Dahua IPC/VTH/VTO devices auth bypass exploit
About:
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
use - python3 dahua_exploit.py http(s)://ip:port
Proxyshell-Scanner nuclei scanner for Proxyshell RCE (CVE-2021-34423,CVE-2021-34473,CVE-2021-31207) discovered by orange tsai in Pwn2Own, which affect
log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more
清单 披露时间 涉及商家/产品 漏洞描述 2021/04/08 启明星辰天清汉马USG防火墙存在逻辑缺陷漏洞(历史漏洞) CNVD-2021-17391 启明星辰 天清汉马USG防火墙 逻辑缺陷漏洞 CNVD-2021-12793 2021/04/08 禅道项目管理软件11.6 禅道 11.6 sq
CVE-2021-44077 Proof of Concept Exploit for CVE-2021-44077: PreAuth RCE in ManageEngine ServiceDesk Plus 11306 Based on: https://xz.aliyun.com/t/106
CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17. Detail HTTP
ViGA: Video moment retrieval via Glance Annotation This is the official repository of the paper "Video Moment Retrieval from Text Queries via Single F
Pupy Installation Installation instructions are on the wiki, in addition to all other documentation. For maximum compatibility, it is recommended to u
Vital What is Vital? Vital is malware primarily used to collect and extract information from the Discord desktop client. While it has other features (
DISCLAIMER : OUR TOOLS ARE FOR EDUCATIONAL PURPOSES ONLY. DON'T USE THEM FOR ILLEGAL ACTIVITIES. YOU ARE THE ONLY RESPONSABLE FOR YOUR ACTIONS! OUR TO
CVE-2021-21389 BuddyPress 7.2.1 - REST API Privilege Escalation to RCE PoC (Full) Affected version: 5.0.0 to 7.2.0 User requirement: Subscriber user
ClickJackPoc This tool will help you automate finding Clickjacking Vulnerability by just passing a file containing list of Targets . Once the Target i
BitForce A bitcoin private keys brute-forcing tool. If you have an average computer, his will take decades to find a private key with balance. Run Mak
MD5-CRACKER So this is my first app i created with python3 . if you guys downloa
🦑 dirbruter Simples brute forcer de diretorios para web pentest. ❕ Atenção Não ataque sites privados. Isto é illegal. 🖥️ Pré-requisitos Ultima versã
Log4JHunt An automated, reliable scanner for the Log4Shell CVE-2021-44228 vulnerability. Video demo: Usage Here the help usage: $ python3 log4jhunt.py
Password List Creator Simple !
The Linux tool to automate the process of getting a pty once you got admin credentials in a Wordpress site. Keep in mind that right now Omega only can attack Linux hosts.
omigood (OM I GOOD?) This repository contains a free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threa
Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage
Infoga - Email OSINT Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source (search engines, pg
29 Dec 16, 2022
4 Aug 08, 2022
555 Jan 02, 2023
25 Nov 09, 2022
365 Nov 30, 2022
38 Dec 31, 2022
7.4k Jan 04, 2023
59 Dec 01, 2022
59 Nov 17, 2022
17 Nov 09, 2022
24 Dec 19, 2022
2 Dec 20, 2022
2 Nov 10, 2022
6 Jan 22, 2022
39 Nov 21, 2022
4 Jan 27, 2022
12 Nov 09, 2022
13 Jul 13, 2022
84 Dec 23, 2022
1.8k Jan 04, 2023