RickGeex / ProxyLogonLinks
ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin. We have also chained this bug with another post-auth arbitrary-file-write vulnerability, CVE-2021-27065, to get code execution.
☆31Updated 4 years ago
Alternatives and similar repositories for ProxyLogon
Users that are interested in ProxyLogon are comparing it to the libraries listed below
Sorting:
- Proof-of-concept exploit for CVE-2021-26855 and CVE-2021-27065. Unauthenticated RCE in Exchange.☆51Updated 4 years ago
- DO NOT RUN THIS.☆47Updated 4 years ago
- CVE-2021-26855: PoC (Not a HoneyPoC for once!)☆27Updated 9 months ago
- "Powershell script assisting with domain enumerating and in finding quick wins" - Basically written while doing the 'Advanced Red Team' l…☆82Updated 4 years ago
- PyQT5 app for LOLBAS and GTFOBins☆45Updated 3 years ago
- Windows TCPIP Finger Command / C2 Channel and Bypassing Security Software☆68Updated 2 years ago
- Invoke-SocksProxy is a PowerShell script designed to create reverse proxies.☆49Updated 5 years ago
- Writeup of CVE-2020-15906☆49Updated 5 years ago
- SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing☆91Updated 5 years ago
- ☆100Updated 4 years ago
- PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github☆61Updated 4 years ago
- PickleC2 is a post-exploitation and lateral movements framework☆96Updated 4 years ago
- SMBGhost (CVE-2020-0796) and SMBleed (CVE-2020-1206) Scanner☆46Updated 5 years ago
- SonicWALL SSL-VPN Web Server Vulnerable Exploit☆48Updated 5 years ago
- NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473☆163Updated 4 years ago
- ☆54Updated 4 years ago
- Stealthy Stand Alone PHP Web Shell☆33Updated 6 years ago
- This script helps to identify CVE-2021-26855 ssrf Poc☆22Updated 4 years ago
- (kinda) Malicious Outlook Reader☆138Updated 4 years ago
- Multi platform toolkit for an interactive DNS shell commands exfiltration, by using DNS-Cat you will be able to execute system commands i…☆114Updated 3 years ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆77Updated 5 years ago
- Python port of MailSniper to exfiltrate emails via EWS endpoint☆88Updated 4 years ago
- Aggrokatz is an aggressor plugin extension for Cobalt Strike which enables pypykatz to interface with the beacons remotely and allows it …☆156Updated 4 years ago
- ☆79Updated 3 months ago
- Passwordless RDP Session Hijacking☆70Updated 4 years ago
- A web shell for pivoting and lateral movement☆33Updated 8 years ago
- Google Drive, OneDrive and Youtube as covert-channels - Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or…☆69Updated 4 years ago
- Phish password protected Excel-Files☆107Updated 2 years ago
- poc for CVE-2020-1337 (Windows Print Spooler Elevation of Privilege)☆171Updated 5 years ago
- ☆71Updated 4 years ago