A Modified version of TCC's Osprey poc framework......

Related tags

Security related resourcesfirece-fish
Overview

fierce-fish Python 3.9

fierce-fish是由TCC(斗象能力中心)出品并维护的开源漏洞检测框架osprey的改写,去掉臃肿功能的精简版本poc框架

  • PS:真的用不惯其它臃肿的功能,不过作为一个收集漏洞poc && exp的框架还是非常不错的!!!

  • osprey

  • For beginners friendly (script kiddos would like it !)

简介

fierce-fish ------ 凶鱼,一种比鱼鹰还要凶猛的鱼,由于是osprey的改写版所以取此命名漏洞盒子PoC框架,寓意快,精,准,凶。

fierce-fish 是一个可无限扩展自定义poc的开源漏洞检测与利用框架(Python3开发),是osprey的修改版。 fierce-fish框架可供使用者在渗透测试、漏洞检测、漏洞扫描等场景中应用。框架提供了命令行接口,可供灵活调用,也可用于构建自己的扫描器, 构建自己的通用型漏洞库。

持续添加POC && EXP

安装

从Git上获取最新版本的osprey代码

$ git clone https://github.com/FDlucifer/firece-fish.git
$ cd firece-fish
$ pip3 install -r requirements.txt
  • 若执行脚本还是报错,可以根据报错信息提示缺失的模块,手动执行命令(pip3 install ‘缺失模块名'),进行安装...

使用

  • 获取帮助列表:
$ python osprey.py --help
  • 最简单的用法,针对一个目标URL,发起一个PoC做检测:
$ python osprey.py -t URL -v POC_ID

目前已收录漏洞POC及EXP

漏洞名 poc名称 poc链接
Metinfo 5.3.17 X-Rewrite-url SQL Injection vb_2017_0060 Metinfo_5_3_17_X_Rewrite_url_Sql_Injection
Landray-OA Arbitrary File Read vb_2021_0001 Landray-OA Arbitrary File Read
Yy-OA A6 Disclosure of sensitive information vb_2021_0002 Yy-OA A6 Disclosure of sensitive information
LionfishCMS ApiController.class.php SQL Injection vb_2021_0003 LionfishCMS ApiController.class.php SQL Injection
LionfishCMS ApigoodsController.class.php SQL Injection vb_2021_0004 LionfishCMS ApigoodsController.class.php SQL Injection
Kingsoft V8 Arbitrary file read vb_2021_0005 Kingsoft V8 Arbitrary file read
Kingsoft V8 pdf_maker.php RCE vb_2021_0006 Kingsoft V8 pdf_maker.php RCE
Kingsoft V8 Default Weak Password vb_2021_0007 Kingsoft V8 Default Weak Password
Weaver OA 8 SQL injection vb_2021_0008 Weaver OA 8 SQL injection
Weaver OA Bsh RCE vb_2021_0009 Weaver OA Bsh RCE
Citrix XenMobile Read FIle vb_2021_0010 Citrix XenMobile Read FIle
Weblogic RCE CVE-2020-14882 vb_2021_0011 Weblogic RCE CVE-2020-14882
Hanming Video Conferencing File Read vb_2021_0012 Hanming Video Conferencing File Read
Jinher OA Arbitrary File Read vb_2021_0013 Jinher OA Arbitrary File Read
LanProxy Server Read File vb_2021_0014 LanProxy Server Read File
YApi Remote Code Execute vb_2021_0015 YApi Remote Code Execute
SaltStack RCE CVE-2020-11651 vb_2021_0016 SaltStack RCE CVE-2020-11651
Coremail Server Information Leakage vb_2021_0017 Coremail Server Information Leakage
AonarQube Api Information Leakage vb_2021_0018 AonarQube Api Information Leakage
Alibaba Canal Accesskey Information Leakage vb_2021_0019 Alibaba Canal Accesskey Information Leakage
MessageSolution Email System Information Leakage vb_2021_0020 MessageSolution Email System Information Leakage
ICEFlow VPN Information Leakage vb_2021_0021 ICEFlow VPN Information Leakage
IceWarp WebClient Basic RCE vb_2021_0022 IceWarp WebClient Basic RCE
ShowDoc File Upload vb_2021_0023 ShowDoc File Upload
Duoke-Web-Server-SQLInjection vb_2021_0024 Duoke-Web-Server-SQLInjection
yonyou-UFIDA-NC-file-read vb_2021_0025 yonyou-UFIDA-NC-file-read
zhongqingnabo_information_leak vb_2021_0026 zhongqingnabo_information_leak
Apache Druid RCE vb_2021_0027 Apache Druid RCE
Apache Kylin Xielou ReadFile vb_2021_0028 Apache Kylin Xielou ReadFile
Apache Flink Read File vb_2021_0029 Apache Flink Read File
Apache Flink Rce vb_2021_0030 Apache Flink Rce
3C HG659 Lib An Arbitrary FileRead vb_2021_0031 3C HG659 Lib An Arbitrary FileRead
IceWarp WebClient Basic RCE vb_2021_0032 IceWarp WebClient Basic RCE
亿赛通命令执行漏洞 vb_2021_0033 亿赛通命令执行漏洞
Atlassian Jira Information disclosure vb_2021_0034 Atlassian Jira Information disclosure
LANLING OA file read vb_2021_0035 LANLING OA file read
CISCO Read-Only Path Traversal Vuln vb_2021_0036 CISCO Read-Only Path Traversal Vuln
Seeyon_Ajax_Getshell vb_2021_0037 Seeyon_Ajax_Getshell
待补充 vb_2021_0038 待补充
待补充 vb_2021_0039 待补充
待补充 vb_2021_0040 待补充
待补充 vb_2021_0041 待补充
zyxel_nbg2105_bypass_auth vb_2021_0042 zyxel_nbg2105_bypass_auth
HIKVISION_file_read vb_2021_0043 HIKVISION_file_read
CVE_2021_41773_poc_and_exploit vb_2021_0044 CVE_2021_41773_poc_and_exploit
CVE_2021_42013_poc_and_exploit vb_2021_0045 CVE_2021_42013_poc_and_exploit

