CVE-2021-40346-POC
CVE-2021-40346 integer overflow enables http smuggling
整数溢出导致的http请求走私
Build
git clone https://github.com/donky16/CVE-2021-40346-POC.git
cd CVE-2021-40346-POC
docker-compose build
docker-compose up -d
Exploit
CVE-2021-40346 integer overflow enables http smuggling
Overview
Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD).
What is Spray365? Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD). How is Spray3
246 Dec 28, 2022
A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms.
MacPer A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms. Not all of the exploits directly sp
20 Nov 30, 2022
Simple yara rule manager
Yara Manager A simple program to manage your yara ruleset in a (sqlite) database. Todos Search rules and descriptions Cluster rules in rulesets Enforc
65 Nov 17, 2022
CVE-2021-26855 SSRF Exchange Server
CVE-2021-26855 Brute Force EMail Exchange Server Timeline: Monday, March 8, 2021: Update Dumping content...(I'm not done, can u guy help me done this
117 Nov 28, 2022
CloudFlare reconnaissance, tries to uncover the IP behind CF.
CloudFlare reconnaissance, tries to uncover the IP behind CF.
8 Dec 03, 2021
A secure password generator written in python
gruvbox-factory 🏭 "The main focus when developing gruvbox is to keep colors easily distinguishable, contrast enough and still pleasant for the eyes"
430 Dec 27, 2022
Lightweight and beneficial Dependency Injection plugin for apscheduler
Implementation of dependency injection for apscheduler Prerequisites: apscheduler-di solves the problem since apscheduler doesn't support Dependency I
11 Dec 07, 2022
labsecurity is a framework and its use is for ethical hacking and computer security
labsecurity labsecurity is a framework and its use is for ethical hacking and computer security. Warning This tool is only for educational purpose. If
16 Dec 08, 2022
Detection tool of malware(s) by checksum (useful for forensic)
🐍 malware_checker.py Detection tool of malware(s) by checksum (useful for forensic) 📦 Dependencies installation $ pip3 install -r requirements.txt
1 Jan 30, 2022
Fast and customizable vulnerability scanner For JIRA written in Python
Fast and customizable vulnerability scanner For JIRA. 🤔 What is this? Jira-Lens 🔍 is a Python Based vulnerability Scanner for JIRA. Jira is a propri
185 Dec 25, 2022
Shell hunter for AF
AF-ShellHunter AF-ShellHunter: Auto shell lookup AF-ShellHunter its a script designed to automate the search of WebShell's in AF Team How to pip3 ins
34 May 13, 2022
CodeTest信息收集和漏洞利用工具
CodeTest信息收集和漏洞利用工具,可在进行渗透测试之时方便利用相关信息收集脚本进行信息的获取和验证工作,漏洞利用模块可选择需要测试的漏洞模块,或者选择所有模块测试,包含CVE-2020-14882, CVE-2020-2555等,可自己收集脚本后按照模板进行修改。
23 Mar 18, 2021
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading
log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script
187 Jan 03, 2023
A simple subdomain scanner in python
Subdomain-Scanner A simple subdomain scanner in python ✨ Features scans subdomains of a domain thats it! 💁♀️ How to use first download the scanner.p
2 Jan 07, 2022
Apache OFBiz rmi反序列化EXP(CVE-2021-26295)
Apache OFBiz rmi反序列化EXP(CVE-2021-26295) 目前仅支持nc弹shell 将ysoserial.jar放置在同目录下,py3运行,根据提示输入漏洞url,你的vps地址和端口 第二次使用建议删除exp.ot 本工具仅用于安全测试,禁止未授权非法攻击站点,否则后果自负
15 Nov 09, 2022
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
About Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-202
500 Jan 06, 2023
The ultimate Metasploit apk binder with legit apk written in python3
Infector is a python3 based script which is officially made for linux based distro . It binds metasploit payload with original apk with avast antivirus bypassed .
27 Dec 25, 2022
SSH Tool For OSINT and then Cracking.
sshmap SSH Tool For OSINT and then Cracking. Linux Systems Only Usage: Scanner Syntax: scanner start/stop/status - Sarts/stops/sho
5 Apr 04, 2022
Whois-Python - Get Whois Domain with Python GUI
Whois-Python-GUI Get Whois Domain with Python - GUI :) WARNING Dont Copy ! - W
3 Feb 21, 2022
A DOM-based G-Suite password sprayer and user enumerator
A DOM-based G-Suite password sprayer and user enumerator
1 Apr 07, 2022