Inject everything!
Vacuna is a little library to provide dependency management for your python code.
pip install vacuna
import vacuna
container = vacuna.Container()
@container.dependency(name='app')
class App:
def run(self):
print('very important computation')
@container.dependency()
def main(app):
app.run()
if __name__ == '__main__':
container.run(main)
CVE-2021-26084 Confluence OGNL injection CVE-2021-26084 is an Object-Graph Navigation Language (OGNL) injection vulnerability in the Atlassian Conflue
A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence o
Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries. Using xrefs to commonly injected and format string'd files, it will scan binaries faster than Firmware Slap.
Sqli-Scanner is a python3 script written to scan websites for SQL injection vulnerabilities Features 1 Scan one website 2 Scan multiple websites Insta
logmap - Log4j2 jndi injection fuzz tool Used for fuzzing to test whether there are log4j2 jndi injection vulnerabilities in header/body/path Use http
Blind SQL Injection I wrote this script to solve PortSwigger Web Security Academy's particular Blind SQL injection with conditional responses lab. Bec
CVE-2021-26084 Description POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection V
This is an injection tool that can inject any xposed modules apk into the debug android app, the native code in the xposed module can also be injected.
CVE-2022-23046 PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL s
Webpack-信息收集工具 郑重声明:文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用,任何人不得将其用于非法用途以及盈利等目的,否则后果自行承担。 0x01 介绍 作者:小洲 团队:横戈安全团队,未来一段时间将陆续开源工具,欢迎关注微信公众号: 定位:协助红队人员快速的信息收集,测绘目
RITA (Real Intelligence Threat Analytics) in Jupyter Notebook RITA is an open source framework for network traffic analysis sponsored by Active Counte
py4jshell Simulating Log4j Remote Code Execution (RCE) CVE-2021-44228 vulnerability in a flask web server using python's logging library with custom f
PokeBot Deck Builder Brute-forcing (or not!) deck builder for Pokemon Trading Card Game. Warning: intensely not optimized and spaghetti coded Credits
EliBruter A brute Force tool for Facebook Installing this tool -- $ pkg upgrade && update $ pkg install python $ pkg install python3 $ pkg install gi
A compact version of EDI-Vetter, which uses the TLS output to quickly vet transit signals. All your favorite hits in a simplified format.
Discord-VC-Exploit Discord Region Swapping Exploit (VC Overload) aka VC Crasher How does this work? Discord has multiple servers that lets people arou
SQL Blind Injection Tool A script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwi
About: Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux an
CVE-2020-14756 WebLogic T3/IIOP RCE ExternalizableHelper.class of coherence.jar README project base on https://github.com/Y4er/CVE-2020-2555 and weblo
log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more
Port_Scanner Complet and easy to run Port Scanner with Python Installation 1- git clone https://github.com/s120000/Port_Scanner 2- cd Port_Scanner 3-
Let's Take The Bridge Pattern To The Next Level This video covers how the bridge
tinyman_exploit_finder There was a big tinyman exploit. You can read about it he
DeadDNS Multi-threaded DNS hijacking via dead records automation tool How it works 1) Dig provided subdomains file for dead DNS records. 2) Dig the fo
Python open-source keylogger Language Python open-source keylogger using pynput module Using Install dependences in archive setup.py or install.sh in
ChromePE [Linux/Windows] Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, download
evil-stalker How to run First of all, you must install the necessary libraries.
log4jpwn log4j rce test environment See: https://www.lunasec.io/docs/blog/log4j-zero-day/ Experiments to trigger in various software products mentione
GoAhead RCE Exploit Exploit for CVE-2017-17562 vulnerability, that allows RCE on GoAhead ( v3.6.5) if the CGI is enabled and a CGI program is dynamic
15 Sep 23, 2022
2 Nov 9, 2022
3 Nov 16, 2021
9 Dec 30, 2022
67 Oct 25, 2022
2 Oct 29, 2022
9 Aug 31, 2022
32 Nov 5, 2022
2 Feb 15, 2022
214 Dec 19, 2022
157 Nov 24, 2022
86 Aug 21, 2022
0 Jan 10, 2022
3 Mar 29, 2022
2 Aug 03, 2022
11 Sep 10, 2022
51 Dec 15, 2022
861 Feb 18, 2021
77 Dec 06, 2022
4 Aug 08, 2022
1 May 19, 2022
11 Jun 14, 2022
9 Dec 27, 2022
45 Dec 20, 2022
4 Jan 15, 2022
3 Oct 05, 2022
6 Nov 16, 2022
307 Dec 24, 2022
2 Dec 12, 2021