Strapi Framework Vulnerable to Remote Code Execution
well, I didnt found any exploit for CVE-2019-19609 so I wrote one. :/
python3 exploit.py <rhost> <lhost> <jwt> <url>
https://hack-fast.herokuapp.com/cve/CVE-2019-19609
https://github.com/strapi/strapi/pull/4636
Salesforce Recon and Exploitation Toolkit Salesforce Recon and Exploitation Toolkit Usage python3 main.py URL References Announcement Blog - https:/
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
CVE-2021-44228-log4j discovery (Download the MKP package) This plugin discovers vulnerable files for the CVE-2021-44228-log4j issue. To discover this
Solution Solución propuesta para el reto BBVA Contigo del Hackathon BBVA 2021. Equipo Mexdapy. Integrantes: David Pedroza Segoviano Regina Priscila Ba
ReconTracer A Tool for subdomain scan with other tools ReconTracer Find subdomains by using another amazing sources!. Obs: In a close future recontrac
scancss Fastest tool to find XSS. scancss is a fastest tool to detect Cross Site scripting (XSS) automatically and it's also an intelligent payload ge
ADExplorerSnapshot.py ADExplorerSnapshot.py is an AD Explorer snapshot ingestor for BloodHound. AD Explorer allows you to connect to a DC and browse L
CVE-2021-26084 Description POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection V
CSPass This tool allows to automatically test for Content Security Policy bypass payloads. Usage [cspass]$ ./cspass.py -h usage: cspass.py [-h] [--no-
Proof of Concept GnuCash Webinterface This may one day be a something truly great. Milestones [ ] Browse accounts and view transactions [ ] Record sim
little advanced subdomain scanner made in python, works very quick and has options to change the port u want it to connect for
GreedyBear The project goal is to extract data of the attacks detected by a TPOT or a cluster of them and to generate some feeds that can be used to p
Wonk is a tool for combining a set of AWS policy files into smaller compiled policy sets.
SonicWALL SSL-VPN Web Server Vulnerable Exploit
RedTeam Toolkit Note: Only legal activities should be conducted with this project. Red Team Toolkit is an Open-Source Django Offensive Web-App contain
Log4Shell RCE Exploit fully independent exploit does not require any 3rd party binaries. The exploit spraying the payload to all possible logged HTTP
CVE-2021-41773 Path Traversal for Apache 2.4.49
Example on how to query events by a RESTful API, compose CEF event format and send the events to an UDP receiver.
Brute force attack tool for Azure AD Autologon
sshmap SSH Tool For OSINT and then Cracking. Linux Systems Only Usage: Scanner Syntax: scanner start/stop/status - Sarts/stops/sho
81 Dec 23, 2022
2.8k Dec 29, 2022
4 Jan 08, 2022
2 Dec 06, 2021
15 Dec 18, 2021
30 Sep 24, 2022
576 Dec 23, 2022
9 Aug 31, 2022
30 Nov 22, 2022
14 Dec 28, 2022
5 Nov 23, 2021
72 Jan 01, 2023
140 Dec 16, 2022
44 Nov 15, 2022
382 Jan 01, 2023
258 Jan 02, 2023
3 Oct 20, 2021
3 Feb 10, 2022
89 Jan 02, 2023
5 Apr 04, 2022