cve-2022-23131
cve-2022-23131 zabbix-saml-bypass-exp
- replace [zbx_signed_session] to [cookie]
- sign in with Single Sign-On (SAML)
link: https://blog.sonarsource.com/zabbix-case-study-of-unsafe-session-storage
Cve-2022-23131 - Cve-2022-23131 zabbix-saml-bypass-exp
Overview
A Python Scanner for log4j
log4j-Scanner scanner for log4j cat web-urls.txt | python3 log4j.py ID.burpcollaborator.net web-urls.txt http://127.0.0.1:8080 https://www.google.c
5 Jun 26, 2022
Simple tool to create passwords.
PasswordGenerator Simple password generator: -Simplisitc Window Application -Allows Numbers, Symbols & letters upper and lowercase -Restricts rows of
1 Jan 10, 2022
A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability
log4j-shell-poc A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability. Recently there was a new vulnerability in log4j, a java loggin
1.5k Jan 04, 2023
Rapidly enumerate subdomains and domains using rapiddns.io.
Description Simple python module (unofficial) allowing you to access data from rapiddns.io. You can also use it as a module. As mentioned on the rapid
27 Dec 31, 2022
Use scrapli to retrieve security zone information from a Juniper SRX firewall
Get Security Zones with Scrapli Overview This example will show how to retrieve security zone information on Juniper's SRX firewalls. In addition to t
2 Jun 19, 2022
Security offerings for AWS Control Tower
Caylent Security Catalyst Reference Architecture Examples This repository contains solutions for Caylent's Security Catalyst. The Security Catalyst is
1 Oct 22, 2021
A Telegram Bot to force users to join a specific channel before sending messages in a group.
Promoter A Telegram Bot to force users to join a specific channel before sending messages in a group. Introduction A Telegram Bot to force users to jo
1 Jan 27, 2022
Python DNS Lookup: The Domain Name System (DNS) is basically the phonebook of the Internet
-Python-DNS-Lookup- ✨ 🌟 Python DNS Lookup ✨ 🌟 The Domain Name System (DNS) is
2 Feb 14, 2022
Better-rtti-parser - IDA script to parse RTTI information in executable
RTTI parser Parses RTTI information from executable. Example HexRays decompiler view Before: After: Functions window Before: After: Structs window Ins
101 Jan 04, 2023
Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol
Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol
1 Jan 13, 2022
An IDA pro python script to decrypt Qbot malware string
Qbot-Strings-Decrypter An IDA pro python script to decrypt Qbot malware strings.
6 Sep 01, 2022
Polkit - Local Privilege Escalation (CVE-2021-3560)
CVE-2021-3560 Polkit - Local Privilege Escalation Original discovery by kevin_backhouse from GitHub Security Lab References https://github.blog/2021-0
1 Nov 12, 2021
POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL Pre-Auth RCE Injection Vulneralibity.
CVE-2021-26084 Description POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection V
9 Aug 31, 2022
Simple script to have LDAP authentication in Home Assistant Docker, using NGINX's ldap-auth container
Home Assistant LDAP Auth Simple script to have LDAP authentication in Home Assistant Docker, using NGINX's ldap-auth container. Usage Deploy NGINX's l
1 Sep 21, 2022
Denial Attacks by Various Methods
Denial Service Attack Denial Attacks by Various Methods IIIIIIIIIIIIIIIIIIII PPPPPPPPPPPPPPPPP VVVVVVVV VVVVVVVV I::
9 Nov 26, 2022
This tool help you to check if your Windows machine has hidden miner.
Hidden Miner Detector This tool help you to check if your Windows machine has hidden miner. Miners track when you open antivirus software or task mana
2 Oct 05, 2022
Phoenix Framework is an environment for writing, testing and using exploit code.
Phoenix Framework is an environment for writing, testing and using exploit code. 🖼 Screenshots 🎪 Community PwnWiki Forums 🔑 Licen
42 Aug 09, 2022
S2-062 (CVE-2021-31805) / S2-061 / S2-059 RCE
CVE-2021-31805 Remote code execution S2-062 (CVE-2021-31805) Due to Apache Struts2's incomplete fix for S2-061 (CVE-2020-17530), some tag attributes c
31 Nov 22, 2022
Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, downloads, history, and more.
ChromePE [Linux/Windows] Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, download
3 Oct 05, 2022
SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).
Flask-SeaSurf SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF). CSRF vulnerabilities have been found in large and popular
183 Dec 28, 2022