50738 matches found
Microsoft Exchange ProxyLogon Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework begin auxiliary class class MetasploitModule 'Microsoft Exchange ProxyLogon Scanner', 'Description' = %q This module scan for a vulnerability on Microsoft Exchange Serve...
Wordpress Plugin WooCommerce Payments Unauthenticated Admin Creation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Plugin WooCommerce Payments Unauthenticated Admin Creation', 'Description' = %q WooCommerce-Payments plugin for Wordpress versions 4.8'...
Supermicro Onboard IPMI Static SSL Certificate Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Supermicro Onboard IPMI Static SSL Certificate Scanner', 'Description' = %q This module checks for a static SSL certificate shipped with Supermic...
WordPress ChopSlider3 Id SQL Injection Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress ChopSlider3 id SQLi Scanner', 'Description' = %q The iDangero.us Chop Slider 3 WordPress plugin version 3.4 and prior contains a blind...
Apache Optionsbleed Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Optionsbleed Scanner', 'Description' = %q This module scans for the Apache optionsbleed vulnerability where the Allow response header...
WildFly Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WildFly Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability found in the WildFly 8.1.0.Final web...
Ektron CMS400.NET Default Password Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ektron CMS400.NET Default Password Scanner', 'Description' = %q Ektron CMS400.NET is a web content management system based on .NET. This module...
Radware AppDirector Bruteforce Login Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Radware AppDirector Bruteforce Login Utility', 'Description' = % This module scans for Radware AppDirector's web login portal, and performs login...
Lotus Domino Brute Force Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lotus Domino Brute Force Utility', 'Description' = 'Lotus Domino Authentication Brute Force Utility', 'Author' = 'Tiago Ferreira ', 'License' =...
TCP SYN Port Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TCP SYN Port Scanner', 'Description' = %q Enumerate open TCP services using a raw SYN scan. , 'Author' = 'kris katterjohn', 'License' = MSFLICENS...
WordPress XMLRPC GHOST Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress XMLRPC GHOST Vulnerability Scanner', 'Description' = %q This module can be used to determine hosts vulnerable to the GHOST vulnerabilit...
WebPageTest Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebPageTest Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability found in WebPageTest. Due to the wa...
Cisco ASA SSL VPN Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco ASA SSL VPN Privilege Escalation Vulnerability', 'Description' = %q This module exploits a privilege escalation vulnerability for Cisco ASA...
SAP /sap/bc/soap/rfc SOAP Service SXPG_CALL_SYSTEM Function Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspired by, or is a port of a plugin available in the Onapsis Bizploit Opensource ERP Penetration Testing framework -...
WordPress WPS Hide Login Login Page Revealer
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress WPS Hide Login Login Page Revealer', 'Description' = %q This module exploits a bypass issue with WPS Hide Login version 'WPVDB',...
Novell ZENworks Configuration Management Preboot Service Remote File Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell ZENworks Configuration Management Preboot Service Remote File Access', 'Description' = %q This module exploits a directory traversal in th...
Netgear SPH200D Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear SPH200D Directory Traversal Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability which is present ...
Wordpress Secure Copy Content Protection And Content Locking Sccp_id Unauthenticated SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Secure Copy Content Protection and Content Locking sccpid Unauthenticated SQLi', 'Description' = %q Secure Copy Content Protection and...
RFCode Reader Web Interface Login / Bruteforce Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'RFCode Reader Web Interface Login / Bruteforce Utility', 'Description' = % This module simply attempts to login to a RFCode Reader web interface...
Barracuda Multiple Product Locale Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Barracuda Multiple Product "locale" Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability present in...
Apache Tomcat User Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Tomcat User Enumeration', 'Description' = %q This module enumerates Apache Tomcat's usernames via malformed requests to jsecuritycheck,...
Elasticsearch Memory Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Elasticsearch Memory Disclosure', 'Description' = %q This module exploits a memory disclosure vulnerability in Elasticsearch 7.10.0 to 7.13.3...
OKI Printer Default Login Credential Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework TODO: Split this module into two separate SNMP and HTTP modules. class MetasploitModule 'OKI Printer Default Login Credential Scanner', 'Description' = %q This module...
HP Intelligent Management ReportImgServlt Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management ReportImgServlt Directory Traversal', 'Description' = %q This module exploits a lack of authentication and a directory...
JBoss Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JBoss Vulnerability Scanner', 'Description' = %q This module scans a JBoss instance for a few vulnerabilities. , 'Author' = 'Tyler Krpata', 'Zach...
