# cvepull.py
#script that pulls cve collections from NVD.NIST.GOV.
#edit line 17 (timedelta) number to change the amount of days to search backwards from current date.
#edit line 24 (keywords) to add different keywords for your request to the API.
# #Output will have the following relevant info:
# final_ds.append({"CVE_data_meta": cve_data_meta_id,
# "description": description,
# "impact": cvssV3,
# "publishedDate": pub_date,
# "lastModifiedDate": last_mod_date
#
#
# Happy Searching
#
# Developers: David Johnson, Aaron Perkins
script that pulls cve collections from NVD.NIST.GOV.
Overview
Automatic ProxyShell Exploit
proxyshell-auto usage: proxyshell.py [-h] -t T Automatic Exploit ProxyShell optional arguments: -h, --help show this help message and exit -t T
93 Jan 05, 2023
DCSync - DCSync Attack from Outside using Impacket
Adding DCSync Permissions Mostly copypasta from https://github.com/tothi/rbcd-at
77 Dec 16, 2022
Yet another web fuzzer
yafuzz Yet another web fuzzer Usage This script can run in two modes of operation. Supplying a wordlist -W argument will initiate a multithreaded fuzz
5 Feb 02, 2022
Implementation of an attack on a tropical algebra discrete logarithm based protocol
Implementation of an attack on a tropical algebra discrete logarithm based protocol This code implements the attack detailed in the paper: On the trop
3 Dec 30, 2021
Exploit for GitLab CVE-2021-22205 Unauthenticated Remote Code Execution
Vuln Impact An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files tha
2 Dec 30, 2021
A scanner and a proof of sample exploit for log4j RCE CVE-2021-44228
1.Create a Sample Vulnerable Application . 2.Start a netcat listner . 3.Run the exploit . 5.Use jdk1.8.0_20 for better results . Exploit-db - https://
7 Aug 06, 2022
A simple Outline Server Access Key Copy and Paste Web Interface
Outline Keychain A simple Outline Server Access Key Copy and Paste Web Interface Developed for key and password export and copy & paste for other Shad
1 Dec 28, 2021
Mass scan for .git repository and .env file exposure
Mass .Git repository and .Env file Scan by Scarmandef Scanner to find .env file and .git repository exposure on multiple hosts Because of the response
8 Jun 23, 2022
A tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine or expire obfuscated scripts.
PyArmor Homepage (中文版网站) Documentation(中文版) PyArmor is a command line tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine
1.9k Dec 30, 2022
A brute Force tool for Facebook
EliBruter A brute Force tool for Facebook Installing this tool -- $ pkg upgrade && update $ pkg install python $ pkg install python3 $ pkg install gi
3 Mar 29, 2022
A deobfuscator for multiple python obfuscators
PY4COC A deobfuscator for multiple python obfuscators, supports exe's packed with pyinstaller too. How to use python3 py4coc.py exe file or py file o
16 Dec 03, 2022
telegram bug that discloses user's hidden phone number (still unpatched) (exploit included)
CVE-2019-15514 Type: Information Disclosure Affected Users, Versions, Devices: All Telegram Users Still not fixed/unpatched. brute.py is available exp
66 Dec 08, 2022
Client script for the fisherman phishing tool
Client script for the fisherman phishing tool
1 Feb 23, 2022
DoSer.py - Simple DoSer in Python
DoSer.py - Simple DoSer in Python What is DoSer? DoSer is basically an HTTP Denial of Service attack that affects threaded servers. It works like this
8 Sep 02, 2022
FBGen is simple facebook user based wordlist generator using Username/ID and cookie.
FBGen is simple facebook user based wordlist generator using Username/ID and cookie.
2 Jul 20, 2022
WinRemoteEnum is a module-based collection of operations achievable by a low-privileged domain user.
WinRemoteEnum WinRemoteEnum is a module-based collection of operations achievable by a low-privileged domain user, sharing the goal of remotely gather
9 Nov 09, 2022
Cisco RV110w UPnP stack overflow
Cisco RV110W UPnP 0day 分析 前言 最近UPnP比较火,恰好手里有一台Cisco RV110W,在2021年8月份思科官方公布了一个Cisco RV系列关于UPnP的0day,但是具体的细节并没有公布出来。于是想要用手中的设备调试挖掘一下这个漏洞,漏洞的公告可以在官网看到。 准
25 Nov 09, 2022
Moodle community-based vulnerability scanner
badmoodle Moodle community-based vulnerability scanner Description badmoodle is an unofficial community-based vulnerability scanner for moodle that sc
11 Dec 22, 2022
Log4Shell Proof of Concept (CVE-2021-44228)
CVE-2021-44228 Log4Shell Proof of Concept (CVE-2021-44228) Make sure to use Java 8 JDK. Java 8 Download Images Credits Casey Dunham - Java Reverse She
3 Jul 23, 2022
Security system to prevent Shoulder Surfing Attacks
Surf_Sec Security system to prevent Shoulder Surfing Attacks. REQUIREMENTS: Python 3.6+ XAMPP INSTALLED METHOD TO CONFIGURE PROJECT: Clone the repo to
1 Jan 27, 2022