nuclei scanner for Proxyshell RCE (CVE-2021-34423,CVE-2021-34473,CVE-2021-31207) discovered by orange tsai in Pwn2Own, which affect microsoft exchange server.
https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html
https://blog.orange.tw/2021/08/proxyoracle-a-new-attack-surface-on-ms-exchange-part-2.html
https://peterjson.medium.com/reproducing-the-proxyshell-pwn2own-exploit-49743a4ea9a1
WiFi_Cracker About the Program: This program is a WiFi cracker! Just run code and select a desired wifi to start cracking 💣 Note: you can use this pa
A python3 script for search possible misconfiguration in a DNS related to security protections of email service from the domain name. This project is for educational use, we are not responsible for i
bootleg-productions consider this account to be a journal for me to record my progress throughout my python journey feel free to copy codes from this
CVE-2021-40870 Exploitation An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous ty
BurpSuite Extension: Log4j RCE Scanner
This repository is NOT official -- the original repository is located on GitLab
Threagile is an open-source toolkit for agile threat modeling:
GreedyBear The project goal is to extract data of the attacks detected by a TPOT or a cluster of them and to generate some feeds that can be used to p
UnicodeToy Unicode fuzzer for various purposes Unicode based on version 14.0 features Generate the shortest xss domain payload Generate unicode str, u
client attack remotely , this script was written for educational purposes only, do not use against to any victim, which you do not have permission for it
Get Security Zones with Scrapli Overview This example will show how to retrieve security zone information on Juniper's SRX firewalls. In addition to t
DSLF DSLF stands for (D)arth (S)ide of the (L)og4j (F)orce. It is the ultimate log4j vulnerabilities assessor. It comes with four individual Python3 m
Compositional Soft Prompting (CSP) Compositional soft prompting (CSP), a parameter-efficient learning technique to improve the zero-shot compositional
wifi-bf [LINUX ONLY] A (completely native) python3 wifi brute-force attack using the 100k most common passwords (2021) This script is purely for educa
CVE-2021-21978 带回显版本的漏洞利用脚本,更简单的方式 0. 漏洞信息 VMware View Planner Web管理界面存在一个上传日志功能文件的入口,没有进行认证且写入的日志文件路径用户可控,通过覆盖上传日志功能文件log_upload_wsgi.py,即可实现RCE 漏洞代码
Northwave Log4j CVE-2021-44228 checker Friday 10 December 2021 a new Proof-of-Concept 1 addressing a Remote code Execution (RCE) vulnerability in the
f-mbf Fuck - Multi Brute Force 🚶♂ Install Script $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ pip2 install requests $ pip2
Implementation of an attack on a tropical algebra discrete logarithm based protocol This code implements the attack detailed in the paper: On the trop
This is a Password database I made for myself, as I want to keep all my passwords in the same place. but still protected, shall anyone get access to the file. And so I made this simple password datab
Hive Burp Suite Extension Description Hive extension for Burp Suite. This extension allows you to send data from Burp to Hive in one click. Create iss
13 Dec 08, 2022
20 Dec 02, 2022
1 Dec 30, 2021
16 Nov 15, 2022
1 Dec 16, 2021
2 Feb 05, 2022
425 Jan 07, 2023
72 Jan 01, 2023
33 Nov 27, 2022
9 Jun 05, 2022
2 Jun 19, 2022
1 Jan 11, 2022
32 Jan 02, 2023
20 Nov 12, 2022
24 Nov 09, 2022
125 Dec 09, 2022
1 Dec 03, 2021
3 Dec 30, 2021
9 Oct 30, 2022
7 Dec 07, 2022