ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)
usage:
python ProxyLogon.py --host=exchange.com --mail=admin@exchange.com
python ProxyLogon.py --host=exchange.com --mails=./mails.txt
args:
--host: target's address.
--mail: exists user's mail.
--mails: mails file.
ipobfuscator How it works? Single ip address can be written in multiple ways. The most popular way is to represent ip as 4 octets separated with dots.
Dark-Fb No Login 100% safe TERMUX • pkg install python2 && git -y • pip2 install requests mechanize tqdm • git clone https://github.com/BOT-033/Sensei
WEB-EYES V1.0 web-eyes: OSINT tools for website research, 14 research methods ar
RCE-0-day-for-GhostScript-9.50 PoC for RCE 0-day for GhostScript 9.50 - Payload generator The PoC in python generates payload when exploited for a 0-d
Automator-Terminator A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers (PLCs) w
proto A fast tool to scan prototype pollution vulnerability Syntax python3 proto.py -l alive.txt Requirements Selenium Google Chrome Webdriver Note :
SSL-Backdoor Abstract Large-scale unlabeled data has allowed recent progress in self-supervised learning methods that learn rich visual representation
Instagram-Brute-Force The purpose of this script is to brute-force guess the passwords to Instagram accounts. Specifics: Comes with 2 separate modes i
GoodHound ______ ____ __ __ / ____/___ ____ ____/ / / / /___ __ ______ ____/ / / / __/ __ \/ __ \/ __
水泽-信息收集自动化工具 郑重声明:文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用,任何人不得将其用于非法用途以及盈利等目的,否则后果自行承担。 0x01 介绍 作者:Ske 团队:0x727,未来一段时间将陆续开源工具,地址:https://github.com/0x727 定位:协助
py_annotation_switch A hack for writing switch statements in type annotations for Python. Why should I use this? You most definitely should not use th
CVE-2021-21978 带回显版本的漏洞利用脚本,更简单的方式 0. 漏洞信息 VMware View Planner Web管理界面存在一个上传日志功能文件的入口,没有进行认证且写入的日志文件路径用户可控,通过覆盖上传日志功能文件log_upload_wsgi.py,即可实现RCE 漏洞代码
CAPE: Malware Configuration And Payload Extraction CAPE is a malware sandbox. It is derived from Cuckoo and is designed to automate the process of mal
CVE-2021-33044 Dahua IPC/VTH/VTO devices auth bypass exploit About: The identity authentication bypass vulnerability found in some Dahua products duri
ClusterFuzz ClusterFuzz is a scalable fuzzing infrastructure that finds security and stability issues in software. Google uses ClusterFuzz to fuzz all
IPscan This Script is Framework To automate IP process large scope For Bug Hunti
HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.
Introduction fork from https://gitlab.com/eshard/d810 What is D-810 D-810 is an IDA Pro plugin which can be used to deobfuscate code at decompilation
bootleg-productions consider this account to be a journal for me to record my progress throughout my python journey feel free to copy codes from this
👋 It's in beta, I'm still building How to install Linux and Termux: Clone Rp: git clone https://github.com/J4c5/superfish.git Install the dependencie
1 Nov 02, 2021
1 Dec 04, 2021
8 Nov 10, 2022
534 Dec 14, 2022
25 Oct 10, 2022
4 Aug 31, 2021
44 Nov 21, 2022
2 Nov 16, 2021
352 Jan 02, 2023
2.7k Jan 09, 2023
6 Oct 17, 2021
24 Nov 09, 2022
1k Dec 30, 2022
23 Dec 02, 2022
4.9k Jan 08, 2023
8 Mar 12, 2022
5 May 10, 2022
30 Dec 06, 2022
1 Dec 30, 2021
4 Jan 27, 2022