John Hammond | September 4th, 2021
Checking searchsploit for Webmin 1.580 I only saw a Metasploit module for the /file/show.cgi Remote Code Execution attack on that legacy Webmin version.
This code is an attempt to recreate that in Python without using Metasploit.
CVE-2021-2982.py - this offers a one-shot capability to run a single commandA way to analyse how malware and/or goodware samples vary from each other using Shannon Entropy, Hausdorff Distance and Jaro-Winkler Distance
CWA Password Extractor Utility for Extracting all passwords from ConnectWise Automate (E.g. while migrating to a new system). Outputs a csv file with
CVE-2021-36260 CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validatio
🐍 malware_checker.py Detection tool of malware(s) by checksum (useful for forensic) 📦 Dependencies installation $ pip3 install -r requirements.txt
Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol
Instagram-Brute-Force The purpose of this script is to brute-force guess the passwords to Instagram accounts. Specifics: Comes with 2 separate modes i
CVE-2021-44228 Log4Shell Proof of Concept (CVE-2021-44228) Make sure to use Java 8 JDK. Java 8 Download Images Credits Casey Dunham - Java Reverse She
Jumpserver-EXP JumpServer远程代码执行漏洞检测利用脚本
Pro-Crack Facebook Fast Cracking Tool This is a multi-password cracking tool that can help you hack facebook accounts very quickly Installation On Te
Python open-source keylogger Language Python open-source keylogger using pynput module Using Install dependences in archive setup.py or install.sh in
cve-2021-21985 exploit 0x01 漏洞点 分析可见: https://attackerkb.com/topics/X85GKjaVER/cve-2021-21985?referrer=home#rapid7-analysis 0x02 exploit 对beans对象进行重新构
Yuyu Scanner Yuyu Scanner is a Web Reconnaissance & Web Analysis Scanner to find assets and information about targets. installation ! run as root
CVE-2022-23046 PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL s
Poiana Reverse shell over TOR network using hidden services Features - Create a hidden service - Generate non-staged payload (python/meterpreter_rev
MSF-EXPLOIT MSF-ANDRO is a Metasploit Multi Purpose Exploiting Toolkit For Termux . Only a Basic Script , Still in Development . FEATURES : Install Me
ClickJackPoc This tool will help you automate finding Clickjacking Vulnerability by just passing a file containing list of Targets . Once the Target i
Browser Creds this script will recover saved browsers logins into txt files. It currently only support windows 10. currently support : Chrome Opera Fi
Braised-vegetables 将hw时信息收集以及简单的漏洞扫描操作步骤简单化 使用subfinder(被动子域名爆破收集) subdomain(主动域名爆破) nabbu(端口扫描) httpx(探测目录浏览) crawlergo(360深度爬虫) chorme(谷歌浏览器) xray(漏
This project was developed using python 3 and Flask, it is an MVC system where the AES 128 CBC and Trivium algorithms can be tested through a communication between the computer and a device such as a
CVE-2021-33564 PoC Exploit script for CVE-2021-33564 (Argument Injection in Dragonfly Ruby Gem). Usage Arbitrary File Read python3 poc.py -u https://
11 Nov 15, 2022
1 Dec 09, 2021
165 Dec 21, 2022
1 Jan 30, 2022
1 Jan 13, 2022
2 Nov 16, 2021
3 Jul 23, 2022
181 Dec 20, 2022
5 Feb 19, 2022
4 Jan 15, 2022
105 Nov 22, 2022
20 Nov 24, 2022
2 Feb 15, 2022
80 Dec 21, 2022
22 Dec 29, 2022
24 Dec 19, 2022
41 Nov 09, 2022
19 Nov 15, 2022
1 Dec 26, 2021
12 Nov 09, 2022