# cvepull.py
#script that pulls cve collections from NVD.NIST.GOV.
#edit line 17 (timedelta) number to change the amount of days to search backwards from current date.
#edit line 24 (keywords) to add different keywords for your request to the API.
# #Output will have the following relevant info:
# final_ds.append({"CVE_data_meta": cve_data_meta_id,
# "description": description,
# "impact": cvssV3,
# "publishedDate": pub_date,
# "lastModifiedDate": last_mod_date
#
#
# Happy Searching
#
# Developers: David Johnson, Aaron Perkins
script that pulls cve collections from NVD.NIST.GOV.
Overview
Brute smb share - Brute force a SMB share
brute_smb_share I wrote this small PoC after bumping into SMB servers where Hydr
3 Feb 21, 2022
Python tool for dumping flash via uboot reliably
Reliable Uboot Flash Dumper is a Python tool for dumping flash via uboot reliably. If you've ever had to dump flash via uboot and a serial connection and became frustrated about doing it several time
25 May 10, 2022
CVE-2021-22205& GitLab CE/EE RCE
Vuln Impact An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files tha
213 Dec 30, 2022
Keystroke logging, often referred to as keylogging or keyboard capturing
Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware
2 Jan 11, 2022
Deobfuscate Log4Shell payloads with ease
Ox4Shell Deobfuscate Log4Shell payloads with ease. Description Since the release
137 Jan 02, 2023
hackinsta: a program to hack instagram
hackinsta a program to hack instagram Yokoback_(instahack) is the file to open, you need libraries write on import. You run that file in the same fold
1 Dec 04, 2021
The self-hostable proxy tunnel
TTUN Server The self-hostable proxy tunnel. Running Running: docker run -e TUNNEL_DOMAIN=Your tunnel domain -e SECURE=True if using SSL ghcr.io/to
2 Jan 11, 2022
Confluence OGNL injection
CVE-2021-26084 Confluence OGNL injection CVE-2021-26084 is an Object-Graph Navigation Language (OGNL) injection vulnerability in the Atlassian Conflue
15 Sep 23, 2022
Dahua IPC/VTH/VTO devices auth bypass exploit
CVE-2021-33044 Dahua IPC/VTH/VTO devices auth bypass exploit About: The identity authentication bypass vulnerability found in some Dahua products duri
23 Dec 02, 2022
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Pupy Installation Installation instructions are on the wiki, in addition to all other documentation. For maximum compatibility, it is recommended to u
7.4k Jan 04, 2023
Grafana-0Day-Vuln-POC
Grafana V8.0+版本存在未授权任意文件读取 0Day漏洞 - POC 1 漏洞信息 1.1 基本信息 漏洞厂商:Grafana 厂商官网:https://grafana.com/ 1.2 漏洞描述 Grafana是一个跨平台、开源的数据可视化网络应用程序平台。用户配置连接的数据源之后,Gr
3 Dec 13, 2021
Facebook account cloning/hacking advanced tool + dictionary attack added | Facebook automation tool
loggef Facebook automation tool, Facebook account hacking and cloning advanced tool + dictionary attack added Warning Use this tool for educational pu
149 Aug 10, 2022
Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.
Dlint Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure. The most important thing I have done as a progra
127 Dec 27, 2022
HTTP security headers for Flask
Talisman: HTTP security headers for Flask Talisman is a small Flask extension that handles setting HTTP headers that can help protect against a few co
854 Dec 30, 2022
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
About Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-202
500 Jan 06, 2023
Tools for converting Nintendo DS binaries to an ELF file for Ghidra/IDA
nds2elf Requirements nds2elf.py uses LIEF and template.elf to form a new binary. LIEF is available via pip: pip3 install lief Usage DSi and DSi-enhan
17 Aug 14, 2022
Automatic SQL injection and database takeover tool
sqlmap sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of
25.7k Jan 08, 2023
The disassembler parses evm bytecode from the command line or from a file.
EVM Bytecode Disassembler The disassembler parses evm bytecode from the command line or from a file. It does not matter whether the bytecode is prefix
22 Dec 27, 2022
Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol
Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol
1 Jan 13, 2022
Scout Suite - an open source multi-cloud security-auditing tool,
Description Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using t
5k Jan 05, 2023