Esonhugh / ingressNightmare-CVE-2025-1974-expsView external linksLinks
IngressNightmare POC. world first non-blind remote execution exploitation with multi-advanced exploitation methods. allow on disk exploitation. CVE-2025-24514 - auth-url injection, CVE-2025-1097 - auth-tls-match-cn injection, CVE-2025-1098 – mirror UID injection -- all available.
☆92May 6, 2025Updated 9 months ago
Alternatives and similar repositories for ingressNightmare-CVE-2025-1974-exps
Users that are interested in ingressNightmare-CVE-2025-1974-exps are comparing it to the libraries listed below
Sorting:
- Powerful+Fast+Low Privilege Kubernetes discovery tools☆264Jul 29, 2025Updated 6 months ago
- ☆53Mar 25, 2025Updated 10 months ago
- Extract entire function source code based on giving line number using Javaparser☆20Jul 15, 2025Updated 7 months ago
- Kubernetes has its “ADCS” -- How To Backdoor a Kubernetes in silence and more persistent?☆40Nov 16, 2025Updated 3 months ago
- Let sliver use msf payload!☆25Mar 23, 2025Updated 10 months ago
- portreuse reuseport 端口复用☆61Aug 27, 2023Updated 2 years ago
- ☆79Nov 22, 2024Updated last year
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆62Feb 25, 2025Updated 11 months ago
- Open Source XSS exploitation tool. using http proxy to access the browser which executed js. [Engineering Experimental]☆36Nov 22, 2024Updated last year
- Some ReadObject Sink With JDBC☆243May 8, 2024Updated last year
- Proof of Concept for Authentication Bypass in JetBrains TeamCity Pre-2023.11.4☆36Mar 5, 2024Updated last year
- Post-exploit a compromised etcd, gain persistence and remote shell to nodes.☆91May 7, 2024Updated last year
- CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!☆106Nov 7, 2024Updated last year
- This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).☆248Mar 26, 2025Updated 10 months ago
- PolicyKit CVE-2021-3560 Exploit (Authentication Agent)☆117May 2, 2022Updated 3 years ago
- 《深入JDBC安全:特殊URL构造与不出网反序列化利用技术揭秘》对应研究总结项目 "Deep Dive into JDBC Security: Special URL Construction and Non-Networked Deserialization Explo…☆569Feb 7, 2026Updated last week
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆63Apr 2, 2025Updated 10 months ago
- Basic code for creating the Alibaba FastJson + Spring gadget chain, as used to exploit Apache Dubbo in CVE-2019-17564 - more information …☆16Dec 10, 2022Updated 3 years ago
- Exploits a flaw in Remote Desktop Plus by monitoring and decrypting temporary .rdp files in %localappdata%/Temp, revealing credentials us…☆17Jul 3, 2025Updated 7 months ago
- 多组件客户端☆74May 1, 2025Updated 9 months ago
- PortBender修改为exe版本☆29Jul 24, 2023Updated 2 years ago
- 一款基于James Forshaw的.NET Remoting反序列化工具升级��版在TypeFilterLevel.Low模式无文件payload任意代码执行poc的开发心得☆48Jan 23, 2025Updated last year
- Exploit for CVE-2024-0402 in Gitlab☆15Mar 18, 2025Updated 11 months ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆10Mar 18, 2019Updated 6 years ago
- 方便自己搭建codeql环境和数据库的工具。☆64Aug 16, 2025Updated 6 months ago
- ☆306Feb 27, 2025Updated 11 months ago
- 构造字节在ASCII范围内的jar☆139Feb 14, 2022Updated 4 years ago
- ☆242May 5, 2024Updated last year
- ☆36Mar 4, 2025Updated 11 months ago
- 一款专注于 Java 主流 Web 中间件的内存马快速生成工具,致力于简化安全研究人员和红队成员的工作流程,提升攻防效率☆1,338Feb 8, 2026Updated last week
- Weaponized VSCode Extensions☆15Dec 14, 2025Updated 2 months ago
- 不那么一样的 Java Agent 内存马☆289Nov 27, 2023Updated 2 years ago
- ysoserial.net docker image☆29Sep 23, 2024Updated last year
- ebpf WebShell/内核马,一种新型内核马/WebShell技术☆351Jan 8, 2024Updated 2 years ago
- command execute without 445 port☆57Feb 25, 2022Updated 3 years ago
- LC(List Cloud)是一个多云攻击面资产梳理工具☆633Oct 6, 2024Updated last year
- ☆95Nov 26, 2022Updated 3 years ago
- Tool for Active Directory Certificate Services enumeration and abuse☆164Apr 17, 2025Updated 10 months ago
- cloudflare socks5 server☆40Jul 18, 2025Updated 7 months ago