This repository publishes analysis reports and analysis tools for Operation Dream Job and Operation JTrack for Lazarus.
Python tools for analyzing malware.
Python script to decode URL parameter for BLINDINGCAN_RC4.
Python to decode POST data for BLINDINGCAN_AES.
Hitcon 2021
CODE BLUE 2021
CVE-2022-1388 POC for CVE-2022-1388 affecting multiple F5 products. Follow the Horizon3.ai Attack Team on Twitter for the latest security research: Ho
Jumpserver-EXP JumpServer远程代码执行漏洞检测利用脚本
Send CVE information to the specified mailbox (from Github)
Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947) 1.installation pip3 install -r requirements.txt 2.Usage $ python3 spring-cloud-gateway
pyXSSPlatform Used to build an XSS platform on the command line. Usage: 1.generate the cert file You can use openssl like this: openssl req -new -x509
CVE-2021-3129 - Laravel RCE About The script has been made for exploiting the Laravel RCE (CVE-2021-3129) vulnerability. This script allows you to wri
charlotte c++ fully undetected shellcode launcher ;) releasing this to celebrate the birth of my newborn description 13/05/2021: c++ shellcode launche
Hello There! My name is Noble Wilson and I am an aspiring IT/InfoSec coder practicing for my future. ________________________________________________
log4j An automated header extensive scanner for detecting log4j RCE CVE-2021-44228 Usage $ python3 log4j.py -l urls.txt --dns-log REPLACE_THIS.dnslog.
👋 It's in beta, I'm still building How to install Linux and Termux: Clone Rp: git clone https://github.com/J4c5/superfish.git Install the dependencie
Uchihash is a small utility that can save malware analysts the time of dealing with embedded hash values used for various things such as: Dyn
springcore-0day-en These are all my notes from the alleged confirmed! 0day dropped on 2022-03-29. This vulnerability is commonly referred to as "Sprin
Log4jHorizon Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. BLOG COMING SOON Code and README.md this time around are
Embark is being developed to provide the firmware security analyzer emba as a containerized service and to ease accessibility to emba regardless of system and operating system.
DSLF DSLF stands for (D)arth (S)ide of the (L)og4j (F)orce. It is the ultimate log4j vulnerabilities assessor. It comes with four individual Python3 m
🚀🚀🚀Program helps you to detect the major framework or technology used in writing any android app. Just provide the apk 😇😇
tinyman_exploit_finder There was a big tinyman exploit. You can read about it he
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including P
aioloop-proxy A proxy for asyncio.AbstractEventLoop for testing purposes. When tests writing for asyncio based code, there are controversial requireme
DepFine DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE Installation: You Can inst
231 Dec 07, 2022
181 Dec 20, 2022
91 Nov 08, 2022
10 Sep 28, 2022
70 Jun 21, 2022
21 Dec 27, 2022
894 Dec 25, 2022
1 Nov 23, 2021
2 Dec 16, 2021
4 Jan 27, 2022
48 Dec 19, 2022
105 Nov 26, 2022
96 Dec 14, 2022
175 Dec 14, 2022
1 Jan 11, 2022
10 Dec 07, 2022
9 Dec 27, 2022
95 Dec 26, 2022
12 Dec 12, 2022
14 Nov 11, 2022