designed to prevent XML bomb denial of service DoS vulnerabilities. The library provides a facade for the standard library's xml.etree.ElementTree module, which is vulnerable to XML bombs. The defusedxml library defuses XML bombs by preventing...

Exploit for CVE-2015-2231

adups-get-super-serial CVE-2015-2231 Proof of Concept The POC I was using to demonstrate CVE-2015-2231 'Get Super Serial'. Was asked by a few people to post it so they could use similar things on other ADUPS firmware based devices which have this vulnerability. Cleaning up the laptop and posting...

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4jHotPatch This is a tool which injects a Java agent into a running JVM process. The agent will attempt to patch the lookup method of all loaded org.apache.logging.log4j.core.lookup.JndiLookup instances to unconditionally return the string "Patched JndiLookup::lookup". It is designed to addres...

Exploit for Out-of-bounds Write in Gnu Glibc

PoC exploit for CVE-2015-0235, a vulnerability in the gethostbyname2r and gethostbynamer functions of the glibc library. The exploit is a shared library wrapper that provides an additional check for the vulnerable functions, preventing them from being called. The target is the glibc library,...

sql-injection-payload-list

It is an offensive tool for SQL injection. The repository contains a list of SQL injection payloads. The primary CVE ID is not explicitly mentioned, but it is likely related to various SQL injection vulnerabilities. The target product/service is likely any database management system that uses SQL...

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

This repository contains operational information regarding the vulnerability in the Log4j logging library CVE-2021-44228. The vulnerability allows an attacker to execute arbitrary code on a system by injecting malicious data into the logging system. The repository provides a list of known...

Exploit for Path Traversal in Codiad

Exploit-Framework Exploits: |Vendor|Vulnerability|Effected Version|Description|Author| |:-:|:-:|:-:|:-:|:-:| |zblog|NOTCVE| https://github.com/WangYihang/Exploit-Framework/wiki Contribution: 1. Guidance of writing exploit module TODO: - 解析字符串 - 深层模块化 - 上下文栈维护 - 日志 - 自动补全 - Exploit 搜索 - Wiki -...

pwnshop

pwnshop Notes, cheatsheets, shellcode and exploits. Progress: - Utility - Object/Executable file to shellcode converter script: code - Utility - Assembly and link script : code - Utility - Shellcode testing skeleton generator : code - Exit syscall asm: code - Write syscall "Hello world!": code -...

AutoSploit

PoC exploit for CVE-XXXX-XXXX. It is an automated mass exploiter that uses the Shodan.io API to collect targets and then attempts to exploit them using Metasploit modules. The tool can be configured to run all available Metasploit modules against the targets in a 'Hail Mary' type of attack. The...