Original discovery by kevin_backhouse from GitHub Security Lab
Apache-Log4j Apache Log4j 远程代码执行 攻击者可直接构造恶意请求,触发远程代码执行漏洞。漏洞利用无需特殊配置,经阿里云安全团队验证,Apache Struts2、Apache Solr、Apache Druid、Apache Flink等均受影响 Steps 【Import
zip-symlink-payload-creator This is a simple tool to create ZIP payloads using a provided wordlist for the symlink attack (present in some file upload
FutureHelper Supports macOS and Windows Downloads SEP, Baseband and BuildManifest automatically for signed iOS version's (including beta firmwares) fo
This code for hacking profile views. Not recommended to adding profile views in profile. This code is not illegal code. This code is for beginners.
CVE-2021-22911 Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1 The getPasswordPolicy method is vulnerable to NoS
CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17, just some sm
over-the-wire-natas Natas teaches the basics of serverside web-security. Each level of natas consists of its own website located at http://natasX.nata
brute_smb_share I wrote this small PoC after bumping into SMB servers where Hydr
A tool combined with the advantages of masscan and nmap
About create a target list or select one target, scans then exploits, done! Vulnnr is a Vulnerability Scanner & Auto Exploiter You can use this tool t
PrintNightmare Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) using standard Impacket. Installtion $ pip3 install impacket
CLICK-Jack It is a automatic tool to find Clickjacking Vulnerability in various
This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired
Whois-Python-GUI Get Whois Domain with Python - GUI :) WARNING Dont Copy ! - W
Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries. Using xrefs to commonly injected and format string'd files, it will scan binaries faster than F
log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more
CSAW 2021 Writeups Challenge Category Solved by The Magic Modbus ics root2thrill Lazy Leaks Forensics root2thrill Poem Collection warm-up root2thrill
Password Manager is a simple Python project which helps users in managing their passwords in a easier way
Midas ELF64 Injector Description Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary. All you n
Bad Blood Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versi
57 Oct 03, 2022
6 Aug 18, 2022
7 Jan 05, 2023
3 Nov 28, 2021
47 Nov 09, 2022
16 Dec 18, 2022
1 Nov 27, 2021
3 Feb 21, 2022
59 Dec 24, 2022
108 Dec 04, 2021
141 Dec 31, 2022
4 Jan 10, 2022
26 Dec 26, 2022
3 Feb 21, 2022
3 Nov 16, 2021
4 Aug 08, 2022
7 Oct 06, 2021
4 Sep 29, 2021
20 Dec 24, 2022
80 Dec 29, 2022