Exploit grafana Pre-Auth LFI
python3 grafana-exploit.py http://site.com /etc/passwd
Or
python3 grafana-exploit.py http://site.com:8080 /etc/passwd
Interesting files
/etc/passwd
/etc/hosts
/var/lib/grafana/grafana.db
By-Emirhan KeyLogger Hangi Sistemlerde Çalışır? | On Which Systems Does It Work? KALİ LİNUX UBUNTU PARDUS MİNT TERMUX ARCH YÜKLEME & ÇALIŞTIRMA KOMUTL
Proxyshell-Scanner nuclei scanner for Proxyshell RCE (CVE-2021-34423,CVE-2021-34473,CVE-2021-31207) discovered by orange tsai in Pwn2Own, which affect
Discord-VC-Exploit Discord Region Swapping Exploit (VC Overload) aka VC Crasher How does this work? Discord has multiple servers that lets people arou
Gatekeeper Lite Backdoor Fully functioning bind-type backdoor This backdoor is a fully functioning bind shell and lite version of my full functioning
Fuzzercorn libfuzzer bindings for Unicorn. API // The main entry point of the fu
Jumpserver-EXP JumpServer远程代码执行漏洞检测利用脚本
CVE-2022-1388 CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE. POST /mgmt/tm/util/bash HTTP/1.1 Host: Accept-Encoding: gzip, deflate Accept: */
介绍 工具介绍 这是一款致力于将各类优秀脚本集合在一起调用、联动,最终可形成超级渗透脚本的工具。目的是扫描到更全的资产信息,发现更多的漏洞利用。但是这是通过牺牲扫描速度来提升扫描广度的。所以不太适合要进行紧急信息收集和漏洞利用的情况。
Dlint Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure. The most important thing I have done as a progra
Encrypted diary Sample program to store confidential data. Provides encryption in the form of AES-256 with bcrypt KDF. Does not provide authentication
CVE-2021-40870 Exploitation An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous ty
vulnerable-apis vulnerable APIs inspired by https://github.com/mattvaldes/vulnerable-api Setup Docker If, Out of the box docker pull kmmanoj/vulnerabl
A simple python script to dump remote files through a local file read or local file inclusion web vulnerability. Features Dump a single file w
kingkong 解密哥斯拉Godzilla-V2.96 webshell管理工具流量 目前只支持jsp类型的webshell流量解密 Usage 获取攻击者上传到服务器的webshell样本 获取wireshark之类的流量包,一般甲方有科来之类的全流量镜像设备,联系运维人员获取,这里以test.
This is a simple Port Flooder written in Python 3. Use this tool to quickly stress test your network devices and measure your router's or server's load.
SPV SecurePasswordVerification Its is python module for doing a secure password verification without sharing the password directly. Features The passw
little advanced subdomain scanner made in python, works very quick and has options to change the port u want it to connect for
cve-2022-23131 cve-2022-23131 zabbix-saml-bypass-exp replace [zbx_signed_session
pywb Remote Browsers This repository provides a simple configuration for deploying any pywb with remote browsers provided by OWT/Shepherd Remote Brows
RCE-0-day-for-GhostScript-9.50 PoC for RCE 0-day for GhostScript 9.50 - Payload generator The PoC in python generates payload when exploited for a 0-d
2 Feb 24, 2022
29 Dec 16, 2022
11 Sep 10, 2022
56 Mar 25, 2022
23 Nov 17, 2022
181 Dec 20, 2022
81 Dec 12, 2022
23 Jul 05, 2022
127 Dec 27, 2022
1 Dec 25, 2021
16 Nov 15, 2022
9 Jun 01, 2022
48 Dec 03, 2022
46 Dec 21, 2022
4 Feb 20, 2022
1 Feb 12, 2022
5 Nov 23, 2021
135 Dec 14, 2022
10 Jul 28, 2022
534 Dec 14, 2022