☞ POC using the subprocess library with Python.
References:
Never pass untrusted input to subprocess.run. As subprocess.run has the ability to execute arbitrary commands on your computer, malicious individuals can use it to manipulate your computer in unexpected ways.
☞ If you're interested in contributing to this repository, please follow the guidelines
☞ This repository uses the Apache License 2.0
log4j-finder A Python3 script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell (CVE-2021-44228) It scans recursively both on disk
Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples Above is an adversarial example: the slightly pert
Python sandbox runners for executing code in isolation aka snekbox.
Backdoor Machine - ❗ For educational purposes only ❗ A program made in python for stealing passwords and usernames from Google Chrome/Brave and tokenl
CVE-2022-23046 PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL s
PyPassKeep Encrypted Python Password Manager About PyPassKeep (PPK for short) is an encrypted python password manager used to secure your passwords fr
Log4J-Huntress-Automate-Script This python script will automate the testing for the Log4J vulnerability for HTTP and HTTPS connections. Pre-Requisits
hexxus Hexxus is a fast hash cracking tool which checks more than 30 thousand passwords in under 4 seconds and can crack the following types bcrypt sh
whois_bot #whois it? Let's find out! Currently in development: a gatekeeper bot for a community (https://t.me/IT_antalya) of 250+ expat IT pros of Ant
CodeTest信息收集和漏洞利用工具,可在进行渗透测试之时方便利用相关信息收集脚本进行信息的获取和验证工作,漏洞利用模块可选择需要测试的漏洞模块,或者选择所有模块测试,包含CVE-2020-14882, CVE-2020-2555等,可自己收集脚本后按照模板进行修改。
Vuln Impact On November 15, 2021, A security researcher disclosed that there was an unauthorized access vulnerability in Hadoop yarn RPC. This vulnera
BrokenSMTP BrokenSMTP is a python3 BugBounty/Pentesting tool to look for common vulnerabilities on SMTP server. Supported Vulnerability : Spoofing - T
GRR Rapid Response is an incident response framework focused on remote live forensics. Build Type Status Tests End-to-end Tests Windows Templates Linu
proxyshell-auto usage: proxyshell.py [-h] -t T Automatic Exploit ProxyShell optional arguments: -h, --help show this help message and exit -t T
🦑 dirbruter Simples brute forcer de diretorios para web pentest. ❕ Atenção Não ataque sites privados. Isto é illegal. 🖥️ Pré-requisitos Ultima versã
First run: Copy headers (with cookies) of POST license request from browser to headers.py like dictionary. pip install -r requirements.txt # if doesn'
LibreSSL bindings for Python using CFFI Python3 bindings to LibreSSL using CFFI. It aims to provide interface to the most important bits of LibreSSL o
Choose dependency injection Friendly with MyPy Supports lazy injections Supports
Ox4Shell Deobfuscate Log4Shell payloads with ease. Description Since the release
Printjack-Phonejack This repository contains the source code of the printjack and phonejack attacks. The Printjack directory contains the script to ca
431 Dec 22, 2022
838 Dec 18, 2022
164 Dec 20, 2022
36 Jul 18, 2021
2 Feb 15, 2022
1 Nov 17, 2021
1 Dec 16, 2021
17 Apr 05, 2022
14 Jun 24, 2022
23 Mar 18, 2021
25 Nov 24, 2022
39 Dec 16, 2022
4.3k Jan 05, 2023
93 Jan 05, 2023
6 Jan 22, 2022
263 Jan 07, 2023
1 Aug 02, 2022
3 Jan 26, 2022
137 Jan 02, 2023
2 Feb 12, 2022