Exploit grafana Pre-Auth LFI
python3 grafana-exploit.py http://site.com /etc/passwd
Or
python3 grafana-exploit.py http://site.com:8080 /etc/passwd
Interesting files
/etc/passwd
/etc/hosts
/var/lib/grafana/grafana.db
Implementation of an attack on a tropical algebra discrete logarithm based protocol This code implements the attack detailed in the paper: On the trop
OrbitalDump A simple multi-threaded distributed SSH brute-forcing tool written in Python. How it Works When the script is executed without the --proxi
A compact version of EDI-Vetter, which uses the TLS output to quickly vet transit signals. All your favorite hits in a simplified format.
Northwave Log4j CVE-2021-44228 checker Friday 10 December 2021 a new Proof-of-Concept 1 addressing a Remote code Execution (RCE) vulnerability in the
CLICK-Jack It is a automatic tool to find Clickjacking Vulnerability in various
plan I - Linux Fundamentals Les utilisateurs et les droits Installer des programmes avec apt-get Surveiller l'activité du système Exécuter des program
jndiRep - CVE-2021-44228 Basically a bad grep on even worse drugs. search for malicious strings decode payloads print results to stdout or file report
Vital What is Vital? Vital is malware primarily used to collect and extract information from the Discord desktop client. While it has other features (
Invisible Backdoor Detector is a little Python script that allows you to spot and remove Bidi characters that could lead to an invisible backdoor. If you don't know what that is you should check the
Instagram Bruter This program will brute force any Instagram account you send it its way given a list of proxies. NOTICE I'm no longer maintaining thi
OpenTOTP is yet another time-based, one-time passwords (OTPs) generator/verifier inspired by RFC 6238. It generates and validates OTPs based
OMIGOD Proof on Concept Exploit for CVE-2021-38647 (OMIGOD) For background information and context, read the our blog post detailing this vulnerabilit
This repository will contain python scripts for hackers and pentesters. stop being limited with availble tools. Build your own.
springcore-0day-en These are all my notes from the alleged confirmed! 0day dropped on 2022-03-29. This vulnerability is commonly referred to as "Sprin
An Obfuscation-Neglect Android Malware Scoring System Quark-Engine is also bundled with Kali Linux, BlackArch. A trust-worthy, practical tool that's r
DependConfusion-X Tool is written in Python3 which allows security researcher/bug bounty hunter to scan and monitor list of hosts for Dependency Confusion.
truffleHog Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accident
Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol
reapoc OpenSource Poc && Vulnerable-Target Storage Box. We are aming to collect different normalized poc and the vulerable target to verify it. Now re
log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script
3 Dec 30, 2021
408 Jan 03, 2023
2 Aug 03, 2022
125 Dec 09, 2022
4 Jan 10, 2022
148 Dec 22, 2022
2 Nov 24, 2022
59 Dec 01, 2022
28 Dec 29, 2022
1 Nov 15, 2021
1 Nov 15, 2021
231 Nov 12, 2022
24 Nov 29, 2022
105 Nov 26, 2022
1k Jan 04, 2023
4 Dec 21, 2021
10.1k Jan 09, 2023
1 Jan 13, 2022
560 Dec 23, 2022
187 Jan 03, 2023