KraudSecurity / Exploits

Related projects: ⓘ

• sinsinology / CVE-2023-34039
  VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)
  ☆95Updated last year
• ExAndroidDev / impacket
  Impacket is a collection of Python classes for working with network protocols.
  ☆39Updated 2 years ago
• jbaines-r7 / badblood
  SonicWall SMA-100 Unauth RCE Exploit (CVE-2021-20038)
  ☆91Updated 2 years ago
• rwincey / CVE-2021-44228-Log4j-Payloads
  ☆55Updated this week
• kljunowsky / CVE-2022-41040-POC
  CVE-2022-41040 - Server Side Request Forgery (SSRF) in Microsoft Exchange Server
  ☆88Updated last year
• kahla-sec / CVE-2021-27850_POC
  A Proof of concept for CVE-2021-27850 affecting Apache Tapestry and leading to unauthencticated remote code execution.
  ☆5Updated last year
• Throns1956 / watchguard_cve-2022-26318
  ☆34Updated this week
• sourceincite / hekate
  ☆45Updated 2 years ago
• synacktiv / CVE-2021-40539
  Exploitation code for CVE-2021-40539
  ☆46Updated 2 years ago
• 0xf4n9x / CVE-2022-1388
  CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE
  ☆85Updated 2 years ago
• STMCyber / RmiTaste
  RmiTaste allows security professionals to detect, enumerate, interact and exploit RMI services by calling remote methods with gadgets fro…
  ☆106Updated 3 years ago
• vnhacker1337 / CVE-2022-27925-PoC
  Zimbra RCE simple poc
  ☆63Updated 2 years ago
• antx-code / CVE-2022-22536
  SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536.
  ☆50Updated 2 years ago
• puzzlepeaches / Log4jCenter
  Exploiting CVE-2021-44228 in vCenter for remote code execution and more.
  ☆100Updated 2 years ago
• n00py / DCSync
  DCSync Attack from Outside using Impacket
  ☆109Updated 2 years ago
• p0dalirius / CVE-2022-21907-http.sys
  Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers
  ☆79Updated 6 months ago
• p0dalirius / CVE-2022-36446-Webmin-Software-Package-Updates-RCE
  A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997.
  ☆110Updated 2 years ago
• icyguider / DumpNParse
  A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.
  ☆145Updated 2 years ago
• usdAG / slipit
  Utility for creating ZipSlip archives
  ☆66Updated last year
• horizon3ai / CVE-2022-22972
  ☆154Updated 2 years ago
• LudovicPatho / CVE-2022-26923_AD-Certificate-Services
  The vulnerability allowed a low-privileged user to escalate privileges to domain administrator in a default Active Directory environment …
  ☆42Updated 2 years ago
• s1ckb017 / PoC-CVE-2022-26809
  PoC for CVE-2022-26809, analisys and considerations are shown in the github.io.
  ☆107Updated 2 years ago
• Udyz / proxyshell-auto
  Automatic ProxyShell Exploit
  ☆114Updated 3 years ago
• Shadow0ps / CVE-2021-21974
  POC for CVE-2021-21974 VMWare ESXi RCE Exploit
  ☆173Updated 3 years ago
• cube0x0 / impacket
  Impacket is a collection of Python classes for working with network protocols.
  ☆40Updated 3 years ago
• t3hbb / NSGenCS
  Extendable payload obfuscation and delivery framework
  ☆140Updated last year
• hosch3n / ProxyVulns
  [ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains.…
  ☆173Updated last year
• BishopFox / CVE-2021-35211
  ☆35Updated 2 years ago
• xpn / ntlmquic
  POC tools for exploring SMB over QUIC protocol
  ☆119Updated 2 years ago
• horizon3ai / backup_dc_registry
  A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY
  ☆74Updated 2 years ago