A Modified version of TCC's Osprey poc framework......

Related tags

Security related resourcesfirece-fish
Overview

fierce-fish Python 3.9

fierce-fish是由TCC(斗象能力中心)出品并维护的开源漏洞检测框架osprey的改写,去掉臃肿功能的精简版本poc框架

  • PS:真的用不惯其它臃肿的功能,不过作为一个收集漏洞poc && exp的框架还是非常不错的!!!

  • osprey

  • For beginners friendly (script kiddos would like it !)

简介

fierce-fish ------ 凶鱼,一种比鱼鹰还要凶猛的鱼,由于是osprey的改写版所以取此命名漏洞盒子PoC框架,寓意快,精,准,凶。

fierce-fish 是一个可无限扩展自定义poc的开源漏洞检测与利用框架(Python3开发),是osprey的修改版。 fierce-fish框架可供使用者在渗透测试、漏洞检测、漏洞扫描等场景中应用。框架提供了命令行接口,可供灵活调用,也可用于构建自己的扫描器, 构建自己的通用型漏洞库。

持续添加POC && EXP

安装

从Git上获取最新版本的osprey代码

$ git clone https://github.com/FDlucifer/firece-fish.git
$ cd firece-fish
$ pip3 install -r requirements.txt
  • 若执行脚本还是报错,可以根据报错信息提示缺失的模块,手动执行命令(pip3 install ‘缺失模块名'),进行安装...

使用

  • 获取帮助列表:
$ python osprey.py --help
  • 最简单的用法,针对一个目标URL,发起一个PoC做检测:
$ python osprey.py -t URL -v POC_ID

目前已收录漏洞POC及EXP

漏洞名 poc名称 poc链接
Metinfo 5.3.17 X-Rewrite-url SQL Injection vb_2017_0060 Metinfo_5_3_17_X_Rewrite_url_Sql_Injection
Landray-OA Arbitrary File Read vb_2021_0001 Landray-OA Arbitrary File Read
Yy-OA A6 Disclosure of sensitive information vb_2021_0002 Yy-OA A6 Disclosure of sensitive information
LionfishCMS ApiController.class.php SQL Injection vb_2021_0003 LionfishCMS ApiController.class.php SQL Injection
LionfishCMS ApigoodsController.class.php SQL Injection vb_2021_0004 LionfishCMS ApigoodsController.class.php SQL Injection
Kingsoft V8 Arbitrary file read vb_2021_0005 Kingsoft V8 Arbitrary file read
Kingsoft V8 pdf_maker.php RCE vb_2021_0006 Kingsoft V8 pdf_maker.php RCE
Kingsoft V8 Default Weak Password vb_2021_0007 Kingsoft V8 Default Weak Password
Weaver OA 8 SQL injection vb_2021_0008 Weaver OA 8 SQL injection
Weaver OA Bsh RCE vb_2021_0009 Weaver OA Bsh RCE
Citrix XenMobile Read FIle vb_2021_0010 Citrix XenMobile Read FIle
Weblogic RCE CVE-2020-14882 vb_2021_0011 Weblogic RCE CVE-2020-14882
Hanming Video Conferencing File Read vb_2021_0012 Hanming Video Conferencing File Read
Jinher OA Arbitrary File Read vb_2021_0013 Jinher OA Arbitrary File Read
LanProxy Server Read File vb_2021_0014 LanProxy Server Read File
YApi Remote Code Execute vb_2021_0015 YApi Remote Code Execute
SaltStack RCE CVE-2020-11651 vb_2021_0016 SaltStack RCE CVE-2020-11651
Coremail Server Information Leakage vb_2021_0017 Coremail Server Information Leakage
AonarQube Api Information Leakage vb_2021_0018 AonarQube Api Information Leakage
Alibaba Canal Accesskey Information Leakage vb_2021_0019 Alibaba Canal Accesskey Information Leakage
MessageSolution Email System Information Leakage vb_2021_0020 MessageSolution Email System Information Leakage
ICEFlow VPN Information Leakage vb_2021_0021 ICEFlow VPN Information Leakage
IceWarp WebClient Basic RCE vb_2021_0022 IceWarp WebClient Basic RCE
ShowDoc File Upload vb_2021_0023 ShowDoc File Upload
Duoke-Web-Server-SQLInjection vb_2021_0024 Duoke-Web-Server-SQLInjection
yonyou-UFIDA-NC-file-read vb_2021_0025 yonyou-UFIDA-NC-file-read
zhongqingnabo_information_leak vb_2021_0026 zhongqingnabo_information_leak
Apache Druid RCE vb_2021_0027 Apache Druid RCE
Apache Kylin Xielou ReadFile vb_2021_0028 Apache Kylin Xielou ReadFile
Apache Flink Read File vb_2021_0029 Apache Flink Read File
Apache Flink Rce vb_2021_0030 Apache Flink Rce
3C HG659 Lib An Arbitrary FileRead vb_2021_0031 3C HG659 Lib An Arbitrary FileRead
IceWarp WebClient Basic RCE vb_2021_0032 IceWarp WebClient Basic RCE
亿赛通命令执行漏洞 vb_2021_0033 亿赛通命令执行漏洞
Atlassian Jira Information disclosure vb_2021_0034 Atlassian Jira Information disclosure
LANLING OA file read vb_2021_0035 LANLING OA file read
CISCO Read-Only Path Traversal Vuln vb_2021_0036 CISCO Read-Only Path Traversal Vuln
Seeyon_Ajax_Getshell vb_2021_0037 Seeyon_Ajax_Getshell
待补充 vb_2021_0038 待补充
待补充 vb_2021_0039 待补充
待补充 vb_2021_0040 待补充
待补充 vb_2021_0041 待补充
zyxel_nbg2105_bypass_auth vb_2021_0042 zyxel_nbg2105_bypass_auth
HIKVISION_file_read vb_2021_0043 HIKVISION_file_read
CVE_2021_41773_poc_and_exploit vb_2021_0044 CVE_2021_41773_poc_and_exploit
CVE_2021_42013_poc_and_exploit vb_2021_0045 CVE_2021_42013_poc_and_exploit

