This is a repository filled with scripts that were made with Python, and designed to exploit computer systems.

Related tags

Security related resourcesPYTHON-EXPLOITATION
Overview

PYTHON-EXPLOITATION

This is a repository filled with scripts that were made with Python, and designed to exploit computer systems.

Networking

tcp_clinet.py

The tcp_clinet.py script is used to push data to a server in the event that you are not able to use the typical networking tools. In the script we:

  • Create a socket object (line 8): the AF_INET parameter indicates we will use a standard IPv4 address or hostname, and SOCK_STREAM indicates that this will be a TCP client.
  • Connect to the client server (line 11): note that, since we are using a TCP client, we must first connect to our server (via the TCP handshake) to send data to it.
  • Send the server some data in bytes (line 14)
  • Recieve data back from the server and print out the response (line 17)

    Note that this script makes numerous assumptions about the server we are engaging with:

  • It assumes that our connection will always succeed as it does not have a fallback function in the event that the server rejects our connection.
  • It assumes that the server expects us to send data first. Sometimes, the server will want to send us data first - this is especially true if the server is being guarded by a firewall of some kind.
  • The script assumes that the server will always return data to us in a timely fashion.

    The assumptions are made for simplicity's sake. All things considered, sometimes less is more.

    udp_client.py

    Our udp_client.py script is much different from our tcp script, only that it it configured to send data via the user datagram protocol (but that much was obvious):

    • We change the socket type to SOCK_DGRAM to indicate that we will be using sending data via the UDP (line 6).
    • Also, notice that there is no connect() method beforehand, since we do not need to connect to a server beforehand using UDP. This is because UDP is a connectionaless protocol.
    • The last step is to call the recvfrom() method to receive UDP data back. This returns both the data and the details of the remote host and port (line 9).

    tcp_server.py

    The tcp_server.py is just that, a multi-threaded python TCP server that we can use in the event we want to write a command shell or craft a proxy.

    • Firstly, we pass in the IP address and port we want the server to listen on (line 9).
    • Next, we tell the server to simply start listening with a max backlog of connections set to 5 (line 10). Now ther server waits for a connection.
    • Once the clinet connects, we get the client socket in the client variable and the remote connection details in teh address variable.
    • We tehn start the thread to handle the client connection (line 17).
    • The handle_client function performs rec() and then sens a simple message back to the client.
    • Owner
    Nathan Galindo
    Hi, my name is Nathan Galindo and I am a cybersecurity student at Baylor University!
    Nathan Galindo
    GitHub Repository
    ๐Ÿ˜ญ WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.

    ๐Ÿ˜ญ WSOB (CVE-2022-29464) ๐Ÿ˜ญ WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. CVE-2022-29464 details:

    0p 25 Oct 14, 2022
    Apk Framework Detector

    ๐Ÿš€๐Ÿš€๐Ÿš€Program helps you to detect the major framework or technology used in writing any android app. Just provide the apk ๐Ÿ˜‡๐Ÿ˜‡

    Daniel Agyapong 10 Dec 07, 2022
    This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data.

    Scrambler App This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data. It leverages encryption tools such as

    Mystic 2 Aug 31, 2022
    Python bindings to LibreSSL library

    LibreSSL bindings for Python using CFFI Python3 bindings to LibreSSL using CFFI. It aims to provide interface to the most important bits of LibreSSL o

    Alexander Kiselyov 1 Aug 02, 2022
    Nmap scanner with python

    Nmap_scanner Usage: sudo python3 nmap_ping.py -i Network List.txt -o Output Folder Location Program can Run Ping Scan Run Port Scan Run Nmap Vuln

    Arshaad Mohiadeen 3 Apr 13, 2022
    This is a simple PoC for the newly found Polkit error names PwnKit

    A Python3 and a BASH PoC for CVE-2021-4034 by Kim Schulz

    Kim Schulz 16 Sep 06, 2022
    Hack computer in the form of RAR files from all types of clients, even Linux

    Program Features ๐Ÿ“Œ Hide malware ๐Ÿ“Œ Vulnerability software vulnerabilities RAR ๐Ÿ“Œ Creating malware ๐Ÿ“Œ Access client files ๐Ÿ“Œ Client Hacking ๐Ÿ“Œ Link Do

    hack4lx 5 Nov 25, 2022
    zip-brute Zip File Password Cracking with Using Password List

    Zip brute is a python script that cracks zip that are password protected using a wordlist dictionary.

    AnonyminHack5 13 Nov 03, 2022
    Scans for Log4j versions effected by CVE-2021-44228

    check_mkExtension to check for log4j2 CVE-2021-44228 This Plugin wraps around logpresso/CVE-2021-44228-Scanner (Apache License 2.0) How it works Run i

    inett GmbH 4 Jun 30, 2022
    Android Malware Behavior Deleter

    Android Malware Behavior Deleter UDcide UDcide is a tool that provides alternative way to deal with Android malware. We help you to detect and remove

    27 Sep 23, 2022
    Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3

    Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3, It Fuzzes All URLs of target website & then scan them for EAR

    Pushpender Singh 9 Dec 12, 2022
    This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

    MurMurHash This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform. What is MurMurHash? Murm

    Viral Maniar 87 Dec 31, 2022
    A small utility to deal with malware embedded hashes.

    Uchihash is a small utility that can save malware analysts the time of dealing with embedded hash values used for various things such as: Dyn

    Abdallah Elshinbary 48 Dec 19, 2022
    A Python & JavaScript Obfuscator made in Python 3.

    Python Code Obfuscator A script that converts code into full on random numerical expressions. Simple Scripts: Python Mode... Input: Function that deco

    Karim 3 Mar 24, 2022
    Osint-Tool - Information collection tool in python

    Osint-Tool Herramienta para la recolecciรณn de informaciรณn Pronto mรกs opciones In

    3 Apr 09, 2022
    Phoenix Framework is an environment for writing, testing and using exploit code.

    Phoenix-Framework Phoenix Framework is an environment for writing, testing and using exploit code. ๐Ÿ–ผ Screenshots ๐ŸŽช Community PwnWiki Forums ๐Ÿ”‘ Licen

    Felix 42 Aug 09, 2022
    Tor Relay availability checker, for using it as a bridge in countries with censorship

    Tor Relay Availability Checker This small script downloads all Tor Relay IP addresses from onionoo.torproject.org and checks whether random Relays are

    ValdikSS 161 Dec 30, 2022
    Tool to decrypt iOS apps using r2frida

    r2flutch Yet another tool to decrypt iOS apps using r2frida. Requirements It requires to install Frida on the Jailbroken iOS device: Jailbroken device

    Murphy 146 Jan 03, 2023
    Simplify getting and using cookies from the browser to use in Python.

    CookieCache Simplify getting and using cookies from the browser to use in Python. NOTE: All the logic to interface with the browsers is done by the Br

    pat_h/to/file 2 May 06, 2022
    A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities

    master_librarian A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities. To install requirements: $ sudo pyth

    CoolerVoid 167 Dec 19, 2022