Local File Inclusion Scanner and Exploiter
Features 1- Scanner
2- Exploiter
Exploiter Attack Vectors:
1- /proc/self/environ
2- /var/log/auth.log
3- Apache Log Poisoning
4- php://input
5- Php Sessions and Cookies
6- Data Wrapper
7- SMTP Poisoning
8- All attacks in one
Installation
Usage
Python sandbox runners for executing code in isolation aka snekbox.
OSINT Passive Discovery Amass - https://github.com/OWASP/Amass (Attack Surface M
Spring Cloud Gateway 3.0.7 & 3.1.1 Code Injection (RCE) CVE: CVE-2022-22947 CVSS: 10.0 (Vmware - https://tanzu.vmware.com/security/cve-2022-22947)
Tor Relay Availability Checker This small script downloads all Tor Relay IP addresses from onionoo.torproject.org and checks whether random Relays are
A Python3 and a BASH PoC for CVE-2021-4034 by Kim Schulz
Enhancing Twin Delayed Deep Deterministic Policy Gradient with Cross-Entropy Method Hieu Trung Nguyen, Khang Tran and Ngoc Hoang Luong Setup Clone thi
Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage
Scripting.py is a repository being maintained to keep log of the python scripts that I create for automating and executing some of my boring manual task.
By: Seanpm2001, Et; Al. Top README.md Read this article in a different language Sorted by: A-Z Sorting options unavailable ( af Afrikaans Afrikaans |
Visibility and Mitigation for Log4J vulnerabilities Several scripts for the visibility and mitigation of Log4J vulnerabilities. Static Scanner - Linux
About Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-202
RDPY Remote Desktop Protocol in twisted python. RDPY is a pure Python implementation of the Microsoft RDP (Remote Desktop Protocol) protocol (client a
This tool was created in order to automate some basic OSINT tasks for penetration testing assingments. The main feature that I haven't seen much anywhere is the downloadd google dork function where t
Shellshock, also known as Bashdoor, is a family of security bugs in the Unix Bash shell, the first of which was disclosed on 24 September 2014. Shellshock could enable an attacker to cause Bash to ex
About Tool This plugin is made for more familiarity with Python, but can also be used to create passwords.
tanchi A signature parser for hikari's command handler tanjun. Finally be able to define your commands without those bloody decorator chains! Example
gruvbox-factory 🏭 "The main focus when developing gruvbox is to keep colors easily distinguishable, contrast enough and still pleasant for the eyes"
This bug doesn’t exist on x86: Exploiting an ARM-only race condition How to exploit a double free and get a shell. "Use-After-Free for dummies" In thi
Information Science 3350/6350 Text mining for history and literature Staff and sections Instructor: Matthew Wilkens Graduate TAs: Federica Bologna, Ro
CVE-2021-40870 Exploitation An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous ty
164 Dec 20, 2022
5 May 18, 2022
35 Dec 28, 2022
161 Dec 30, 2022
16 Sep 06, 2022
6 Jun 29, 2022
84 Dec 23, 2022
1 Feb 07, 2022
2 Sep 12, 2022
15 May 21, 2022
500 Jan 06, 2023
1.6k Dec 30, 2022
5 May 31, 2022
88 Dec 23, 2022
2 Jul 23, 2022
11 Nov 17, 2022
430 Dec 27, 2022
1.2k Dec 25, 2022
6 Feb 21, 2022
16 Nov 15, 2022