CVE-2021-40346-POC
CVE-2021-40346 integer overflow enables http smuggling
整数溢出导致的http请求走私
Build
git clone https://github.com/donky16/CVE-2021-40346-POC.git
cd CVE-2021-40346-POC
docker-compose build
docker-compose up -d
Exploit
CVE-2021-40346 integer overflow enables http smuggling
Overview
A Python Scanner for log4j
log4j-Scanner scanner for log4j cat web-urls.txt | python3 log4j.py ID.burpcollaborator.net web-urls.txt http://127.0.0.1:8080 https://www.google.c
5 Jun 26, 2022
WinRemoteEnum is a module-based collection of operations achievable by a low-privileged domain user.
WinRemoteEnum WinRemoteEnum is a module-based collection of operations achievable by a low-privileged domain user, sharing the goal of remotely gather
9 Nov 09, 2022
A fast sub domain brute tool for pentesters
subDomainsBrute 1.4 A fast sub domain brute tool for pentesters. It works with P
2 Oct 18, 2022
OpenTOTP is yet another time-based, one-time passwords (OTPs) generator/verifier inspired by RFC 6238.
OpenTOTP is yet another time-based, one-time passwords (OTPs) generator/verifier inspired by RFC 6238. It generates and validates OTPs based
1 Nov 15, 2021
Backdoor is a term that refers to the access of the software or hardware of a computer system without being detected.
This program is an non-object oriented opensource, hidden and undetectable backdoor/reverse shell/RAT for Windows made in Python 3 which contains many features such as multi-client support and cross-
35 Apr 17, 2022
POC using subprocess lib in Python 🐍
POC subprocess ☞ POC using the subprocess library with Python. References: https://github.com/GuillaumeFalourd/poc-subprocess https://geekflare.com/le
2 Nov 28, 2022
This repository consists of the python scripts for execution and automation of vivid tasks.
Scripting.py is a repository being maintained to keep log of the python scripts that I create for automating and executing some of my boring manual task.
1 Feb 07, 2022
A local Socks5 server written in python, used for integrating Multi-hop
proxy-Zata proxy-Zata v1.0 This is a local Socks5 server written in python, used for integrating Multi-hop (Socks4/Socks5/HTTP) forward proxy then pro
4 Feb 24, 2022
pwncat module that automatically exploits CVE-2021-4034 (pwnkit)
pwncat_pwnkit Introduction The purpose of this module is to attempt to exploit CVE-2021-4034 (pwnkit) on a target when using pwncat. There is no need
33 Jul 01, 2022
Webpack自动化信息收集
Webpack-信息收集工具 郑重声明:文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用,任何人不得将其用于非法用途以及盈利等目的,否则后果自行承担。 0x01 介绍 作者:小洲 团队:横戈安全团队,未来一段时间将陆续开源工具,欢迎关注微信公众号: 定位:协助红队人员快速的信息收集,测绘目
214 Dec 19, 2022
PoC for CVE-2021-26855 -Just a checker-
CVE-2021-26855 PoC for CVE-2021-26855 -Just a checker- Usage python3 CVE-2021-26855.py -u https://mail.example.com -c example.burpcollaborator.net # C
17 Dec 22, 2022
Uma ferramenta de segurança da informação escrita em python3,capaz de dar acesso total ao computador de alguém!
shell-reverse Uma ferramenta de segurança da informação escrita em python3, capaz de dar acesso total ao computador de alguém! A cybersecurity tool wr
1 Nov 03, 2021
Log4j rce test environment and poc
log4jpwn log4j rce test environment See: https://www.lunasec.io/docs/blog/log4j-zero-day/ Experiments to trigger in various software products mentione
307 Dec 24, 2022
BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.
Follow us on Twitter! BoobSnail BoobSnail allows generating XLM (Excel 4.0) macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro gen
232 Nov 21, 2022
A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence of a file
A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence o
2 Nov 09, 2022
script that pulls cve collections from NVD.NIST.GOV.
# cvepull.py #script that pulls cve collections from NVD.NIST.GOV. #edit line 17 (timedelta) number to change the amount of days to search backwards
1 Dec 18, 2021
Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules
About: Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux an
861 Feb 18, 2021
Workshop Material on VM-based Deobfuscation
Analysis of Virtualization-based Obfuscation This repository contains slides, samples and code of the 4h code deobfuscation workshop at r2con2021. We
133 Dec 18, 2022
A great and handy python obfuscator for protecting code.
Python Code Obfuscator A handy and necessary tool that can protect your code anytime! Mostly Command Line tool that will obfuscate your code. Features
5 Nov 18, 2022
LaxrFar Python Obfuscator
LaxrFar Python Obfuscator Usage First do the things from "Upload to Webserver" o
5 Jul 19, 2022