Local File Inclusion Scanner and Exploiter
Features 1- Scanner
2- Exploiter
Exploiter Attack Vectors:
1- /proc/self/environ
2- /var/log/auth.log
3- Apache Log Poisoning
4- php://input
5- Php Sessions and Cookies
6- Data Wrapper
7- SMTP Poisoning
8- All attacks in one
Installation
Usage
CVE-2021-31805 Remote code execution S2-062 (CVE-2021-31805) Due to Apache Struts2's incomplete fix for S2-061 (CVE-2020-17530), some tag attributes c
Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
xkeysnail is yet another keyboard remapping tool for X environment written in Python. It's like xmodmap but allows more flexible remappings.
log4jShell Scanner This shell script scans a vulnerable web application that is using a version of apache-log4j 2.15.0. This application is a static
LFI-Hunter Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI A script written in
CVE-2021-21978 带回显版本的漏洞利用脚本,更简单的方式 0. 漏洞信息 VMware View Planner Web管理界面存在一个上传日志功能文件的入口,没有进行认证且写入的日志文件路径用户可控,通过覆盖上传日志功能文件log_upload_wsgi.py,即可实现RCE 漏洞代码
If you are worried about being found perhaps try taking cover under a blanket. Pure Python PowerShell Obfuscator
scad-build This is a multi-STL OpenSCAD build system based around GNU make. It supports dynamic build targets, intelligent previews with user-defined
MSDorkDump is a Google Dork File Finder that queries a specified domain name and variety of file extensions (pdf, doc, docx, etc), and downloads them.
A tool that detects the "expensive" Carbon Black watchlists.
vulnerable-apis vulnerable APIs inspired by https://github.com/mattvaldes/vulnerable-api Setup Docker If, Out of the box docker pull kmmanoj/vulnerabl
Profil3r is an OSINT tool that allows you to find potential profiles of a person on social networks, as well as their email addresses. This program also alerts you to the presence of a data leak for
This repository is NOT official -- the original repository is located on GitLab
Python Code Obfuscator A script that converts code into full on random numerical expressions. Simple Scripts: Python Mode... Input: Function that deco
trustme: #1 quality TLS certs while you wait You wrote a cool network client or server. It encrypts connections using TLS. Your test suite needs to ma
DependConfusion-X Tool is written in Python3 which allows security researcher/bug bounty hunter to scan and monitor list of hosts for Dependency Confusion.
Introduction expbox is an exploit code collection repository List CVE-2021-41349 Exchange XSS PoC = Exchange 2013 update 23 = Exchange 2016 update 2
TokenGuard TokenGuard, protect your account, prevent token steal. Totally free and open source Discord Server: https://discord.gg/EmwfaGuBE8 Source Co
CVE-2021-31166: HTTP Protocol Stack Remote Code Execution Vulnerability This is a proof of concept for CVE-2021-31166 ("HTTP Protocol Stack Remote Cod
python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)
31 Nov 22, 2022
31 Oct 21, 2022
809 Dec 26, 2022
8 Oct 20, 2022
6 Jan 30, 2022
24 Nov 09, 2022
3 Jun 07, 2022
1 Dec 21, 2021
150 Jan 03, 2023
8 Aug 04, 2022
9 Jun 01, 2022
1.1k Aug 24, 2021
2 Feb 05, 2022
3 Mar 24, 2022
479 Dec 27, 2022
4 Dec 21, 2021
263 Feb 14, 2022
10 Nov 23, 2022
820 Dec 18, 2022
266 Jan 02, 2023