特点

  1. 体积小
  1. 检测效果精准,可自己持续按照框架模版添加poc, 方便高效

poc编写说明相关文档

基于Osprey编写PoC,请参考 osprey编写规范和要求说明

后续会在本仓库长期更新最新的POC & EXP。:)

Owner
lUc1f3r11
trapped in the darkest nightmare...
lUc1f3r11
GitHub Repository
Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potential blockers.

Fuzz introspector Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potenti

Open Source Security Foundation (OpenSSF) 221 Jan 01, 2023
Automatically download all 10,000 CryptoPunk NFTs.

CryptoPunk Stealer The sole purpose of this script is to download the entire CryptoPunk NFT collection. How does it work? Basically, the website where

Dan 7 Oct 22, 2022
NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network

NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network. It applies to all linux operating systems. And it is improving every day, new packages are added. Than

Error 263 Jan 01, 2023
Mass Shortlink Bypass Merupakan Tools Yang Akan Bypass Shortlink Ke Tujuan Asli, Dibuat Dengan Python 3

Shortlink-Bypass Mass Shortlink Bypass Merupakan Tools Yang Akan Bypass Shortlink Ke Tujuan Asli, Dibuat Dengan Python 3 Support Shortlink tii.ai/tei.

Wan Naz ID 6 Oct 24, 2022
Tool to decrypt iOS apps using r2frida

r2flutch Yet another tool to decrypt iOS apps using r2frida. Requirements It requires to install Frida on the Jailbroken iOS device: Jailbroken device

Murphy 146 Jan 03, 2023
Bypass 4xx HTTP response status codes.

Forbidden Bypass 4xx HTTP response status codes. To see all the test cases, check the source code - follow the NOTE comments. Script uses multithreadi

Ivan Šincek 165 Dec 28, 2022
TOOLS CRACK FACEBOOK

Installation $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/Mark-Zuck/zafi $ cd zafi $ pip2 instal

Romi Afrizal 50 Dec 26, 2022
Confluence Server Webwork OGNL injection

CVE-2021-26084 - Confluence Server Webwork OGNL injection An OGNL injection vulnerability exists that would allow an authenticated user and in some in

Fellipe Oliveira 295 Jan 06, 2023
A security system to warn you when people enter your room 🎥

Get Out My Room v0.1 I hate people coming in my room when i'm not there. Get Out My Room is a simple security system that sends notifications with vid