特点

  1. 体积小
  1. 检测效果精准,可自己持续按照框架模版添加poc, 方便高效

poc编写说明相关文档

基于Osprey编写PoC,请参考 osprey编写规范和要求说明

后续会在本仓库长期更新最新的POC & EXP。:)

Owner
lUc1f3r11
trapped in the darkest nightmare...
lUc1f3r11
GitHub Repository
S2-062 (CVE-2021-31805) / S2-061 / S2-059 RCE

CVE-2021-31805 Remote code execution S2-062 (CVE-2021-31805) Due to Apache Struts2's incomplete fix for S2-061 (CVE-2020-17530), some tag attributes c

warin9 31 Nov 22, 2022
Open-source keylogger write in python

Python open-source keylogger Language Python open-source keylogger using pynput module Using Install dependences in archive setup.py or install.sh in

Dio brando 4 Jan 15, 2022
Reusable Lightweight Pythonic Dependency Injection Library

Vacuna Inject everything! Vacuna is a little library to provide dependency management for your python code. Install pip install vacuna Usage import va

Fernando Martínez González 16 Sep 15, 2021
Unicode fuzzer for various purposes

UnicodeToy Unicode fuzzer for various purposes Unicode based on version 14.0 features Generate the shortest xss domain payload Generate unicode str, u

33 Nov 27, 2022
Keystroke logging, often referred to as keylogging or keyboard capturing

Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware

Harsha G 2 Jan 11, 2022
The Easiest Way To Gallery Hacking

The easiest way to HACK A GALLARY, Get every part of your friends' gallery ( 100% Working ) | Tool By John Kener 🇱🇰

John Kener 34 Nov 30, 2022
IDA Frida Plugin for tracing something interesting.

IDAFrida A simple IDA plugin to generate FRIDA script. Edit template for functions or you can use the default template. Select functions you want to t

PandaOS 133 Dec 24, 2022
labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface

labsecurity labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface. Warning

Dylan Meca 16 Dec 08, 2022
Infection Monkey - An automated pentest tool

Infection Monkey Data center Security Testing Tool Welcome to the Infection Monkey! The Infection Monkey is an open source security tool for testing a

Guardicore Ltd. 6k Jan 09, 2023
This exploit allows to connect to the remote RemoteMouse 3.008 service to virtually press arbitrary keys and execute code on the machine.

RemoteMouse-3.008-Exploit The RemoteMouse application is a program for remotely controlling a computer from a phone or tablet. This exploit allows to

Podalirius 25 Dec 04, 2022
This is a keylogger in python for Windows, Mac and Linux!

Python-Keylogger This is a keylogger in python for Windows, Mac and Linux! #How to use it by downloading the zip file? Download the zip file first The

Zeus_Dxvxm 2 Nov 12, 2021
the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability

CVE-2021-22005-metasploit the metasploit script(POC/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability pr

Taroballz 25 Nov 15, 2022
Source code for "A Two-Stream AMR-enhanced Model for Document-level Event Argument Extraction" @ NAACL 2022

TSAR Source code for NAACL 2022 paper: A Two-Stream AMR-enhanced Model for Document-level Event Argument Extraction. 🔥 Introduction We focus on extra

21 Sep 24, 2022
Website OSINT untuk mencari informasi dari email dan nomor telepon. Dibuat dengan React dan Flask.

Inspektur Cari informasi mengenai email dan nomor telepon dengan mudah. Inspektur adalah aplikasi OSINT yang berguna untuk mencari informasi berdasark

Bagas Wastu 36 Dec 04, 2022
A GitHub action for organizations that enables advanced security code scanning on all new repos

Advanced-Security-Enforcer What this repository does This code is for an active GitHub Action written in Python to check (on a schedule) for new repos

Zack Koppert 30 May 17, 2022
Provides script to download and format public IP lists related to the Log4j exploit.

Provides script to download and format public IP lists related to the Log4j exploit. Current format includes: plain list, Cisco ASA Network Group.

Gianluca Ulivi 1 Jan 02, 2022
Malware-analysis-writeups - Some of my Malware Analysis writeups

About This repo contains some malware analysis writeups i've created over time m

Itay Migdal 14 Jun 22, 2022
Quickstart resources for the WiFi Nugget, a cat themed WiFi Security platform for beginners.

Quickstart resources for the WiFi Nugget, a cat themed WiFi Security platform for beginners.

HakCat 62 Jan 08, 2023
Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks.

Driver Buddy Reloaded Quickstart Table of Contents Installation Usage About Driver Buddy Reloaded Finding DispatchDeviceControl Labelling WDM & WDF St

Paolo 'VoidSec' Stagno 199 Jan 04, 2023
Log4j-Scanner with Bind-Receipt and custom hostnames

Hrafna - Log4j-Scanner for the masses Features Scanning-system designed to check your own infra for vulnerable log4j-installations start and stop scan

18 Jan 23, 2022