RickGeex / ProxyLogon
ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin. We have also chained this bug with another post-auth arbitrary-file-write vulnerability, CVE-2021-27065, to get code execution.
☆31Updated 3 years ago
Alternatives and similar repositories for ProxyLogon:
Users that are interested in ProxyLogon are comparing it to the libraries listed below
- PickleC2 is a post-exploitation and lateral movements framework☆91Updated 3 years ago
- Proof-of-concept exploit for CVE-2021-26855 and CVE-2021-27065. Unauthenticated RCE in Exchange.☆45Updated 4 years ago
- CVE-2021-26855: PoC (Not a HoneyPoC for once!)☆27Updated 4 years ago
- Stealthy Stand Alone PHP Web Shell☆33Updated 5 years ago
- Writeup of CVE-2020-15906☆47Updated 4 years ago
- client-side prototype pullution vulnerability scanner☆46Updated 3 years ago
- DO NOT RUN THIS.☆47Updated 3 years ago
- NSE script to detect ProxyOracle☆14Updated 3 years ago
- Windows TCPIP Finger Command / C2 Channel and Bypassing Security Software☆66Updated last year
- Red Team tool for exfiltrating the target organization's Google People Directory that you have access to, via Google's API.☆60Updated 3 years ago
- In progress persistent download/upload/execution tool using Windows BITS.☆42Updated 3 years ago
- SMB Auto Relay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environme…☆47Updated 4 years ago
- PyQT5 app for LOLBAS and GTFOBins☆46Updated 2 years ago
- ☆70Updated 4 years ago
- ☆99Updated 4 years ago
- Execute Mimikatz with different technique☆51Updated 3 years ago
- Microsoft Exchange password spray tool with proxy support.☆40Updated 3 years ago
- CVE-2021-40444☆65Updated 3 years ago
- Passwordless RDP Session Hijacking☆66Updated 3 years ago
- DLL to open up calc.exe to demonstrate that you injected DLLs☆23Updated 4 years ago
- SMBGhost (CVE-2020-0796) and SMBleed (CVE-2020-1206) Scanner☆46Updated 4 years ago
- ☆38Updated 5 years ago
- Metasploit module for massive Denial of Service using #Bluekeep vector.☆25Updated 5 years ago
- ☆42Updated 2 years ago
- Remote Code Execution on Microsoft Exchange Server through fixed cryptographic keys☆20Updated 3 years ago
- Generate image payloads in JS to bypass filters☆39Updated 4 years ago
- Exploiting CVE-2021-44228 in vCenter for remote code execution and more.☆102Updated 3 years ago
- Vulnerable Windows 32bit executables for OSCP exam training☆19Updated 4 years ago
- "Powershell script assisting with domain enumerating and in finding quick wins" - Basically written while doing the 'Advanced Red Team' l…☆80Updated 3 years ago
- CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability☆30Updated 3 years ago