RedSection / Red-Team-Challenge-Questions

Related projects: ⓘ

• kahla-sec / CVE-2021-27850_POC
  A Proof of concept for CVE-2021-27850 affecting Apache Tapestry and leading to unauthencticated remote code execution.
  ☆5Updated last year
• knqyf263 / CVE-2021-40346
  CVE-2021-40346 PoC (HAProxy HTTP Smuggling)
  ☆38Updated 3 years ago
• koparmalbaris / MySQL-UDF-Exploitation
  MySQL User Defined Functions Exploitation to RCE or PrivEsc Simple Cheat Sheet.
  ☆14Updated 2 years ago
• PortSwigger / reissue-request-scripter
  ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
  ☆29Updated 2 years ago
• rwincey / CVE-2021-44228-Log4j-Payloads
  ☆55Updated this week
• ExAndroidDev / impacket
  Impacket is a collection of Python classes for working with network protocols.
  ☆39Updated 2 years ago
• STMCyber / RmiTaste
  RmiTaste allows security professionals to detect, enumerate, interact and exploit RMI services by calling remote methods with gadgets fro…
  ☆106Updated 3 years ago
• pprietosanchez / CVE-2020-14750
  PoC para las vulnerabilidades CVE-2020-14750 y cve-2020-14882
  ☆46Updated 3 years ago
• Udyz / Proxylogon
  ProxyLogon Pre-Auth SSRF To Arbitrary File Write
  ☆123Updated 10 months ago
• IdealDreamLast / CVE-2020-9484
  用Kali 2.0复现Apache Tomcat Session反序列化代码执行漏洞
  ☆52Updated 4 years ago
• jas502n / CVE-2020-8193
  Citrix ADC Vulns
  ☆85Updated 4 years ago
• spaceraccoon / spring-boot-actuator-h2-rce
  Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database
  ☆103Updated 4 years ago
• HoangKien1020 / CVE-2021-23132
  com_media allowed paths that are not intended for image uploads to RCE
  ☆71Updated 3 years ago
• Udyz / Automatic-Proxylogon-Exploit
  ☆88Updated this week
• AssassinUKG / CVE-2021-22204
  ☆27Updated 2 years ago
• kljunowsky / CVE-2022-41040-POC
  CVE-2022-41040 - Server Side Request Forgery (SSRF) in Microsoft Exchange Server
  ☆88Updated last year
• sourceincite / CVE-2021-24085
  ☆69Updated 3 years ago
• numanturle / CVE-2022-1388
  K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388
  ☆53Updated 2 years ago
• aqhmal / CVE-2020-5902-Scanner
  Automated script for F5 BIG-IP scanner (CVE-2020-5902) using hosts retrieved from Shodan API.
  ☆55Updated last year
• Al1ex / CVE-2021-22986
  CVE-2021-22986 & F5 BIG-IP RCE
  ☆88Updated 3 years ago
• RedSection / jspanda
  client-side prototype pullution vulnerability scanner
  ☆46Updated 3 years ago
• alt3kx / CVE-2021-26084_PoC
  ☆54Updated 3 years ago
• MrLion7 / Lmap
  A tool combined with the advantages of masscan and nmap
  ☆59Updated 2 years ago
• Throns1956 / watchguard_cve-2022-26318
  ☆34Updated this week
• B1anda0 / CVE-2020-17519
  Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)
  ☆47Updated 3 years ago
• horizon3ai / CVE-2022-22972
  ☆154Updated 2 years ago
• Al1ex / CVE-2020-17530
  S2-061 CVE-2020-17530
  ☆29Updated 3 years ago
• Cobalt-Strike / beacon_health_check
  This aggressor script uses a beacon's note field to indicate the health status of a beacon.
  ☆138Updated 2 years ago
• PetrusViet / CVE-2021-39115
  Template Injection in Email Templates leads to code execution on Jira Service Management Server
  ☆48Updated 3 years ago
• bhdresh / CVE-2021-33766
  ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit
  ☆47Updated 2 years ago