Occamsec / CVE-2023-2825View external linksLinks
GitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the /etc/passwd file from a system running GitLab 16.0.0.
☆140Jun 2, 2023Updated 2 years ago
Alternatives and similar repositories for CVE-2023-2825
Users that are interested in CVE-2023-2825 are comparing it to the libraries listed below
Sorting:
- This repository is to provide a write-up and PoC for CVE-2023-41717.☆12Aug 31, 2023Updated 2 years ago
- CNVD-2023-27598☆18Apr 20, 2023Updated 2 years ago
- ☆161Jun 18, 2023Updated 2 years ago
- VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)☆232Jun 13, 2023Updated 2 years ago
- VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)☆96Sep 1, 2023Updated 2 years ago
- RCE exploit for CVE-2023-3519☆229Aug 23, 2023Updated 2 years ago
- POC for CVE-2022-39952☆266Feb 25, 2023Updated 2 years ago
- ☆95Feb 9, 2023Updated 3 years ago
- Microsoft SharePoint Server Elevation of Privilege Vulnerability☆235Sep 26, 2023Updated 2 years ago
- Ask a TGS on behalf of another user without password☆481Mar 30, 2025Updated 10 months ago
- POC for RCE using vulnerabilities described in VMSA-2023-0001☆148Jan 31, 2023Updated 3 years ago
- Remote Code Execution on Microsoft Exchange Server through fixed cryptographic keys☆22Jun 6, 2021Updated 4 years ago
- Lateral Movement Using DCOM and DLL Hijacking☆326Jun 18, 2023Updated 2 years ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆272Sep 14, 2023Updated 2 years ago
- MOVEit CVE-2023-34362☆139Jun 26, 2023Updated 2 years ago
- CVE-2023-7028☆59Jan 12, 2024Updated 2 years ago
- A standalone DLL that exports databases in cleartext once injected in the KeePass process.☆302Mar 1, 2023Updated 2 years ago
- ☆347Mar 17, 2023Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request …☆283Aug 24, 2024Updated last year
- C# tool to identify and exploit weaknesses within MSSQL instances in Active Directory environments☆113Feb 13, 2022Updated 4 years ago
- Command and Control Framework written in C#☆427Jul 27, 2023Updated 2 years ago
- Exploit for CVE-2023-27532 against Veeam Backup & Replication☆115Mar 23, 2023Updated 2 years ago
- Ivanti EPM AgentPortal RCE Vulnerability☆20Sep 16, 2024Updated last year
- Golang reverse proxy with CobaltStrike malleable profile validation.☆109Jan 19, 2023Updated 3 years ago
- HVNC for Cobalt Strike☆1,297Dec 7, 2023Updated 2 years ago
- ☆415Nov 18, 2022Updated 3 years ago
- Write-up for another forgotten Windows vulnerability (0day): Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute…☆155Jun 18, 2023Updated 2 years ago
- Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stag…☆89Oct 8, 2023Updated 2 years ago
- ownCloud exploits for CVE-2023-49105☆36Dec 5, 2023Updated 2 years ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆738May 19, 2023Updated 2 years ago
- This is a pre-authenticated RCE exploit for VMware vRealize Operations Manager☆48Oct 3, 2023Updated 2 years ago
- One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html☆415Nov 10, 2024Updated last year
- Generate AES128/256 Kerberos keys for an AD account using a plaintext password and Python3☆81Jun 1, 2022Updated 3 years ago
- Tools for offensive security of NetBackup infrastructures☆43Jun 6, 2023Updated 2 years ago
- Exploit for CVE-2024-20767 - Adobe ColdFusion☆34Dec 19, 2024Updated last year
- ☆243Nov 21, 2024Updated last year
- Authentication Bypass in GoAnywhere MFT☆65Jan 23, 2024Updated 2 years ago
- ☆322Jan 13, 2023Updated 3 years ago