PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github
Why does github remove this exploit because it is against the acceptable use policy - but tons of other proof of concept exploits and frameworks are OK?
Is it because Github is owned by Microsoft?
Censoring exploits is bad for security, even if an individual exploit sometimes can put companies at risk which should have already fixed their systems. And Github puts up a bad precedence.
Dumpulator-IDA Currently proof-of-concept This project is a small POC plugin for launching dumpulator emulation within IDA, passing it addresses from
Strong-password-Generator-from-existing-password-using-python In this program, I generate the strong password from existing password without class usi
This project was developed using python 3 and Flask, it is an MVC system where the AES 128 CBC and Trivium algorithms can be tested through a communication between the computer and a device such as a
Hactivity A Tool to find subdomains from Hackerone reports of a given company or a search term (xss, ssrf, etc). It can also print out URL and Title o
CVE-2021-3560 Polkit - Local Privilege Escalation Original discovery by kevin_backhouse from GitHub Security Lab References https://github.blog/2021-0
Keylogger this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows a
EP2520_ACME_Project Repository for a project of the course EP2520 Building Networked Systems Security in Royal Institute of Technology (KTH), Stockhol
OSINT Passive Discovery Amass - https://github.com/OWASP/Amass (Attack Surface M
Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol
Grafana-LFI-8.x Exploit grafana Pre-Auth LFI How to use python3
ProxyLogon Pre-Auth SSRF To Arbitrary File Write For Education and Research Usage: C:\python proxylogon.py mail.evil.corp
Simple OSINT script to find Instagram profiles by name and e-mail/phone
An OSINT tool that searches for devices directly connected to the internet (IoT) with a user specified query. It returns results for Webcams, Traffic
Fuzzing PDFs like its 1990s This is the fuzzer I made to fuzz Preview on macOS and iOS like 8years back when I just started fuzzing things. Some discl
Overview NS-Defacer is a auto html injecter, In other words It's a auto defacer
Log4JHunt An automated, reliable scanner for the Log4Shell CVE-2021-44228 vulnerability. Video demo: Usage Here the help usage: $ python3 log4jhunt.py
DepFine DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE Installation: You Can inst
Log4jScanner Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains. Disc
tinyman_exploit_finder There was a big tinyman exploit. You can read about it he
Pardus Lookout We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. The application i
9 Sep 21, 2022
4 Sep 24, 2021
1 Dec 26, 2021
15 Jul 24, 2022
1 Nov 12, 2021
1 Nov 04, 2021
1 Dec 11, 2021
5 May 18, 2022
1 Jan 13, 2022
2 Jul 25, 2022
108 Jan 07, 2023
48 Nov 20, 2022
14 Sep 30, 2022
10 Nov 19, 2022
39 Nov 21, 2022
14 Nov 11, 2022
35 Dec 12, 2022
9 Dec 27, 2022
19 Nov 18, 2022