Send CVE information to the specified mailbox (from Github)
監控Github上的漏洞、紅隊等信息推送釘釘、郵箱、Telegram BOT、Server醬
安裝telegram bot需要的庫:
pip3 install python-telegram-bot
keyword_list = ["免杀", "poc", "cve", "payload", "漏洞利用", "红队", "蓝队", "redteam", "取证", "应急", "后渗透", "内网", "攻防", "网络安全","主机安全", "信息收集", "溯源"]
https://github.com/6613GitHub6613
該項目受https://github.com/yhy0/github-cve-monitor 啓發,做了一點調整。
CVE-2021-26855 Brute Force EMail Exchange Server Timeline: Monday, March 8, 2021: Update Dumping content...(I'm not done, can u guy help me done this
py4jshell Simulating Log4j Remote Code Execution (RCE) CVE-2021-44228 vulnerability in a flask web server using python's logging library with custom f
CVE-2021-44077 Proof of Concept Exploit for CVE-2021-44077: PreAuth RCE in ManageEngine ServiceDesk Plus 11306 Based on: https://xz.aliyun.com/t/106
Pass2Pwn is a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name
CVE 2020-14871 Solaris exploit This is a basic ROP based exploit for CVE 2020-14871. CVE 2020-14871 is a vulnerability in Sun Solaris systems. The act
fyb-blender A set of blender assets created for the $yb NFT project. Install just as you would any other Blender Add-on (via Edit-Preferences-Add-on
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE Analyze Usage ------------------------------------------------------------- [*] CVE-2021-220
0x101 Show registered storage files of apps by jailbreak Legal disclaimer: Usage of insTof for attacking targets without prior mutual consent is illeg
rpckiller This script checks for any possible SSRF dns/http interactions in xmlrpc.php pingback feature and with that you can further try to escalate
ChromePE [Linux/Windows] Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, download
StrongBox 🔐 A secure way of storing your passwords. 🔑 Why to use StrongBox? StrongBox makes it possible to have a random generated strong password i
CVE-2022-21907 - Double Free in http.sys driver Summary An unauthenticated attacker can send an HTTP request with an "Accept-Encoding" HTTP request he
Log4j2-intranet-scan ⚠️ 免责声明 本项目仅面向合法授权的企业安全建设行为,在使用本项目进行检测时,您应确保该行为符合当地的法律法规,并且已经取得了足够的授权 如您在使用本项目的过程中存在任何非法行为,您需自行承担相应后果,我们将不承担任何法律及连带责任 在使用本项目前,请您务
Übersicht RCE 0day Unauthenticated remote command execution 0day exploit for Übersicht. Description Übersicht is a desktop widget application for m
Exch-CVE-2021-26855 ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker b
CVE-2021-3129 - Laravel RCE About The script has been made for exploiting the Laravel RCE (CVE-2021-3129) vulnerability. This script allows you to wri
5GC_API_parse Description 5GC API parse is a BurpSuite extension allowing to assess 5G core network functions, by parsing the OpenAPI 3.0 not supporte
✨ Powerfull & Universal Link Bypasser ✨
Python Port Scanner This script tries to check if it's possible to make a connection with the specific endpoint port. This is very useful to ensure se
proto A fast tool to scan prototype pollution vulnerability Syntax python3 proto.py -l alive.txt Requirements Selenium Google Chrome Webdriver Note :
117 Nov 28, 2022
86 Aug 21, 2022
25 Nov 09, 2022
10 Oct 15, 2022
2 Oct 25, 2022
1 May 06, 2022
224 Aug 05, 2022
4 Oct 24, 2022
33 Sep 23, 2022
3 Oct 05, 2022
5 Dec 25, 2021
71 Dec 22, 2022
16 Dec 19, 2022
10 Dec 21, 2021
24 Nov 14, 2022
21 Dec 27, 2022
57 Dec 16, 2022
4 Jun 03, 2022
7 Feb 26, 2022
4 Aug 31, 2021