Cve-2022-23131 - Cve-2022-23131 zabbix-saml-bypass-exp

Last update: Dec 14, 2022

Overview

cve-2022-23131

cve-2022-23131 zabbix-saml-bypass-exp

replace [zbx_signed_session] to [cookie]

link: https://blog.sonarsource.com/zabbix-case-study-of-unsafe-session-storage

Owner

东方有鱼名为咸

InfoSec & Penteste studying & Feral programmer

GitHub Repository

telegram bug that discloses user's hidden phone number (still unpatched) (exploit included)

CVE-2019-15514 Type: Information Disclosure Affected Users, Versions, Devices: All Telegram Users Still not fixed/unpatched. brute.py is available exp

66 Dec 08, 2022

Obfuscate your python code into a string of integers. De-obfuscate also supported.

int-obfuscator Obfuscate your python code into a string of integers. De-obfuscate also supported. How it works: Each printable character gets replaced

6 Nov 13, 2022

Open-source jailbreaking tool for many iOS devices

Open-source jailbreaking tool for many iOS devices *Read disclaimer before using this software. checkm8 permanent unpatchable bootrom exploit for hund

6.7k Jan 05, 2023

A honeypot for the Log4Shell vulnerability (CVE-2021-44228)

Log4Pot A honeypot for the Log4Shell vulnerability (CVE-2021-44228). License: GPLv3.0 Features Listen on various ports for Log4Shell exploitation. Det

79 Dec 27, 2022

RedTeam-Security - In this repo you will get the information of Red Team Security related links

OSINT Passive Discovery Amass - https://github.com/OWASP/Amass (Attack Surface M

5 May 18, 2022

IDA scripts for hypervisor (Hyper-v) analysis and reverse engineering automation

Re-Scripts IA32-VMX-Helper (IDA-Script) IA32-MSR-Decoder (IDA-Script) IA32 VMX Helper It's an IDA script (Updated IA32 MSR Decoder) which helps you to

16 Oct 08, 2022

test application for the licence key web app.

licence_software_test_app Make sure you set your database values in a .env file to the folder. Install MYSQL connector: pip install mysql-connector-py

1 Oct 28, 2021

一款辅助探测Orderby注入漏洞的BurpSuite插件，Python3编写，适用于上xray等扫描器被ban的场景

OrderbyHunter 一款辅助探测Orderby注入漏洞的BurpSuite插件，Python3编写，适用于上xray等扫描器被ban的场景 1. 支持Get/Post型请求参数的探测，被动探测，对于存在Orderby注入的请求将会在HTTP Histroy里标红 2. 自定义排序参数list

21 Aug 12, 2022

Security audit Python project dependencies against security advisory databases.

52 Dec 17, 2022

Proof-of-concept obfuscation toolkit for C# post-exploitation tools

InvisibilityCloak Proof-of-concept obfuscation toolkit for C# post-exploitation tools. This will perform the below actions for a C# visual studio proj

259 Dec 19, 2022

the swiss army knife in the hash field. fast, reliable and easy to use

hexxus Hexxus is a fast hash cracking tool which checks more than 30 thousand passwords in under 4 seconds and can crack the following types bcrypt sh

17 Apr 05, 2022

Fast Fb Cracking Tool

fb-brute Fast Fb Cracking Tool 🏆

8 Jun 29, 2022

Hack any account sending fake nitro QR code (only for educational purpose)

DISCORD_ACCOUNT_HACKING_TOOL ( EDUCATIONAL PURPOSE ) Hack any account sending fake nitro QR code (only for educational purpose) Start my program token

7 Jan 07, 2022

On the 11/11/21 the apache 2.4.49-2.4.50 remote command execution POC has been published online and this is a loader so that you can mass exploit servers using this.

ApacheRCE ApacheRCE is a small little python script that will allow you to input the apache version 2.4.49-2.4.50 and then input a list of ip addresse

3 Dec 04, 2022