Inject everything!
Vacuna is a little library to provide dependency management for your python code.
pip install vacuna
import vacuna
container = vacuna.Container()
@container.dependency(name='app')
class App:
def run(self):
print('very important computation')
@container.dependency()
def main(app):
app.run()
if __name__ == '__main__':
container.run(main)
CVE-2021-26084 Confluence OGNL injection CVE-2021-26084 is an Object-Graph Navigation Language (OGNL) injection vulnerability in the Atlassian Conflue
A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence o
Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries. Using xrefs to commonly injected and format string'd files, it will scan binaries faster than Firmware Slap.
Sqli-Scanner is a python3 script written to scan websites for SQL injection vulnerabilities Features 1 Scan one website 2 Scan multiple websites Insta
logmap - Log4j2 jndi injection fuzz tool Used for fuzzing to test whether there are log4j2 jndi injection vulnerabilities in header/body/path Use http
Blind SQL Injection I wrote this script to solve PortSwigger Web Security Academy's particular Blind SQL injection with conditional responses lab. Bec
CVE-2021-26084 Description POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection V
This is an injection tool that can inject any xposed modules apk into the debug android app, the native code in the xposed module can also be injected.
CVE-2022-23046 PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL s
ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be used from Penetration Tester and Bug Bounty Hunters.
HexCopy IDA plugin for quickly copying disassembly as encoded hex bytes. This whole plugin just saves you two extra clicks... but if you are frequentl
PKUAutoElective 2021 Spring Version Update at Mar 7 15:28 (UTC+8): 修改了 get_supplement 的 API 参数,已经可以实现课程列表页面的正常跳转,请更新至最新 commit 版本 本项目基于 PKUAutoElectiv
SimplePasswordManager A simple way to store your passwords without requiring third party applications Simple To Use. Store Your Passwords For Each Web
Monty Hall Problem Simulation monty_hall_sim is a brute-force method of determining the optimal strategy for the Monty Hall Problem. Usage Set boolean
log4j-tools Quick links Click to find: Inclusions of log4j2 in compiled code Calls to log4j2 in compiled code Calls to log4j2 in source code Overview
BurpParamFlagger A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF
This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired
Lazarus Research This repository publishes analysis reports and analysis tools for Operation Dream Job and Operation JTrack for Lazarus. Tools Python
🟥 RapidScan v1.2 - The Multi-Tool Web Vulnerability Scanner RapidScan has been ported to Python3 i.e. v1.2. The Python2.7 codebase is available on v1
DepFine DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE Installation: You Can inst
This is an injection tool that can inject any xposed modules apk into the debug android app, the native code in the xposed module can also be injected.
S2-061 脚本皆根据vulhub的struts2-059/061漏洞测试环境来写的,不具普遍性,还望大佬多多指教 struts2-061-poc.py(可执行简单系统命令) 用法:python struts2-061-poc.py http://ip:port command 例子:python
MozDef: Documentation: https://mozdef.readthedocs.org/en/latest/ Give MozDef a Try in AWS: The following button will launch the Mozilla Enterprise Def
AF-ShellHunter AF-ShellHunter: Auto shell lookup AF-ShellHunter its a script designed to automate the search of WebShell's in AF Team How to pip3 ins
Denial Service Attack Denial Attacks by Various Methods IIIIIIIIIIIIIIIIIIII PPPPPPPPPPPPPPPPP VVVVVVVV VVVVVVVV I::
Hrafna - Log4j-Scanner for the masses Features Scanning-system designed to check your own infra for vulnerable log4j-installations start and stop scan
Dark-Fb No Login 100% safe TERMUX • pkg install python2 && git -y • pip2 install requests mechanize tqdm • git clone https://github.com/BOT-033/Sensei
DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.
Instagram-Brute-Force The purpose of this script is to brute-force guess the passwords to Instagram accounts. Specifics: Comes with 2 separate modes i
15 Sep 23, 2022
2 Nov 9, 2022
3 Nov 16, 2021
9 Dec 30, 2022
67 Oct 25, 2022
2 Oct 29, 2022
9 Aug 31, 2022
32 Nov 5, 2022
2 Feb 15, 2022
45 Dec 28, 2022
46 Oct 30, 2022
84 Sep 09, 2022
1 Dec 23, 2021
1 Aug 29, 2022
171 Dec 25, 2022
118 Nov 07, 2022
26 Dec 26, 2022
50 Sep 13, 2022
1.3k Dec 31, 2022
14 Nov 11, 2022
46 Oct 20, 2022
2.2k Jan 08, 2023
34 May 13, 2022
9 Nov 26, 2022
18 Jan 23, 2022
1 Dec 04, 2021
2 Feb 05, 2022
2 Nov 16, 2021