PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github
Why does github remove this exploit because it is against the acceptable use policy - but tons of other proof of concept exploits and frameworks are OK?
Is it because Github is owned by Microsoft?
Censoring exploits is bad for security, even if an individual exploit sometimes can put companies at risk which should have already fixed their systems. And Github puts up a bad precedence.
CVE-2021-44077 Proof of Concept Exploit for CVE-2021-44077: PreAuth RCE in ManageEngine ServiceDesk Plus 11306 Based on: https://xz.aliyun.com/t/106
pwntools - CTF toolkit Pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and develo
neo Tool is great one in binary exploitation topic. instead of doing several missions by many tools and windows, you can now automate this in one tool in one session.. Enjoy it
DISCLAIMER : OUR TOOLS ARE FOR EDUCATIONAL PURPOSES ONLY. DON'T USE THEM FOR ILLEGAL ACTIVITIES. YOU ARE THE ONLY RESPONSABLE FOR YOUR ACTIONS! OUR TO
CVE-2021-40870 Exploitation An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous ty
Big-Papa is a remote cookie stealer which can then be used for session hijacking and Bypassing 2 Factor Authentication
noPac Exploiting CVE-2021-42278 and CVE-2021-42287 原项目noPac在实现上可能有点问题,导致在本地没有打通,于是参考sam-the-admin项目进行修改。 使用 pip3 install -r requirements.txt # GetShel
OSINT Passive Discovery Amass - https://github.com/OWASP/Amass (Attack Surface M
You must have Python compilers in order to run this program. First of all, download the compiler in the link.
Hardware Hacking Resources This repo holds some of the examples used in Colin's Hardware Hacking talk at Remoticon 2021. You can see the very sketchy
✔️ Gerador e Validador de CPF Programa que gera e valida números de CPF Requisitos • Como usar • Capturas de Tela Requisitos Antes de começar, você va
SSH server & client auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
A simple python script to dump remote files through a local file read or local file inclusion web vulnerability. Features Dump a single file w
Insta-crack This is a instagram brute force tool that uses tor as its proxy connections, keep in mind that you should not do anything illegal with thi
Instagram-Brute-Force The purpose of this script is to brute-force guess the passwords to Instagram accounts. Specifics: Comes with 2 separate modes i
cthun3是集成端口扫描,服务识别,netbios扫描,网站识别,暴力破解和漏洞扫描的工具. cthun(克苏恩)是魔兽世界电子游戏中一位上古之神 截图 cthun3结合viper使用时截图 使用方法 端口扫描 -ps-ip 端口扫描的ip地址范围,例如可以输入 -ps-ip 192.168.14
Delta Sharing: An Open Protocol for Secure Data Sharing Delta Sharing is an open protocol for secure real-time exchange of large datasets, which enabl
Mystikal macOS Initial Access Payload Generator Related Blog Post: https://posts.specterops.io/introducing-mystikal-4fbd2f7ae520 Usage: Install Xcode
CVE-2021-45383 & CVE-2021-45384 There are several network-layer vulnerabilities in the official server of Minecraft: Bedrock Edition (aka Bedrock Serv
proxyshell-auto usage: proxyshell.py [-h] -t T Automatic Exploit ProxyShell optional arguments: -h, --help show this help message and exit -t T
25 Nov 09, 2022
9.8k Dec 31, 2022
4 Oct 10, 2022
59 Nov 17, 2022
16 Nov 15, 2022
77 Jan 03, 2023
2 Jun 23, 2022
5 May 18, 2022
6 Aug 07, 2021
19 Sep 12, 2022
1 Nov 07, 2021
1.4k Dec 31, 2022
48 Dec 03, 2022
3 Jan 28, 2022
2 Nov 16, 2021
18 Sep 03, 2022
497 Jan 02, 2023
206 Dec 31, 2022
20 Apr 07, 2022
93 Jan 05, 2023