CVE-2021-40346-POC
CVE-2021-40346 integer overflow enables http smuggling
整数溢出导致的http请求走私
Build
git clone https://github.com/donky16/CVE-2021-40346-POC.git
cd CVE-2021-40346-POC
docker-compose build
docker-compose up -d
Exploit
CVE-2021-40346 integer overflow enables http smuggling
Overview
FOSSLight Scanner performs open source analysis after downloading the source by passing a link that can be cloned by wget or git.
FOSSLight Scanner Analyze at once for Open Source Compliance. FOSSLight Scanner performs open source analysis after downloading the source by passing
8 Nov 03, 2022
Infection Monkey - An automated pentest tool
Infection Monkey Data center Security Testing Tool Welcome to the Infection Monkey! The Infection Monkey is an open source security tool for testing a
6k Jan 09, 2023
Getting my gitlab commit history into github
🔰 ᵀᴱᴸᴱᴳᴿᴬᴹ ᴴᴬᶜᴷ ᴮᴼᵀ 🔰 The owner would not be responsible for any kind of bans due to the bot. • ⚡ INSTALLING ⚡ • • 🛠️ Lᴀɴɢᴜᴀɢᴇs Aɴᴅ Tᴏᴏʟs 🔰 • If
1 Dec 24, 2021
Undetectable Keylogger that reports to Discord
FUD Keylogger That Reports To Discord This python script will capture all of the keystrokes within a given time frame and report them to a Discord Ser
36 Dec 20, 2022
Huskee: Malware made in Python for Educational purposes
𝐇𝐔𝐒𝐊𝐄𝐄 Caracteristicas: Discord Token Grabber Wifi Passwords Grabber Googl
4 Aug 17, 2022
PortSwigger Burp Plugin for the Log4j (CVE-2021-44228)
yLog4j This is Y-Sec's @PortSwigger Burp Plugin for the Log4j CVE-2021-44228 vulnerability. The focus of yLog4j is to support mass-scanning of the Log
1 Jan 31, 2022
Convert a collection of features to a fixed-dimensional matrix using the hashing trick.
FeatureHasher Convert a collection of features to a fixed-dimensional matrix using the hashing trick. Note, this requires Jina=2.2.4. Example Here I
5 Mar 15, 2022
RedlineSpam - Python tool to spam Redline Infostealer panels with legit looking data
RedlineSpam Python tool to spam Redline Infostealer panels with legit looking da
4 Jan 27, 2022
test application for the licence key web app.
licence_software_test_app Make sure you set your database values in a .env file to the folder. Install MYSQL connector: pip install mysql-connector-py
1 Oct 28, 2021
A honey token manager and alert system for AWS.
SpaceSiren SpaceSiren is a honey token manager and alert system for AWS. With this fully serverless application, you can create and manage honey token
287 Nov 09, 2022
Hikvision 流媒体管理服务器敏感信息泄漏
Hikvisioninformation Hikvision 流媒体管理服务器敏感信息泄漏 Options optional arguments: -h, --help show this help message and exit -u url, --url url
13 Nov 09, 2022
Tools to make working the Arch Linux Security Tracker easier
This is a collection of Python scripts to make working with the Arch Linux Security Tracker easier.
6 Jul 13, 2022
Example for the NFT 3D Collectibles using Blender Scripting (Python).
NFT Collectibles using Blender Python What is this? This project is to demonstrate for generating NFT Collectible Avatar-Styled images. For details, p
48 Nov 26, 2022
A proxy for asyncio.AbstractEventLoop for testing purposes
aioloop-proxy A proxy for asyncio.AbstractEventLoop for testing purposes. When tests writing for asyncio based code, there are controversial requireme
12 Dec 12, 2022
Lightweight and beneficial Dependency Injection plugin for apscheduler
Implementation of dependency injection for apscheduler Prerequisites: apscheduler-di solves the problem since apscheduler doesn't support Dependency I
11 Dec 07, 2022
CVE-2022-21907 Vulnerability PoC
CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17, just some sm
16 Dec 18, 2022
Dahua IPC/VTH/VTO devices auth bypass exploit
CVE-2021-33044 Dahua IPC/VTH/VTO devices auth bypass exploit About: The identity authentication bypass vulnerability found in some Dahua products duri
23 Dec 02, 2022
Scan all java processes on your host to check weather it's affected by log4j2 remote code execution
Log4j2 Vulnerability Local Scanner (CVE-2021-45046) Log4j 漏洞本地检测脚本,扫描主机上所有java进程,检测是否引入了有漏洞的log4j-core jar包,是否可能遭到远程代码执行攻击(CVE-2021-45046)。上传扫描报告到指定的服
86 Dec 09, 2022
Spring4Shell - Spring Core RCE - CVE-2022-22965
Spring Core RCE - CVE-2022-22965 After Spring Cloud, on March 29, another heavyweight vulnerability of Spring broke out on the Internet: Spring Core R
118 Dec 31, 2022
Strapi Framework Vulnerable to Remote Code Execution
CVE-2019-19609 Strapi Framework Vulnerable to Remote Code Execution well, I didnt found any exploit for CVE-2019-19609 so I wrote one. :/ Usage pytho
7 Mar 08, 2022