CVE-2021-40346-POC
CVE-2021-40346 integer overflow enables http smuggling
整数溢出导致的http请求走私
Build
git clone https://github.com/donky16/CVE-2021-40346-POC.git
cd CVE-2021-40346-POC
docker-compose build
docker-compose up -d
Exploit
CVE-2021-40346 integer overflow enables http smuggling
Overview
A honeypot for the Log4Shell vulnerability (CVE-2021-44228)
Log4Pot A honeypot for the Log4Shell vulnerability (CVE-2021-44228). License: GPLv3.0 Features Listen on various ports for Log4Shell exploitation. Det
79 Dec 27, 2022
A Python 3 script that uploads a tasks.pickle file that enables RCE in MotionEye
MotionEye/MotionEyeOS Authenticated RCE A Python 3 script that uploads a tasks.pickle file that enables RCE in MotionEye. You need administrator crede
1 Apr 18, 2022
Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)
VSSTrigger Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VS
6 Jul 24, 2022
Sonoff NSPanel protocol and hacking information. Tasmota Berry driver for NSPanel
NSPanel Hacking Sonoff NSPanel protocol and hacking information and Tasmota Berry driver. NSPanel protocol manual Tasmota driver nspanel.be Installati
98 Dec 26, 2022
POC for CVE-2022-1388
CVE-2022-1388 POC for CVE-2022-1388 affecting multiple F5 products. Follow the Horizon3.ai Attack Team on Twitter for the latest security research: Ho
231 Dec 07, 2022
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
DOME - A subdomain enumeration tool Check the Spanish Version Dome is a fast and reliable python script that makes active and/or passive scan to obtai
329 Jan 01, 2023
Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures
Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion to your preferred editor once it is configured.
39 Nov 28, 2022
the metasploit script(POC) about CVE-2021-36260
CVE-2021-36260-metasploit the metasploit script(POC) about CVE-2021-36260. A command injection vulnerability in the web server of some Hikvision produ
14 Nov 09, 2022
A small Python Script To get all levels of subdomains from a list
getlevels A small Python Script To get all levels of subdomains Easily get 1st level, 2nd level, 3rd level, 4th level .... nth level subdomains Usag
9 Feb 15, 2022
How to exploit a double free vulnerability in 2021. 'Use-After-Free for Dummies'
This bug doesn’t exist on x86: Exploiting an ARM-only race condition How to exploit a double free and get a shell. "Use-After-Free for dummies" In thi
1.2k Dec 25, 2022
DoSer.py - Simple DoSer in Python
DoSer.py - Simple DoSer in Python What is DoSer? DoSer is basically an HTTP Denial of Service attack that affects threaded servers. It works like this
8 Sep 02, 2022
Worm/Trojan/Ransomware/apt/Rootkit/Virus Database
Pestilence - The Malware Database [] Screenshot Pestilence is a project created to make the possibility of malware analysis open and available to the
47 Dec 21, 2022
TOOLS CRACK FACEBOOK
Installation $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/Mark-Zuck/zafi $ cd zafi $ pip2 instal
50 Dec 26, 2022
RCE Exploit for Gitlab < 13.9.4
GitLab-Wiki-RCE RCE Exploit for Gitlab 13.9.4 RCE via unsafe inline Kramdown options when rendering certain Wiki pages Allows any user with push acc
52 Nov 09, 2022
PassLock is a medium-security password manager that encrypts passwords using Advanced Encryption Standards (AES)
A medium security python password manager that encrypt passwords using Advanced Encryption Standard (AES) PassLock is a password manager and password
44 Nov 18, 2022
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE Analyze Usage ------------------------------------------------------------- [*] CVE-2021-220
224 Aug 05, 2022
It's a simple tool for test vulnerability shellshock
Shellshock, also known as Bashdoor, is a family of security bugs in the Unix Bash shell, the first of which was disclosed on 24 September 2014. Shellshock could enable an attacker to cause Bash to ex
88 Dec 23, 2022
This tool help you to check if your Windows machine has hidden miner.
Hidden Miner Detector This tool help you to check if your Windows machine has hidden miner. Miners track when you open antivirus software or task mana
2 Oct 05, 2022
Python tool for enumerating directories and for fuzzing
Python tool for enumerating directories and for fuzzing
5 Feb 21, 2022
Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.
Log4Shell RCE Exploit fully independent exploit does not require any 3rd party binaries. The exploit spraying the payload to all possible logged HTTP
258 Jan 02, 2023