Solr-SSRF
Apache Solr SSRF #Use
[-] Apache Solr SSRF漏洞 (CVE-2021-27905)
[-] Options:
-h or --help : 方法说明
-u or --url : 站点URL地址
-d or --dnslog : DnsLog
eg
python3 CVE-2021-27905.py -u URL -d dnslog
Apache Solr SSRF(CVE-2021-27905)
Overview
A Python Scanner for log4j
log4j-Scanner scanner for log4j cat web-urls.txt | python3 log4j.py ID.burpcollaborator.net web-urls.txt http://127.0.0.1:8080 https://www.google.c
5 Jun 26, 2022
Sonoff NSPanel protocol and hacking information. Tasmota Berry driver for NSPanel
NSPanel Hacking Sonoff NSPanel protocol and hacking information and Tasmota Berry driver. NSPanel protocol manual Tasmota driver nspanel.be Installati
98 Dec 26, 2022
Buff A simple BOF library I wrote under an hour to help me automate with BOF attack
What is Buff? A simple BOF library I wrote under an hour to help me automate with BOF attack. It comes with fuzzer and a generic method to generate ex
3 Nov 21, 2022
Privilege escalation with polkit - CVE-2021-3560
Polkit-exploit - CVE-2021-3560 Privilege escalation with polkit - CVE-2021-3560 Summary CVE-2021-3560 is an authentication bypass on polkit, which all
95 Dec 27, 2022
将hw时信息收集以及简单的漏洞操作步骤简单化
Braised-vegetables 将hw时信息收集以及简单的漏洞扫描操作步骤简单化 使用subfinder(被动子域名爆破收集) subdomain(主动域名爆破) nabbu(端口扫描) httpx(探测目录浏览) crawlergo(360深度爬虫) chorme(谷歌浏览器) xray(漏
19 Nov 15, 2022
Generate malicious files using recently published homoglyphic-attack (CVE-2021-42694)
CVE-2021-42694 Generate malicious files using recently published homoglyph-attack vulnerability, which was discovered at least in C, C++, C#, Go, Pyth
17 Dec 11, 2022
集成crawlergo、xray、dirsearch、nmap等工具的src漏洞挖掘工具,使用docker封装运行;
tools下有几个工具,所以项目文件比较大,如果下载总是中断的话建议拆开下载各个项目然后直接拷贝dockefile和recon.py即可 0x01 hscan介绍 hscan是什么 hscan是一款旨在使用一条命令替代渗透前的多条扫描命令,通过集成crawlergo扫描和xray扫描、dirsear
102 Jan 04, 2023
Script checks provided domains for log4j vulnerability
log4j Script checks provided domains for log4j vulnerability. A token is created with canarytokens.org and passed as header at request for a single do
2 Dec 12, 2021
A windows post exploitation tool that contains a lot of features for information gathering and more.
Crowbar - A windows post exploitation tool Status - ✔️ This project is now considered finished. Any updates from now on will most likely be new script
29 Nov 20, 2022
Finite Volume simulation of the Raleigh-Taylor Instability
finitevolume2-python Finite Volume simulation of the Raleigh-Taylor Instability Create Your Own Finite Volume Fluid Simulation (With Python): Part 2 B
12 Sep 01, 2022
An easy-to-use wrapper for NTFS-3G on macOS
ezNTFS ezNTFS is an easy-to-use wrapper for NTFS-3G on macOS. ezNTFS can be used as a menu bar app, or via the CLI in the terminal. Installation To us
34 Dec 01, 2022
Android Malware (Analysis | Scoring) System
An Obfuscation-Neglect Android Malware Scoring System Quark-Engine is also bundled with Kali Linux, BlackArch. A trust-worthy, practical tool that's r
1k Jan 04, 2023
BurpSuite Extension: Log4j RCE Scanner
BurpSuite Extension: Log4j RCE Scanner
1 Dec 16, 2021
AnonStress-Stored-XSS-Exploit - An exploit and demonstration on how to exploit a Stored XSS vulnerability in anonstress
AnonStress Stored XSS Exploit An exploit and demonstration on how to exploit a S
3 Jun 22, 2022
Lazarus analysis tools and research report
Lazarus Research This repository publishes analysis reports and analysis tools for Operation Dream Job and Operation JTrack for Lazarus. Tools Python
50 Sep 13, 2022
Osint-Tool - Information collection tool in python
Osint-Tool Herramienta para la recolección de información Pronto más opciones In
3 Apr 09, 2022
Visius Heimdall is a tool that checks for risks on your cloud infrastructure
Heimdall Cloud Checker 🇧🇷 About Visius is a Brazilian cybersecurity startup that follows the signs of the crimson thunder ;) 🎸 ! As we value open s
48 Jun 20, 2022
Cve-2022-23131 - Cve-2022-23131 zabbix-saml-bypass-exp
cve-2022-23131 cve-2022-23131 zabbix-saml-bypass-exp replace [zbx_signed_session
135 Dec 14, 2022
Confluence OGNL injection
CVE-2021-26084 Confluence OGNL injection CVE-2021-26084 is an Object-Graph Navigation Language (OGNL) injection vulnerability in the Atlassian Conflue
15 Sep 23, 2022
Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.
Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.
9 Sep 27, 2022