John Hammond | September 4th, 2021
Checking searchsploit for Webmin 1.580 I only saw a Metasploit module for the /file/show.cgi Remote Code Execution attack on that legacy Webmin version.
This code is an attempt to recreate that in Python without using Metasploit.
CVE-2021-2982.py - this offers a one-shot capability to run a single commandnaabu2nmap 对naabu的端口扫描结果,调用nmap进行指纹识别
Yobi Yara Based Detection for web browsers System Requirements Yobi requires python3 and and right now supports only firefox and other Gecko-based bro
Brute-Force-Connected Guess the password for Connected accounts the use : Create a new file and put usernames and passwords in it Example : joker:1234
Mobile Verification Toolkit Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic
ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be used from Penetration Tester and Bug Bounty Hunters.
mailcat The only cat who can find existing email addresses by nickname. Usage First install requirements: pip3 install -r requirements.txt Then just
OSINT Passive Discovery Amass - https://github.com/OWASP/Amass (Attack Surface M
Cobalt Strike Configuration Extractor and Parser Overview Pure Python library and set of scripts to extract and parse configurations (configs) from Co
CVE-2021-44228 Log4Shell Proof of Concept (CVE-2021-44228) Make sure to use Java 8 JDK. Java 8 Download Images Credits Casey Dunham - Java Reverse She
Log4j2 Vulnerability Local Scanner (CVE-2021-45046) Log4j 漏洞本地检测脚本,扫描主机上所有java进程,检测是否引入了有漏洞的log4j-core jar包,是否可能遭到远程代码执行攻击(CVE-2021-45046)。上传扫描报告到指定的服
MassDNS A high-performance DNS stub resolver MassDNS is a simple high-performance DNS stub resolver targeting those who seek to resolve a massive amou
CryptoPunk Stealer The sole purpose of this script is to download the entire CryptoPunk NFT collection. How does it work? Basically, the website where
TProxer A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF. How • Install • Todo • Join Discord How it works
py4jshell Simulating Log4j Remote Code Execution (RCE) CVE-2021-44228 vulnerability in a flask web server using python's logging library with custom f
poro Description Scan for publicly accessible assets on your AWS environment Services covered by this tool: AWS ELB API Gateway S3 Buckets RDS Databas
Password Manager is a simple Python project which helps users in managing their passwords in a easier way
PrintNightmare Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) using standard Impacket. Installtion $ pip3 install impacket
A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regardin
Detect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.
This repository uses a mixture of numbers, alphabets, and other symbols found on the computer keyboard to form a 16-character password which is unpredictable and cannot easily be memorised.
12 Nov 22, 2022
44 Nov 20, 2022
4 Jun 05, 2022
8.3k Jan 08, 2023
45 Dec 28, 2022
282 Dec 30, 2022
5 May 18, 2022
102 Dec 18, 2022
3 Jul 23, 2022
86 Dec 09, 2022
2.5k Jan 07, 2023
7 Oct 22, 2022
162 Nov 25, 2022
86 Aug 21, 2022
134 Dec 16, 2022
4 Sep 29, 2021
140 Dec 27, 2022
39 Dec 10, 2022
1.2k Dec 27, 2022
1 Nov 23, 2021