GitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the /etc/passwd file from a system running GitLab 16.0.0.
☆140Jun 2, 2023Updated 2 years ago
Alternatives and similar repositories for CVE-2023-2825
Users that are interested in CVE-2023-2825 are comparing it to the libraries listed below
Sorting:
- This repository is to provide a write-up and PoC for CVE-2023-41717.☆12Aug 31, 2023Updated 2 years ago
- CNVD-2023-27598☆18Apr 20, 2023Updated 2 years ago
- ☆162Jun 18, 2023Updated 2 years ago
- VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)☆231Jun 13, 2023Updated 2 years ago
- VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)☆96Sep 1, 2023Updated 2 years ago
- RCE exploit for CVE-2023-3519☆228Aug 23, 2023Updated 2 years ago
- POC for CVE-2022-39952☆266Feb 25, 2023Updated 3 years ago
- ☆95Feb 9, 2023Updated 3 years ago
- Microsoft SharePoint Server Elevation of Privilege Vulnerability☆235Sep 26, 2023Updated 2 years ago
- Ask a TGS on behalf of another user without password☆482Mar 30, 2025Updated 11 months ago
- POC for RCE using vulnerabilities described in VMSA-2023-0001☆148Jan 31, 2023Updated 3 years ago
- Remote Code Execution on Microsoft Exchange Server through fixed cryptographic keys☆22Jun 6, 2021Updated 4 years ago
- Lateral Movement Using DCOM and DLL Hijacking☆325Jun 18, 2023Updated 2 years ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆271Sep 14, 2023Updated 2 years ago
- MOVEit CVE-2023-34362☆140Jun 26, 2023Updated 2 years ago
- CVE-2023-7028☆58Jan 12, 2024Updated 2 years ago
- A standalone DLL that exports databases in cleartext once injected in the KeePass process.☆300Mar 1, 2023Updated 3 years ago
- ☆347Mar 17, 2023Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request …☆284Aug 24, 2024Updated last year
- C# tool to identify and exploit weaknesses within MSSQL instances in Active Directory environments☆113Feb 13, 2022Updated 4 years ago
- Command and Control Framework written in C#☆428Jul 27, 2023Updated 2 years ago
- Exploit for CVE-2023-27532 against Veeam Backup & Replication☆115Mar 23, 2023Updated 2 years ago
- Ivanti EPM AgentPortal RCE Vulnerability☆20Sep 16, 2024Updated last year
- Golang reverse proxy with CobaltStrike malleable profile validation.☆109Jan 19, 2023Updated 3 years ago
- HVNC for Cobalt Strike☆1,301Dec 7, 2023Updated 2 years ago
- ☆414Nov 18, 2022Updated 3 years ago
- Write-up for another forgotten Windows vulnerability (0day): Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute…☆155Jun 18, 2023Updated 2 years ago
- Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stag…☆90Oct 8, 2023Updated 2 years ago
- ownCloud exploits for CVE-2023-49105☆37Dec 5, 2023Updated 2 years ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆738May 19, 2023Updated 2 years ago
- This is a pre-authenticated RCE exploit for VMware vRealize Operations Manager☆48Oct 3, 2023Updated 2 years ago
- One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html☆415Nov 10, 2024Updated last year
- Generate AES128/256 Kerberos keys for an AD account using a plaintext password and Python3☆81Jun 1, 2022Updated 3 years ago
- Exploit for CVE-2024-20767 - Adobe ColdFusion☆34Dec 19, 2024Updated last year
- Tools for offensive security of NetBackup infrastructures☆43Jun 6, 2023Updated 2 years ago
- ☆242Nov 21, 2024Updated last year
- Authentication Bypass in GoAnywhere MFT☆65Jan 23, 2024Updated 2 years ago
- ☆323Jan 13, 2023Updated 3 years ago