702406567785529366CVE-2021-22205 GitLab CE/EE Preauth RCE using ExifTool This project is for learning only, if someone's rights have been violated, please contact me to
dcpwn an impacket-dependent script exploiting CVE-2019-1040, with code partly borrowed from those security researchers that I'd like to say thanks to.
Bug Alert Bug Alert is a service for alerting security and IT professionals of h
Get important strings inside [Info.plist] & and Binary file also all output of result it will be saved in [app_binary].json , [app_plist_file].json file
SubFind (Subdomain Finder Tools) Info Tools Result Of Subdomain Command In Termi
MotionEye/MotionEyeOS Authenticated RCE A Python 3 script that uploads a tasks.pickle file that enables RCE in MotionEye. You need administrator crede
PySharpSphere Inspired by SharpSphere, just another python version. Installation python3 setup.py install Features Support control both Linux and Wind
SSLyze SSLyze is a fast and powerful SSL/TLS scanning tool and Python library. SSLyze can analyze the SSL/TLS configuration of a server by connecting
CVE-2021-24086 This is a proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability "), a NULL dereference in tcpip.sys patc
CVE-2021-36260 CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validatio
pybox A proof-of-concept bare-bones container written in 50 lines of python code. Provides namespace isolation and resource limit control Usage Insta
IntarKnife v1.0 a tool can be used in intarnet for easily pentesting moudle hash spray U can use this tool to spray hash on a webshell IntraKnife.exe
A tool that detects the "expensive" Carbon Black watchlists.
Get Security Zones with Scrapli Overview This example will show how to retrieve security zone information on Juniper's SRX firewalls. In addition to t
Insta-crack This is a instagram brute force tool that uses tor as its proxy connections, keep in mind that you should not do anything illegal with thi
APKLeaks - Scanning APK file for URIs, endpoints & secrets.
Log4Scan A simple automatic tool for finding vulnerable log4j hosts Installation pip3 install -r requirements.txt Usage usage: log4scan.py [-h] (-f FI
介绍 对于需要使用 Rogue Mysql Server 的漏洞来说,若想批量检测这种漏洞的话需要自备一个服务器。并且我常用的Rogue Mysql Server 脚本 不支持动态更改读取文件名、不支持远程用户访问读取结果、不支持批量化检测网站。于是乎萌生了这个小脚本的想法 Rogue-MySql-
Python tool for enumerating directories and for fuzzing
CVE-2022-23046 PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL s
164 Dec 10, 2022
71 Nov 30, 2022
208 Dec 15, 2022
12 Sep 28, 2022
2 Jan 25, 2022
1 Apr 18, 2022
191 Dec 22, 2022
2.8k Jan 03, 2023
220 Dec 14, 2022
165 Dec 21, 2022
5 Jun 03, 2021
4 Nov 24, 2021
8 Aug 04, 2022
2 Jun 19, 2022
3 Jan 28, 2022
3.5k Jan 09, 2023
6 Mar 10, 2022
6 May 17, 2022
5 Feb 21, 2022
2 Feb 15, 2022