Exploit script for CVE-2021-33564 (Argument Injection in Dragonfly Ruby Gem).
python3 poc.py -u https://<target_url>/system/refinery/images -r /etc/passwd
python3 poc.py -u https://<target_url>/system/refinery/images -w public/test.txt -c test.txt -lu http://<local_url>
For more information, please visit the blog.
Usage python3 .\exchange-exp.py -------------------------------------------------------------------------------- |
OrbitalDump A simple multi-threaded distributed SSH brute-forcing tool written in Python. How it Works When the script is executed without the --proxi
Proxyshell-Scanner nuclei scanner for Proxyshell RCE (CVE-2021-34423,CVE-2021-34473,CVE-2021-31207) discovered by orange tsai in Pwn2Own, which affect
CVE-2020-14756 WebLogic T3/IIOP RCE ExternalizableHelper.class of coherence.jar README project base on https://github.com/Y4er/CVE-2020-2555 and weblo
SARveillance Sentinel-1 SAR time series analysis for OSINT use. Description Generates a time lapse GIF of the Sentinel-1 satellite images for the loca
Let's Take The Bridge Pattern To The Next Level This video covers how the bridge
tinyman_exploit_finder There was a big tinyman exploit. You can read about it he
CVE-2021-22005-metasploit the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability pr
Tracing URL redirects has never been easier! Usage • Download 🚩 Use Cases To see where an affiliate link ends up To see what affiliate network is bei
mailcat The only cat who can find existing email addresses by nickname. Usage First install requirements: pip3 install -r requirements.txt Then just
log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more
RDPY Remote Desktop Protocol in twisted python. RDPY is a pure Python implementation of the Microsoft RDP (Remote Desktop Protocol) protocol (client a
宝塔面板Windows提权方法 本项目整理一些宝塔特性,可以在无漏洞的情况下利用这些特性来增加提权的机会。
CVE-2021-40859 Auerswald COMpact 8.0B Backdoors exploit About Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow a
Insta-crack This is a instagram brute force tool that uses tor as its proxy connections, keep in mind that you should not do anything illegal with thi
CryptoPunk Stealer The sole purpose of this script is to download the entire CryptoPunk NFT collection. How does it work? Basically, the website where
CVE-2021-36260 CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validatio
CVE-2021-3129 - Laravel RCE About The script has been made for exploiting the Laravel RCE (CVE-2021-3129) vulnerability. This script allows you to wri
GRR Rapid Response is an incident response framework focused on remote live forensics. Build Type Status Tests End-to-end Tests Windows Templates Linu
S2-061 脚本皆根据vulhub的struts2-059/061漏洞测试环境来写的,不具普遍性,还望大佬多多指教 struts2-061-poc.py(可执行简单系统命令) 用法:python struts2-061-poc.py http://ip:port command 例子:python
76 Nov 09, 2022
408 Jan 03, 2023
29 Dec 16, 2022
77 Dec 06, 2022
21 Dec 09, 2022
11 Jun 14, 2022
9 Dec 27, 2022
25 Nov 15, 2022
41 Nov 22, 2022
282 Dec 30, 2022
4 Aug 08, 2022
1.6k Dec 30, 2022
298 Dec 14, 2022
1 Nov 24, 2022
3 Jan 28, 2022
7 Oct 22, 2022
165 Dec 21, 2022
21 Dec 27, 2022
4.3k Jan 05, 2023
46 Oct 20, 2022