Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
Known issues
- it will not work outside kali , i will update it later on :)
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
Overview
Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules
About: Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux an
861 Feb 18, 2021
The ultimate Metasploit apk binder with legit apk written in python3
Infector is a python3 based script which is officially made for linux based distro . It binds metasploit payload with original apk with avast antivirus bypassed .
27 Dec 25, 2022
Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile.
Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile. It effectively runs its own MDM server and allows the operator to interface with it using Mythic.
37 Dec 06, 2022
A proxy server application written in python for trial purposes
python-proxy-server This is a proxy server β€οΈ application written in python β€οΈ for trial purposes. The purpose of the application; Connecting to Hacke
2 Dec 27, 2021
Python library to remotely extract credentials on a set of hosts.
Python library to remotely extract credentials on a set of hosts.
1.5k Dec 31, 2022
WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.
wpdisect WpDisect is a wordpress hacking tool that finds misconfigurations in wordpress. Prerequisites You need to download wordpress in the wpdisect
3 Feb 20, 2022
Script Crack Facebook Elite πΆββ
elite Script Crack Facebook Elite πΆββ Install Script $ pkg update && pkg upgrade $ termux-setup-storage $ pkg install git $ pkg install python $ pip
1 Jan 02, 2022
Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell
Unauthenticated Sqlinjection that leads to dump database but this one impersonated Admin and drops a interactive shell
16 Nov 09, 2022
Separate handling of protected media in Django, with X-Sendfile support
Django Protected Media Django Protected Media is a Django app that manages media that are considered sensitive in a protected fashion. Not only does t
46 Nov 12, 2022
Security audit Python project dependencies against security advisory databases.
Security audit Python project dependencies against security advisory databases.
52 Dec 17, 2022
Meterpreter Reverse shell over TOR network using hidden services
Poiana Reverse shell over TOR network using hidden services Features - Create a hidden service - Generate non-staged payload (python/meterpreter_rev
80 Dec 21, 2022
This is a proof-of-concept exploit for Grafana's Unauthorized Arbitrary File Read Vulnerability (CVE-2021-43798).
CVE-2021-43798 β Grafana Exploit About This is a proof-of-concept exploit for Grafana's Unauthorized Arbitrary File Read Vulnerability (CVE-2021-43798
12 Nov 18, 2022
FIVE, Vulnerability Scanner And Mass Exploiter, made for pentesting.
$ FIVE - FIVE is a Pentesting Framework to Test the Security & Integrity of a Website, or Multiple Websites. $ Info FIVE Was Made After Vulnnr to Prod
24 Dec 10, 2021
Operational information regarding the vulnerability in the Log4j logging library.
Log4j Vulnerability (CVE-2021-44228) This repo contains operational information regarding the vulnerability in the Log4j logging library (CVE-2021-442
1.9k Dec 26, 2022
Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
RITA (Real Intelligence Threat Analytics) in Jupyter Notebook RITA is an open source framework for network traffic analysis sponsored by Active Counte
157 Nov 24, 2022
proof-of-concept running docker container from omero web
docker-from-omero-poc proof-of-concept running docker container from omero web How-to Edit test_script.py so that the BaseClient is created pointing t
2 Jan 22, 2022
Pass2Pwn: a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name
Pass2Pwn is a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name
10 Oct 15, 2022
Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack
O365DevicePhish Microsoft365_devicePhish Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack This is a simple proof-of-concept script t
![Trewis [work] Scotch](https://avatars.githubusercontent.com/u/92666826?v=4&s=60)
4 Sep 23, 2022
CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE
CVE-2022-1388 CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE. POST /mgmt/tm/util/bash HTTP/1.1 Host: Accept-Encoding: gzip, deflate Accept: */
81 Dec 12, 2022
Worm/Trojan/Ransomware/apt/Rootkit/Virus Database
Pestilence - The Malware Database [] Screenshot Pestilence is a project created to make the possibility of malware analysis open and available to the
47 Dec 21, 2022