TaroballzChen / CVE-2022-41040-metasploit-ProxyNotShellView external linksLinks
the metasploit script(POC) about CVE-2022-41040. Microsoft Exchange are vulnerable to a server-side request forgery (SSRF) attack. An authenticated attacker can use the vulnerability to elevate privileges.
☆34Oct 20, 2022Updated 3 years ago
Alternatives and similar repositories for CVE-2022-41040-metasploit-ProxyNotShell
Users that are interested in CVE-2022-41040-metasploit-ProxyNotShell are comparing it to the libraries listed below
Sorting:
- Exploit POC code for CVE-2022-31898, a command injection for GL-iNet routers with firmware below 3.215☆17Nov 17, 2022Updated 3 years ago
- PoC for the CVE-2022-41080 , CVE-2022-41082 and CVE-2022-41076 Vulnerabilities Affecting Microsoft Exchange Servers☆95Jan 10, 2023Updated 3 years ago
- A wrapper of ldap_shell.py module which in ntlmrelayx☆62Sep 22, 2022Updated 3 years ago
- CVE-2022-37042 Zimbra Auth Bypass leads to RCE☆30Dec 9, 2022Updated 3 years ago
- CVE-2022-39197 RCE POC☆13Oct 22, 2022Updated 3 years ago
- ☆95Feb 9, 2023Updated 3 years ago
- 支持常见webshell流量一键解密(完美兼容php)、AES专项解密(内置50wKey爆破)、各类单项解密(Base64、Rot13、strRev、Chr等)、自定义Js解密 Support common websh…☆29Mar 23, 2024Updated last year
- CVE-2022-31705 (Geekpwn 2022 Vmware EHCI OOB) POC☆119Jan 9, 2023Updated 3 years ago
- POC for CVE-2022-47966 affecting multiple ManageEngine products☆128Jan 19, 2023Updated 3 years ago
- Apahce-Superset身份认证绕过漏洞(CVE-2023-27524)检测工具☆11Aug 3, 2023Updated 2 years ago
- Finds Domain Controller on a network, enumerates users, AS-REP Roasting and hash cracking, bruteforces password, dumps AD users, DRSUAPI,…☆18Sep 23, 2023Updated 2 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- ☆30Mar 21, 2023Updated 2 years ago
- CVE-2022-41040 - Server Side Request Forgery (SSRF) in Microsoft Exchange Server☆91Jan 21, 2023Updated 3 years ago
- CVE-2025-55182 React Server Components Remote Code Execution Exploit Tool☆42Dec 5, 2025Updated 2 months ago
- ☆14Dec 22, 2020Updated 5 years ago
- ☆13Mar 22, 2021Updated 4 years ago
- A PoC executing shellcode in Dart☆17Jun 28, 2022Updated 3 years ago
- An authentication bypass using an alternate path or channel in Fortinet product☆14Oct 27, 2022Updated 3 years ago
- BCEL编解码工具☆16Aug 3, 2022Updated 3 years ago
- Creating a Bind Shell in C☆18Aug 21, 2023Updated 2 years ago
- ☆19Oct 2, 2022Updated 3 years ago
- Exchange ProxyRelay POC☆37Oct 20, 2022Updated 3 years ago
- POC for RCE using vulnerabilities described in VMSA-2023-0001☆148Jan 31, 2023Updated 3 years ago
- Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆20Jul 8, 2022Updated 3 years ago
- 向TSRC投稿的文章,对应的pdf,代码和思维导图☆21Sep 18, 2020Updated 5 years ago
- 一款可以批量验证邮箱有效性和批量枚举邮箱的工具,适用于寻找有效邮箱。☆17Jan 11, 2023Updated 3 years ago
- 透明代理切换脚本,仅支持 Linux☆52Oct 9, 2021Updated 4 years ago
- Cobalt Strike RCE CVE-2022-39197☆17Sep 25, 2022Updated 3 years ago
- Python3 script to quickly get various information from a domain controller through his LDAP service.☆14Jan 4, 2022Updated 4 years ago
- 攻击WIFI的常用方式☆18Nov 29, 2021Updated 4 years ago
- MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload☆13Feb 8, 2020Updated 6 years ago
- 根据攻防以及域信息收集经验dump快而有用的域信息☆103Aug 15, 2023Updated 2 years ago
- Web Server that serves a single file and keeps the connection open until user releases it.☆73Nov 27, 2013Updated 12 years ago
- Webmin <=1.984, CVE-2022-0824 Post-Auth Reverse Shell PoC☆111Mar 6, 2022Updated 3 years ago
- Nmapurls parses Nmap xml reports from either piped input or command line arg and outputs a list of http(s) URL's to be used in an automat…☆43Jun 15, 2025Updated 8 months ago
- Hosting PowerShell in Python☆42Jun 17, 2022Updated 3 years ago
- ☆241Feb 26, 2023Updated 2 years ago
- 1☆14Aug 17, 2022Updated 3 years ago