H4rk3nz0 / Exploits
A selection of rebuilt and from scratch exploits, scripts and ideas that can be used in red-teaming scenarios.
☆6Updated 9 months ago
Related projects ⓘ
Alternatives and complementary repositories for Exploits
- Lexmark CVE-2023-26067☆22Updated last year
- CVE-2022-41040 nuclei template☆18Updated 2 years ago
- cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text ver…☆37Updated 2 years ago
- ☆24Updated 5 months ago
- Simple Python script to sort nuclei scans by severity and URL☆29Updated last year
- tool that generates bypasses for open redirects☆48Updated 2 years ago
- Case for CVE-2022-30778☆23Updated 2 years ago
- Automating Juicy Potato Local Privilege Escalation CMD exploit for penetration testers.☆36Updated last year
- CVE-2023-20198 & 0Day Implant Scanner☆31Updated last year
- A security assessment tool for Hitachi Vantara's Pentaho Business Analytics platform.☆14Updated 3 years ago
- The purpose of this repo is to share my research☆14Updated 11 months ago
- Exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager☆15Updated last year
- Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.☆54Updated 10 months ago
- Proof of conept to exploit vulnerable proxycommand configurations on ssh clients☆18Updated 11 months ago
- Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")☆59Updated 11 months ago
- A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.☆79Updated 11 months ago
- A Burp extension to show the Collaborator client in a tab☆23Updated last year
- Apache Spark Command Injection PoC Exploit for CVE-2022-33891☆22Updated 2 years ago
- ☆32Updated 2 years ago
- A fingerprint generation helper for nuclei network templates☆72Updated 2 years ago
- A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-sam…☆17Updated last year
- Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.☆17Updated 3 weeks ago
- Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077☆31Updated 2 years ago
- This repository serves as a curated resource for OffSec's OSEP (PEN-300) certification preparation, containing useful links, materials, a…☆13Updated last week
- Copy as XMLHttpRequest BurpSuite extension☆30Updated 3 years ago
- Just learning around new stuff mostly Red Teaming and such but will try to see if I can update or simplify them more, nothing too exotic …☆36Updated 2 years ago
- Fortinet FortiClient EMS SQL Injection☆43Updated 8 months ago
- A testing Red Team Infrastructure created with Docker☆32Updated 2 years ago
- Tomcat backdoor based on CS blog☆27Updated last year
- Python script to exploit CVE-2022-22954 and then exploit CVE-2022-22960☆2Updated 2 years ago