ScriptLine 1 Jan 11, 2022
𝙾𝚙𝚎𝚗 𝚂𝚘𝚞𝚛𝚌𝚎 𝚂𝚌𝚛𝚒𝚙𝚝 - 𝙽𝚘 𝙲𝚘𝚙𝚢𝚛𝚒𝚐𝚑𝚝 - 𝚃𝚎𝚊𝚖 𝚆𝚘𝚛𝚔 - 𝚂𝚒𝚖𝚙𝚕𝚎 𝙿𝚢𝚝𝚑𝚘𝚗 𝙿𝚛𝚘𝚓𝚎𝚌𝚝 - 𝙲𝚛𝚎𝚊𝚝𝚎𝚍 𝙱𝚢 : 𝙰𝚕𝚕 𝚃𝚎𝚊𝚖 - 𝙲𝚘𝚙𝚢𝙿𝚊𝚜𝚝 𝙲𝚊𝚗 𝙽𝚘𝚝 𝙼𝚊𝚔𝚎 𝚈𝚘𝚞 𝚁𝚎𝚊𝚕 𝙿𝚛𝚘𝚐𝚛𝚊𝚖𝚖𝚎𝚛

𝙾𝚙𝚎𝚗 𝚂𝚘𝚞𝚛𝚌𝚎 𝚂𝚌𝚛𝚒𝚙𝚝 - 𝙽𝚘 𝙲𝚘𝚙𝚢𝚛𝚒𝚐𝚑𝚝 - 𝚃𝚎𝚊𝚖 𝚆𝚘𝚛𝚔 - 𝚂𝚒𝚖𝚙𝚕𝚎 𝙿𝚢𝚝𝚑𝚘𝚗 𝙿𝚛𝚘𝚓𝚎𝚌𝚝 - 𝙲𝚛𝚎𝚊𝚝𝚎𝚍 𝙱𝚢 : 𝙰𝚕𝚕 𝚃𝚎𝚊𝚖 - 𝙲𝚘𝚙𝚢𝙿𝚊𝚜𝚝 𝙲𝚊𝚗 𝙽𝚘𝚝 𝙼𝚊𝚔𝚎 𝚈𝚘𝚞 𝚁𝚎𝚊𝚕 𝙿𝚛𝚘𝚐𝚛𝚊𝚖𝚖𝚎𝚛

CodeX-ID 2 Oct 27, 2022
Discord Region Swapping Exploit (VC Overload)

Discord-VC-Exploit Discord Region Swapping Exploit (VC Overload) aka VC Crasher How does this work? Discord has multiple servers that lets people arou

Rainn 11 Sep 10, 2022
WebLogic T3/IIOP RCE ExternalizableHelper.class of coherence.jar

CVE-2020-14756 WebLogic T3/IIOP RCE ExternalizableHelper.class of coherence.jar README project base on https://github.com/Y4er/CVE-2020-2555 and weblo

Y4er 77 Dec 06, 2022
PrivateRoom - Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin

privateRoom Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin STEPS: Uploa

Divyanshu Kumar 3 Nov 08, 2022
Bypass's HCaptcha by overloading their api causing it to throwback a generated uuid. (Released due to exposure)

HCaptcha-Bypass Bypass's HCaptcha by overloading their api causing it to throwback a generated uuid. Not working? If it is not seeming to work for you

Dropout 17 Aug 23, 2021
Sample exploits for Zephyr CVE-2021-3625

CVE-2021-3625 This repository contains a few example exploits for CVE-2021-3625. All Zephyr-based usb devices up to (and including) version 2.5.0 suff

7 Nov 10, 2022
Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD).

What is Spray365? Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD). How is Spray3

Mark Hedrick 246 Dec 28, 2022
Cookiecutter for creating open source Python packages

Cookiecutter for rapidly developing new open source Python packages. Best practices with all the modern bells and whistles included.

Wolt 177 Dec 22, 2022
NFC Implant-base RSA Encrypted Messagging application

Encrypted messaging application with the use of MIFARE DESfire chip to store the private/public keys needed for the application authentication

4 Nov 06, 2021
Js File Scanner This is Js File Scanner

Js File Scanner This is Js File Scanner . Which are scan in js file and find juicy information Toke,Password Etc.

122 Dec 12, 2022
A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck

Malware Configuration Extractor A Malware Configuration Extraction Tool and Modules for MalDuck This project is FREE as in FREE 🍺 , use it commercial

c3rb3ru5 103 Dec 18, 2022