CVE-2021-40346-POC
CVE-2021-40346 integer overflow enables http smuggling
整数溢出导致的http请求走私
Build
git clone https://github.com/donky16/CVE-2021-40346-POC.git
cd CVE-2021-40346-POC
docker-compose build
docker-compose up -d
Exploit
CVE-2021-40346 integer overflow enables http smuggling
Overview
AnonStress-Stored-XSS-Exploit - An exploit and demonstration on how to exploit a Stored XSS vulnerability in anonstress
AnonStress Stored XSS Exploit An exploit and demonstration on how to exploit a S
3 Jun 22, 2022
MayorSec DNS Enumeration Tool
MayorSecDNSScan MSDNSScan is used to identify DNS records for target domains and check for zone transfers. There really isn't much special about it, a
68 Dec 12, 2022
edgedressing leverages a Windows "feature" in order to force a target's Edge browser to open. This browser is then directed to a URL of choice.
edgedressing One day while experimenting with airpwn-ng, I noticed unexpected GET requests on the target node. The node in question happened to be a W
43 Dec 23, 2022
Security System using OpenCV
Security-System Security System using OpenCV Files in this Repository: email_send.py - This file contains python code to send an email when something
1 Oct 28, 2021
Attack SQL Server through gopher protocol
Attack SQL Server through gopher protocol
17 Nov 30, 2022
OpenSource Poc && Vulnerable-Target Storage Box.
reapoc OpenSource Poc && Vulnerable-Target Storage Box. We are aming to collect different normalized poc and the vulerable target to verify it. Now re
560 Dec 23, 2022
自动化爆破子域名,并遍历所有端口寻找http服务,并使用crawlergo、dirsearch、xray等工具扫描并集成报告;支持动态添加扫描到的域名至任务;
AutoScanner AutoScanner是什么 AutoScanner是一款自动化扫描器,其功能主要是遍历所有子域名、及遍历主机所有端口寻找出所有http服务,并使用集成的工具进行扫描,最后集成扫描报告; 工具目前有:oneforall、masscan、nmap、crawlergo、dirse
633 Dec 30, 2022
Compilation of resources and insights that helped me on my journey to data scientist
Compilation of resources and insights that helped me on my journey to data scientist
1.5k Jan 02, 2023
Pass2Pwn: a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name
Pass2Pwn is a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name
10 Oct 15, 2022
ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)
ExProlog ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065) Usage: exprolog.py [OPTIONS] ExProlog -
130 Dec 15, 2022
This tool was created in order to automate some basic OSINT tasks for penetration testing assingments.
This tool was created in order to automate some basic OSINT tasks for penetration testing assingments. The main feature that I haven't seen much anywhere is the downloadd google dork function where t
5 May 31, 2022
Obfuscate your python code into a string of integers. De-obfuscate also supported.
int-obfuscator Obfuscate your python code into a string of integers. De-obfuscate also supported. How it works: Each printable character gets replaced
6 Nov 13, 2022
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading
log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script
187 Jan 03, 2023
Script hecho en python para sacar la informacion del numero de telefono, Hecha con el API de numverify
Script hecho en python para sacar la informacion del numero de telefono, Hecha con el API de numverify
5 Dec 03, 2022
Scanner for Intranet
cthun3是集成端口扫描,服务识别,netbios扫描,网站识别,暴力破解和漏洞扫描的工具. cthun(克苏恩)是魔兽世界电子游戏中一位上古之神 截图 cthun3结合viper使用时截图 使用方法 端口扫描 -ps-ip 端口扫描的ip地址范围,例如可以输入 -ps-ip 192.168.14
18 Sep 03, 2022
A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask.
PWInput A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask. Installatio
26 Sep 04, 2022
Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures
Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion to your preferred editor once it is configured.
39 Nov 28, 2022
Grafana-0Day-Vuln-POC
Grafana V8.0+版本存在未授权任意文件读取 0Day漏洞 - POC 1 漏洞信息 1.1 基本信息 漏洞厂商:Grafana 厂商官网:https://grafana.com/ 1.2 漏洞描述 Grafana是一个跨平台、开源的数据可视化网络应用程序平台。用户配置连接的数据源之后,Gr
3 Dec 13, 2021
一款辅助探测Orderby注入漏洞的BurpSuite插件,Python3编写,适用于上xray等扫描器被ban的场景
OrderbyHunter 一款辅助探测Orderby注入漏洞的BurpSuite插件,Python3编写,适用于上xray等扫描器被ban的场景 1. 支持Get/Post型请求参数的探测,被动探测,对于存在Orderby注入的请求将会在HTTP Histroy里标红 2. 自定义排序参数list
21 Aug 12, 2022
DependConfusion-X Tool is written in Python3 that scans and monitors list of hosts for Dependency Confusion
DependConfusion-X Tool is written in Python3 which allows security researcher/bug bounty hunter to scan and monitor list of hosts for Dependency Confusion.
4 Dec 21, 2021