A tool combined with the advantages of masscan and nmap
一个简单的Nmap和Masscan联动脚本
前置需求:Linux系统,python3.8+,已安装masscan和nmap,引用库:rich,prettytable和lxml
参考文章:https://www.sohu.com/a/336991344_354899
代码思路:将ip和端口分为多组,通过异步实现多个masscan并发扫描,利用生产者-消费者模型,一旦masscan扫描到存活端口,就会联动nmap扫描端口服务。
config.ini是配置文件,默认Masscan并发数为3,单个masscan速率为800,ip每3个一组,端口每11000一组,Nmap并发限制量为10。如果觉得结果不准可以调低限制。
不是专业开发,代码质量不高,如有bug欢迎反馈。
GoAhead RCE Exploit Exploit for CVE-2017-17562 vulnerability, that allows RCE on GoAhead ( v3.6.5) if the CGI is enabled and a CGI program is dynamic
CVE-2021-40444 builders This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit. This repo is just for testing, re
A DOM-based G-Suite password sprayer and user enumerator
🚀🚀🚀Program helps you to detect the major framework or technology used in writing any android app. Just provide the apk 😇😇
CVE-2021-21389 BuddyPress 7.2.1 - REST API Privilege Escalation to RCE PoC (Full) Affected version: 5.0.0 to 7.2.0 User requirement: Subscriber user
dcpwn an impacket-dependent script exploiting CVE-2019-1040, with code partly borrowed from those security researchers that I'd like to say thanks to.
CVE-2022-22965 - vulnerable app and PoC Trial & error $ docker rm -f rce; docker build -t rce:latest . && docker run -d -p 8080:8080 --name rce rce:la
finitevolume2-python Finite Volume simulation of the Raleigh-Taylor Instability Create Your Own Finite Volume Fluid Simulation (With Python): Part 2 B
First run: Copy headers (with cookies) of POST license request from browser to headers.py like dictionary. pip install -r requirements.txt # if doesn'
Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947) 1.installation pip3 install -r requirements.txt 2.Usage $ python3 spring-cloud-gateway
Jumpserver-EXP JumpServer远程代码执行漏洞检测利用脚本
A medium security python password manager that encrypt passwords using Advanced Encryption Standard (AES) PassLock is a password manager and password
CVE-2021-29440 Unsafe Twig processing of static pages leading to RCE in Grav CMS 1.7.10 Grav is a file based Web-platform. Twig processing of static p
pyOpenSSL -- A Python wrapper around the OpenSSL library Note: The Python Cryptographic Authority strongly suggests the use of pyca/cryptography where
Python tools for davecats/channel A python package with tools to read and postprocess the output of the channel dns solver, as well as its associated
Some Attacks of Exchange SSRF This project is heavily replicated in ProxyShell, NtlmRelayToEWS https://mp.weixin.qq.com/s/GFcEKA48bPWsezNdVcrWag Get 1
PyFUD fully Undetectable payload generator for metasploit Usage: pyfud.py --host
noPac Exploiting CVE-2021-42278 and CVE-2021-42287 原项目noPac在实现上可能有点问题,导致在本地没有打通,于是参考sam-the-admin项目进行修改。 使用 pip3 install -r requirements.txt # GetShel
PyPasser is a Python library for bypassing reCaptchaV3 only by sending 2 requests. In 1st request, gets token of captcha and in 2nd request,
CVE-2021-21978 带回显版本的漏洞利用脚本,更简单的方式 0. 漏洞信息 VMware View Planner Web管理界面存在一个上传日志功能文件的入口,没有进行认证且写入的日志文件路径用户可控,通过覆盖上传日志功能文件log_upload_wsgi.py,即可实现RCE 漏洞代码
2 Dec 12, 2021
168 Nov 09, 2022
1 Apr 07, 2022
10 Dec 07, 2022
17 Nov 09, 2022
71 Nov 30, 2022
20 Aug 25, 2022
12 Sep 01, 2022
263 Jan 07, 2023
10 Sep 28, 2022
181 Dec 20, 2022
44 Nov 18, 2022
6 Oct 10, 2022
795 Dec 29, 2022
1 Dec 13, 2021
129 Dec 30, 2022
3 Mar 25, 2022
2 Jun 23, 2022
253 Jan 05, 2023
24 Nov 09, 2022