使用方法&免责声明
该脚本为Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)。
使用方法:Python CVE-2020-17519.py urls.txt
urls.txt 中每个url为一行,漏洞地址输出在vul.txt中
影响版本:
Apache Flink 1.11.0、1.11.1、1.11.2
工具仅用于安全人员安全测试,任何未授权检测造成的直接或者间接的后果及损失,均由使用者本人负责
Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)
Overview
Scan all java processes on your host to check weather it's affected by log4j2 remote code execution
Log4j2 Vulnerability Local Scanner (CVE-2021-45046) Log4j 漏洞本地检测脚本,扫描主机上所有java进程,检测是否引入了有漏洞的log4j-core jar包,是否可能遭到远程代码执行攻击(CVE-2021-45046)。上传扫描报告到指定的服
86 Dec 09, 2022
一个自动挖掘漏洞的框架,日后会发展成强大的信息收集+漏洞挖掘脚本!
介绍 工具介绍 这是一款致力于将各类优秀脚本集合在一起调用、联动,最终可形成超级渗透脚本的工具。目的是扫描到更全的资产信息,发现更多的漏洞利用。但是这是通过牺牲扫描速度来提升扫描广度的。所以不太适合要进行紧急信息收集和漏洞利用的情况。
23 Jul 05, 2022
DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.
DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.
2 Feb 05, 2022
Holehe OSINT - Email to Registered Accounts
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
3.8k Jan 06, 2023
NFC Implant-base RSA Encrypted Messagging application
Encrypted messaging application with the use of MIFARE DESfire chip to store the private/public keys needed for the application authentication
4 Nov 06, 2021
A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms.
MacPer A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms. Not all of the exploits directly sp
20 Nov 30, 2022
Shell hunter for AF
AF-ShellHunter AF-ShellHunter: Auto shell lookup AF-ShellHunter its a script designed to automate the search of WebShell's in AF Team How to pip3 ins
34 May 13, 2022
Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
31 Oct 21, 2022
WinRemoteEnum is a module-based collection of operations achievable by a low-privileged domain user.
WinRemoteEnum WinRemoteEnum is a module-based collection of operations achievable by a low-privileged domain user, sharing the goal of remotely gather
9 Nov 09, 2022
Example for the NFT 3D Collectibles using Blender Scripting (Python).
NFT Collectibles using Blender Python What is this? This project is to demonstrate for generating NFT Collectible Avatar-Styled images. For details, p
48 Nov 26, 2022
Exploiting CVE-2021-42278 and CVE-2021-42287
noPac Exploiting CVE-2021-42278 and CVE-2021-42287 原项目noPac在实现上可能有点问题,导致在本地没有打通,于是参考sam-the-admin项目进行修改。 使用 pip3 install -r requirements.txt # GetShel
2 Jun 23, 2022
CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection
CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection Usage usage: cve-2021-26084_confluence_rce.py [-h] --url URL [--cmd CMD] [--shell] CVE-2021-2
92 Jul 20, 2022
Quickstart resources for the WiFi Nugget, a cat themed WiFi Security platform for beginners.
Quickstart resources for the WiFi Nugget, a cat themed WiFi Security platform for beginners.
62 Jan 08, 2023
将hw时信息收集以及简单的漏洞操作步骤简单化
Braised-vegetables 将hw时信息收集以及简单的漏洞扫描操作步骤简单化 使用subfinder(被动子域名爆破收集) subdomain(主动域名爆破) nabbu(端口扫描) httpx(探测目录浏览) crawlergo(360深度爬虫) chorme(谷歌浏览器) xray(漏
19 Nov 15, 2022
A Modified version of TCC's Osprey poc framework......
fierce-fish fierce-fish是由TCC(斗象能力中心)出品并维护的开源漏洞检测框架osprey的改写,去掉臃肿功能的精简版本poc框架 PS:真的用不惯其它臃肿的功能,不过作为一个收集漏洞poc && exp的框架还是非常不错的!!! osprey For beginners fr
10 Dec 30, 2022
Yesitsme - Simple OSINT script to find Instagram profiles by name and e-mail/phone
Simple OSINT script to find Instagram profiles by name and e-mail/phone
108 Jan 07, 2023
M.E.A.T. - Mobile Evidence Acquisition Toolkit
M.E.A.T. - Mobile Evidence Acquisition Toolkit Meet M.E.A.T! From Jack Farley - BlackStone Discovery This toolkit aims to help forensicators perform d
1 Nov 11, 2021
Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228
log4j-honeypot-flask Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228 This can be
144 Nov 19, 2022
edgedressing leverages a Windows "feature" in order to force a target's Edge browser to open. This browser is then directed to a URL of choice.
edgedressing One day while experimenting with airpwn-ng, I noticed unexpected GET requests on the target node. The node in question happened to be a W
43 Dec 23, 2022
Python tool for dumping flash via uboot reliably
Reliable Uboot Flash Dumper is a Python tool for dumping flash via uboot reliably. If you've ever had to dump flash via uboot and a serial connection and became frustrated about doing it several time
25 May 10, 2022