☞ POC using the subprocess library with Python.
References:
Never pass untrusted input to subprocess.run. As subprocess.run has the ability to execute arbitrary commands on your computer, malicious individuals can use it to manipulate your computer in unexpected ways.
☞ If you're interested in contributing to this repository, please follow the guidelines
☞ This repository uses the Apache License 2.0
This framework helps reverse engineer Flutter apps using patched version of Flutter library which is already compiled and ready for app repacking. There are changes made to snapshot deserialization p
Uchihash is a small utility that can save malware analysts the time of dealing with embedded hash values used for various things such as: Dyn
Filesystem log4j_scanner for windows and Unix. Scanning for CVE-2021-44228, CVE-2021-45046, CVE-2019-17571 Requires a minimum of Python 2.7. Can be ex
Grafana-Poc 此工具请勿用于违法用途。 一、使用方法:python3 grafana_hole.py 在domain.txt中填入ip:port 二、漏洞影响范围 影响版本: Grafana 8.0.0 - 8.3.0 安全版本: Grafana 8.3.1, 8.2.7, 8.1.8,
Installation $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/Mark-Zuck/zafi $ cd zafi $ pip2 instal
Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.
s3-leaks List of AWS S3 Leaks Feel free to send in a PR if you know of other leaks Date Description Notes Aug2020 S3 bucket mess up exposed 182GB of s
Automated tool to exploit basic buffer overflow (remotely or locally) & (x32 or x64)
dnspooq DNSpooq PoC - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685) For educational purposes only Requirements Docker compo
firmeye - IoT固件漏洞挖掘工具 firmeye 是一个 IDA 插件,基于敏感函数参数回溯来辅助漏洞挖掘。我们知道,在固件漏洞挖掘中,从敏感/危险函数出发,寻找其参数来源,是一种很有效的漏洞挖掘方法,但程序中调用敏感函数的地方非常多,人工分析耗时费力,通过该插件,可以帮助排除大部分的安全
Delta Sharing: An Open Protocol for Secure Data Sharing Delta Sharing is an open protocol for secure real-time exchange of large datasets, which enabl
Log4J-Scanner Something I built to test for Log4J vulnerabilities on customer networks. I'm not responsible if your computer blows up, catches fire or
cve-2022-23131 cve-2022-23131 zabbix-saml-bypass-exp replace [zbx_signed_session
CVE-2021-40444 builders This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit. This repo is just for testing, re
privateRoom Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin STEPS: Uploa
Js File Scanner This is Js File Scanner . Which are scan in js file and find juicy information Toke,Password Etc.
M.E.A.T. - Mobile Evidence Acquisition Toolkit Meet M.E.A.T! From Jack Farley - BlackStone Discovery This toolkit aims to help forensicators perform d
Sqli-Scanner is a python3 script written to scan websites for SQL injection vulnerabilities Features 1 Scan one website 2 Scan multiple websites Insta
cve-2021-21985 exploit 0x01 漏洞点 分析可见: https://attackerkb.com/topics/X85GKjaVER/cve-2021-21985?referrer=home#rapid7-analysis 0x02 exploit 对beans对象进行重新构
labsecurity labsecurity is a framework and its use is for ethical hacking and computer security. Warning This tool is only for educational purpose. If
910 Jan 01, 2023
48 Dec 19, 2022
4 Jan 09, 2022
8 Jan 03, 2023
50 Dec 26, 2022
9 Sep 27, 2022
291 Dec 28, 2022
5 Oct 09, 2022
80 Nov 28, 2022
171 Nov 28, 2022
497 Jan 02, 2023
1 Dec 20, 2021
135 Dec 14, 2022
168 Nov 09, 2022
3 Nov 08, 2022
122 Dec 12, 2022
1 Nov 11, 2021
9 Dec 30, 2022
105 Nov 22, 2022
16 Dec 08, 2022