# cvepull.py #script that pulls cve collections from NVD.NIST.GOV. #edit line 17 (timedelta) number to change the amount of days to search backwards from current date. #edit line 24 (keywords) to add different keywords for your request to the API. # #Output will have the following relevant info: # final_ds.append({"CVE_data_meta": cve_data_meta_id, # "description": description, # "impact": cvssV3, # "publishedDate": pub_date, # "lastModifiedDate": last_mod_date # # # Happy Searching # # Developers: David Johnson, Aaron Perkins
script that pulls cve collections from NVD.NIST.GOV.
Overview
Um keylogger que se disfarça de um app que tira print da tela.
Keylogger_ Um keylogger que se disfarça de um app que tira print da tela. Este programa captura o print da tela e salva ,normalmente, na pasta Picture
IDAPatternSearch adds a capability of finding functions according to bit-patterns into the well-known IDA Pro disassembler based on Ghidra’s function patterns format.
IDA Pattern Search by Argus Cyber Security Ltd. The IDA Pattern Search plugin adds a capability of finding functions according to bit-patterns into th
Send CVE information to the specified mailbox (from Github)
Send CVE information to the specified mailbox (from Github)
Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries
Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries. Using xrefs to commonly injected and format string'd files, it will scan binaries faster than F
Experimental musig2 python code, not for production use!
musig2-py Experimental musig2 python code, not for production use! This is just for testing things out. All public keys are encoded as 32 bytes, assum
Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
Polkit - Local Privilege Escalation (CVE-2021-3560)
CVE-2021-3560 Polkit - Local Privilege Escalation Original discovery by kevin_backhouse from GitHub Security Lab References https://github.blog/2021-0
A knockoff social-engineer toolkit
The Python SE Dopp Kit is a social engineering toolkit with many purposes. It contains 5 different modules designed to be of assistance in different s
宝塔面板Windows版提权方法
宝塔面板Windows提权方法 本项目整理一些宝塔特性,可以在无漏洞的情况下利用这些特性来增加提权的机会。
GitLab CE/EE Preauth RCE using ExifTool
CVE-2021-22205 GitLab CE/EE Preauth RCE using ExifTool This project is for learning only, if someone's rights have been violated, please contact me to
带回显版本的漏洞利用脚本
CVE-2021-21978 带回显版本的漏洞利用脚本,更简单的方式 0. 漏洞信息 VMware View Planner Web管理界面存在一个上传日志功能文件的入口,没有进行认证且写入的日志文件路径用户可控,通过覆盖上传日志功能文件log_upload_wsgi.py,即可实现RCE 漏洞代码
Cobalt Strike < 4.4 dos CVE-2021-36798
CVE-2021-36798 CVE-2021-36798 Cobalt Strike 4.3 dos 用法 python3 CVE-2021-36798.py BeaconURL 打瘫Cobalt Strike 只需要一个包 已测试 4.3 4.2 参考: https://labs.sent
LittleBrother is a simple parental control application monitoring specific processes on Linux hosts to monitor and limit the play time of children.
Parental Control Application LittleBrother Overview LittleBrother is a simple parental control application monitoring specific processes (read "games"
A Python wrapper around the OpenSSL library
pyOpenSSL -- A Python wrapper around the OpenSSL library Note: The Python Cryptographic Authority strongly suggests the use of pyca/cryptography where
Sample exploits for Zephyr CVE-2021-3625
CVE-2021-3625 This repository contains a few example exploits for CVE-2021-3625. All Zephyr-based usb devices up to (and including) version 2.5.0 suff
Visibility and Mitigation for Log4J vulnerabilities
Visibility and Mitigation for Log4J vulnerabilities Several scripts for the visibility and mitigation of Log4J vulnerabilities. Static Scanner - Linux
Instagram brute force tool that uses tor as its proxy connections
Insta-crack This is a instagram brute force tool that uses tor as its proxy connections, keep in mind that you should not do anything illegal with thi
Multi-Process Vulnerability Tool
Multi-Process Vulnerability Tool
A Burp Pro extension that adds log4shell checks to Burp Scanner
scan4log4shell A Burp Pro extension that adds log4shell checks to Burp Scanner, written by Daniel Crowley of IBM X-Force Red. Installation To install
client attack remotely , this script was written for educational purposes only
client attack remotely , this script was written for educational purposes only, do not use against to any victim, which you do not have permission for it