Stars
A Lua Server Pages reverse webshell for Windows.
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-…
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
Gain Windows initial shell using Jenkins.
POC for CVE-2024-23897 Jenkins File-Read
CVE-2019–15107 - Unauthenticated RCE Webmin <=1.920
post/windows/manage/enable_rdp Metaploit module in Command prompt module
Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
SambaCry exploit and vulnerable container (CVE-2017-7494)
CVE-2021-43798 - Grafana 8.x Path Traversal (Pre-Auth)
Grafana Unauthorized arbitrary file reading vulnerability
Tools, utilities and scripts to help you write redis modules!
Pentest Tool to generate usernames/logins based on supplied names.
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
POC script for CVE-2023-26035 (zoneminder 1.36.32)
PoC exploit for CVE-2020-7247 OpenSMTPD 6.4.0 < 6.6.1 Remote Code Execution
Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
Unauthenticated Remote Code Execution in PyLoad <0.5.0b3.dev31
Atlassian Confluence (CVE-2022-26134) - Unauthenticated Remote code execution (RCE)
CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.