Exploit grafana Pre-Auth LFI
python3 grafana-exploit.py http://site.com /etc/passwd
Or
python3 grafana-exploit.py http://site.com:8080 /etc/passwd
Interesting files
/etc/passwd
/etc/hosts
/var/lib/grafana/grafana.db
CVE-2021-3560 Polkit - Local Privilege Escalation Original discovery by kevin_backhouse from GitHub Security Lab References https://github.blog/2021-0
AmiEviL - This program uses the Virus Total API to determine if your suspicious file is malicious or not. The program requests the hash of the file and outputs information (if any). This version will
f5-waf-enforce-sigs-CVE-2021-44228 This enforces signatures for CVE-2021-44228 across all policies on a BIG-IP ASM device Overview This script enforce
This tool search for SSRF using predefined settings in different parts of a request (path, host, headers, post and get parameters).
CVE-2021-29440 Unsafe Twig processing of static pages leading to RCE in Grav CMS 1.7.10 Grav is a file based Web-platform. Twig processing of static p
Description Basic Recon tool for beginners. Especially those who faces issue on how to recon or what all tools to use. Will try to add atleast 10 more tools currently use 7 sources to gather domains.
BitForce A bitcoin private keys brute-forcing tool. If you have an average computer, his will take decades to find a private key with balance. Run Mak
SonicWALL SSL-VPN Web Server Vulnerable Exploit
JavaScript Raider is a coverage-guided JavaScript fuzzing framework designed for the v8 JavaScript engine
Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口快速查询资产信息并识别重点资产的指纹,也可针对IP/IP段或资产列表进行快速的指纹识别。
Yuyu Scanner Yuyu Scanner is a Web Reconnaissance & Web Analysis Scanner to find assets and information about targets. installation ! run as root
AutoScanner AutoScanner是什么 AutoScanner是一款自动化扫描器,其功能主要是遍历所有子域名、及遍历主机所有端口寻找出所有http服务,并使用集成的工具进行扫描,最后集成扫描报告; 工具目前有:oneforall、masscan、nmap、crawlergo、dirse
About create a target list or select one target, scans then exploits, done! Vulnnr is a Vulnerability Scanner & Auto Exploiter You can use this tool t
PyFUD fully Undetectable payload generator for metasploit Usage: pyfud.py --host
Analysis of Virtualization-based Obfuscation This repository contains slides, samples and code of the 4h code deobfuscation workshop at r2con2021. We
CVE-2012-2982 John Hammond | September 4th, 2021 Checking searchsploit for Webmin 1.580 I only saw a Metasploit module for the /file/show.cgi Remote C
IMPORTANT: Please contact us before you use any styling or content shown here! Cyber FastTrack Spring 2021 / National Cyber Scholarship Competition -
Shellshock, also known as Bashdoor, is a family of security bugs in the Unix Bash shell, the first of which was disclosed on 24 September 2014. Shellshock could enable an attacker to cause Bash to ex
HexCopy IDA plugin for quickly copying disassembly as encoded hex bytes. This whole plugin just saves you two extra clicks... but if you are frequentl
Outline Keychain A simple Outline Server Access Key Copy and Paste Web Interface Developed for key and password export and copy & paste for other Shad
1 Nov 12, 2021
1 Jan 03, 2022
5 Mar 31, 2022
13 Jul 04, 2021
6 Oct 10, 2022
7 Jan 03, 2022
2 Dec 20, 2022
44 Nov 15, 2022
105 Dec 05, 2022
764 Jan 05, 2023
20 Nov 24, 2022
633 Dec 30, 2022
108 Dec 04, 2021
3 Mar 25, 2022
133 Dec 18, 2022
25 Dec 08, 2022
48 Aug 28, 2022
88 Dec 23, 2022
46 Oct 30, 2022
1 Dec 28, 2021