Solr-SSRF
Apache Solr SSRF #Use
[-] Apache Solr SSRF漏洞 (CVE-2021-27905)
[-] Options:
-h or --help : 方法说明
-u or --url : 站点URL地址
-d or --dnslog : DnsLog
eg
python3 CVE-2021-27905.py -u URL -d dnslog
Apache Solr SSRF(CVE-2021-27905)
Overview
Python tool for exploiting CVE-2021-35616
OracleOTM Python tool for exploiting CVE-2021-35616 The script works in modules, which I implemented in the following order: ► Username enumeration ►
11 Dec 06, 2022
Obfuscate your python code into a string of integers. De-obfuscate also supported.
int-obfuscator Obfuscate your python code into a string of integers. De-obfuscate also supported. How it works: Each printable character gets replaced
6 Nov 13, 2022
This repository uses a mixture of numbers, alphabets, and other symbols found on the computer keyboard
This repository uses a mixture of numbers, alphabets, and other symbols found on the computer keyboard to form a 16-character password which is unpredictable and cannot easily be memorised.
1 Nov 23, 2021
HashDB API hash lookup plugin for IDA Pro
HashDB IDA Plugin Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service. Adding New Hash Algorithms
237 Dec 21, 2022
POC for detecting the Log4Shell (Log4J RCE) vulnerability.
log4shell-poc-py POC for detecting the Log4Shell (Log4J RCE) vulnerability. Run on a system with python3 python3 log4shell-poc.py pathToTargetFile
2 Dec 22, 2021
LeLeLe: A tool to simplify the application of Lattice attacks.
LeLeLe is a very simple library (300 lines) to help you more easily implement lattice attacks, the library is inspired by Z3Py (python interfa
4 Dec 14, 2021
Brute-forcing (or not!) deck builder for Pokemon Trading Card Game.
PokeBot Deck Builder Brute-forcing (or not!) deck builder for Pokemon Trading Card Game. Warning: intensely not optimized and spaghetti coded Credits
0 Jan 10, 2022
A blind SQL injection script that uses binary search aka bisection method to dump datas from database.
Blind SQL Injection I wrote this script to solve PortSwigger Web Security Academy's particular Blind SQL injection with conditional responses lab. Bec
2 Oct 29, 2022
Ingest GreyNoise.io malicious feed for CVE-2021-44228 and apply null routes
log4j-nullroute Quick script to ingest IP feed from greynoise.io for log4j (CVE-2021-44228) and null route bad addresses. Works w/Cisco IOS-XE and Ari
5 Sep 12, 2022
Scout Suite - an open source multi-cloud security-auditing tool,
Description Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using t
5k Jan 05, 2023
Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potential blockers.
Fuzz introspector Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potenti
221 Jan 01, 2023
ThePhish: an automated phishing email analysis tool
ThePhish ThePhish is an automated phishing email analysis tool based on TheHive, Cortex and MISP. It is a web application written in Python 3 and base
675 Jan 03, 2023
test application for the licence key web app.
licence_software_test_app Make sure you set your database values in a .env file to the folder. Install MYSQL connector: pip install mysql-connector-py
1 Oct 28, 2021
In this program, I generate the strong password from existing password without class using python. The special thing in this program is that is generate very strong password from our existing password. It replaces some elements from password and put another elements in it.
Strong-password-Generator-from-existing-password-using-python In this program, I generate the strong password from existing password without class usi
4 Sep 24, 2021
Chapter 1 of the AWS Cookbook
Chapter 1 - Security Set and export your default region: export AWS_REGION=us-east-1 Set your AWS ACCOUNT ID:: AWS_ACCOUNT_ID=$(aws sts get-caller-ide
30 Nov 27, 2022
Exploit for CVE-2017-17562 vulnerability, that allows RCE on GoAhead (< v3.6.5) if the CGI is enabled and a CGI program is dynamically linked.
GoAhead RCE Exploit Exploit for CVE-2017-17562 vulnerability, that allows RCE on GoAhead ( v3.6.5) if the CGI is enabled and a CGI program is dynamic
2 Dec 12, 2021
Uncover the full name of a target on Linkedin.
Revealin Uncover the full name of a target on Linkedin. It's just a little PoC exploiting a design flaw. Useful for OSINT. Screenshot Usage $ git clon
129 Dec 21, 2022
Discord-email-spammer-exploit - A discord email spammer exploit with python
Discord-email-spammer-exploit was made by Love ❌ code ✅ 🎈 ・Description First it
25 Aug 13, 2022
LinOTP - the open source solution for two factor authentication
LinOTP LinOTP - the Open Source solution for multi-factor authentication Copyright © 2010-2019 KeyIdentity GmbH Coypright © 2019- arxes-tolina GmbH In
462 Jan 02, 2023
🔐 A simple command-line password manager.
PassVault What Is It? It is a command-line password manager, for educational purposes, that stores localy, in AES encryption, your sensitives datas in
5 Aug 15, 2022