Intel AMT Digest Authentication Bypass Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Intel AMT Digest Authentication Bypass Scanner', 'Description' = %q This module scans for Intel Active Management Technology endpoints and attemp...
Wordpress LearnPress Current_items Authenticated SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress LearnPress currentitems Authenticated SQLi', 'Description' = %q LearnPress, a learning management plugin for WordPress, prior to 3.2.6....
WordPress Simple Backup File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Simple Backup File Read Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability in WordPress Plugin...
Juniper SSH Backdoor Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh' class MetasploitModule 'Juniper SSH Backdoor Scanner', 'Description' = %q This module scans for the Juniper SSH backdoor also valid on Telnet. Any...
SMB Group Policy Preference Saved Passwords Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB Group Policy Preference Saved Passwords Enumeration', 'Description' = %Q This module enumerates files from target domain controllers and...
Apache ActiveMQ Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache ActiveMQ Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability in Apache ActiveMQ 5.3.1 and...
WordPress REST API Content Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress REST API Content Injection', 'Description' = %q This module exploits a content injection vulnerability in WordPress versions 4.7 and...
SerComm Network Device Backdoor Detection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SerComm Network Device Backdoor Detection', 'Description' = %q This module can identify SerComm manufactured network devices which contain a...
HTTP Verb Authentication Bypass Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Verb Authentication Bypass Scanner', 'Description' = %q This module test for authentication bypass using different HTTP verbs. , 'Author' =...
Cambium CnPilot R200/r201 Login Scanner And Config Dump
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium cnPilot r200/r201 Login Scanner and Config Dump', 'Description' = % This module scans for Cambium cnPilot r200/r201 management login...
SAP BusinessObjects User Bruteforcer
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP BusinessObjects User Bruteforcer', 'Description' = 'This module attempts to bruteforce SAP BusinessObjects users. The dswsbobje interface is...
FrontPage .pwd File Credential Dump
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FrontPage .pwd File Credential Dump', 'Description' = %q This module downloads and parses the 'vtipvt/service.pwd', 'vtipvt/administrators.pwd',...
Drupal Views Module Users Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupal Views Module Users Enumeration', 'Description' = %q This module exploits an information disclosure vulnerability in the 'Views' module of...
HP Intelligent Management SOM FileDownloadServlet Arbitrary Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management SOM FileDownloadServlet Arbitrary Download', 'Description' = %q This module exploits a lack of authentication and acces...
GlassFish Brute Force Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/loginscanner/glassfish' require 'metasploit/framework/credentialcollection' class MetasploitModule 'GlassFish Brute Force Utility',...
Abandoned Cart For WooCommerce SQL Injection Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Abandoned Cart for WooCommerce SQLi Scanner', 'Description' = %q Abandoned Cart, a plugin for WordPress which extends the WooCommerce plugin, pri...
Wordpress Arbitrary File Deletion
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Arbitrary File Deletion', 'Description' = %q An arbitrary file deletion vulnerability in the WordPress core allows any user with...
Cisco Firepower Management Console 6.0 Post Auth Report Download Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cisco Firepower Management Console 6.0 Post Auth Report Download Directory Traversal", 'Description' = %q This module exploits a directory...
WordPress Easy WP SMTP Password Reset
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Easy WP SMTP Password Reset', 'Description' = %q Wordpress plugin Easy WP SMTP versions 'h00die', msf module this was an 0day , 'Licens...
FTP Bounce Port Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FTP Bounce Port Scanner', 'Description' = %q Enumerate TCP services via the FTP bounce PORT/LIST method. , 'Author' = 'kris katterjohn', 'License...
SMB SID User Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB SID User Enumeration LookupSid', 'Description' = 'Determine what users exist via brute force SID lookups. This module can enumerate both loca...
PocketPAD Login Bruteforce Force Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PocketPAD Login Bruteforce Force Utility', 'Description' = % This module scans for PocketPAD login portal, and performs a login bruteforce attack...
PCMan FTP Server 2.0.7 Directory Traversal Information Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PCMan FTP Server 2.0.7 Directory Traversal Information Disclosure', 'Description' = %q This module exploits a directory traversal vulnerability...
Supermicro Onboard IPMI Port 49152 Sensitive File Exposure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Supermicro Onboard IPMI Port 49152 Sensitive File Exposure', 'Description' = %q This module abuses a file exposure vulnerability...
Wordpress Paid Membership Pro Code Unauthenticated SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Paid Membership Pro code Unauthenticated SQLi', 'Description' = %q Paid Membership Pro, a WordPress plugin, prior to 2.9.8 is affected ...