cve-2022-23131
cve-2022-23131 zabbix-saml-bypass-exp
- replace [zbx_signed_session] to [cookie]
- sign in with Single Sign-On (SAML)
link: https://blog.sonarsource.com/zabbix-case-study-of-unsafe-session-storage
Cve-2022-23131 - Cve-2022-23131 zabbix-saml-bypass-exp
Overview
TCP/UDP port scanner on python, usong scapy and multiprocessin
Port Scanner TCP/UDP port scanner on python, usong scapy and multiprocessing. Usage python3 scanner.py [OPTIONS] IP_ADDRESS [{tcp|udp}[/[PORT|PORT-POR
1 Dec 04, 2021
The disassembler parses evm bytecode from the command line or from a file.
EVM Bytecode Disassembler The disassembler parses evm bytecode from the command line or from a file. It does not matter whether the bytecode is prefix
13 Jan 03, 2022
Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe. https://github.com/adobe
Welcome to HubbleStack!! You can find the docs here You can file an issue here Follow us on Twitter! Development Below are sample instructions to setu
346 Jan 09, 2022
BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.
Follow us on Twitter! BoobSnail BoobSnail allows generating XLM (Excel 4.0) macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro gen
212 Jan 02, 2022
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
webapp-wordlists This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version co
261 Feb 05, 2022
Mr.Holmes is a information gathering tool (OSINT)
🔍 Mr.Holmes Mr.Holmes is a information gathering tool (OSINT). Is main purpose is to gain information about domains,username and phone numbers with t
163 Jan 10, 2022
Example for the NFT 3D Collectibles using Blender Scripting (Python).
NFT Collectibles using Blender Python What is this? This project is to demonstrate for generating NFT Collectible Avatar-Styled images. For details, p
19 Feb 02, 2022
Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potential blockers.
Fuzz introspector Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potenti
63 Jan 19, 2022
Kriecher is a simple Web Scanner which will run it's own checks for the OWASP
Kriecher is a simple Web Scanner which will run it's own checks for the OWASP top 10 https://owasp.org/www-project-top-ten/# as well as run a
1 Nov 11, 2021
Implementation of an attack on a tropical algebra discrete logarithm based protocol
Implementation of an attack on a tropical algebra discrete logarithm based protocol This code implements the attack detailed in the paper: On the trop
3 Dec 29, 2021
SSRF search vulnerabilities exploitation extended.
This tool search for SSRF using predefined settings in different parts of a request (path, host, headers, post and get parameters).
13 Jul 03, 2021
Oh365UserFinder is used for identifying valid o365 accounts without the risk of account lockouts.
Oh365 User Finder Oh365UserFinder is used for identifying valid o365 accounts without the risk of account lockouts. The tool parses responses to ident
207 Jan 27, 2022
Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password
Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password
8 Jan 20, 2022
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
This project is no longer maintained March 2020 Update: Please go see the amazing Pysa tutorial that should get you up to speed finding security vulne
2.1k Feb 02, 2022
Make your own huge Wordlist with advanced options
#It's my first tool i hope to be useful for everyone, Make your own huge Wordlist with advanced options, You need python3 to run this tool, If you hav
4 Oct 13, 2021
Set the draft security HTTP header Permissions-Policy (previously Feature-Policy) on your Django app.
django-permissions-policy Set the draft security HTTP header Permissions-Policy (previously Feature-Policy) on your Django app. Requirements Python 3.
53 Jan 13, 2022
A collection of intelligence about Log4Shell and its exploitation activity
Log4Shell-IOCs Members of the Curated Intelligence Trust Group have compiled a list of IOC feeds and threat reports focused on the recent Log4Shell ex
152 Jan 29, 2022
Just your basic port scanner - with multiprocessing capabilities & further nmap enumeration.
Just-Your-Basic-Port-Scanner Just your basic port scanner - with multiprocessing capabilities & further nmap enumeration. Use at your own discretion,
0 Nov 05, 2021
JavaScript Raider is a coverage-guided JavaScript fuzzing framework designed for the v8 JavaScript engine
JavaScript Raider is a coverage-guided JavaScript fuzzing framework designed for the v8 JavaScript engine
20 Jan 23, 2022
Herramienta para descargar eventos de Sucuri WAF hacia disco.
Descarga los eventos de Sucuri Script para descargar los eventos del Sucuri Web Application Firewall (WAF) en el disco como archivos CSV. Requerimient
2 Nov 28, 2021