absholi7ly / POC-CVE-2025-24813Links
his repository contains an automated Proof of Concept (PoC) script for exploiting **CVE-2025-24813**, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attacker to upload a malicious serialized payload to the server, leading to arbitrary code execution via deserialization when specific conditions are met.
☆152Updated 4 months ago
Alternatives and similar repositories for POC-CVE-2025-24813
Users that are interested in POC-CVE-2025-24813 are comparing it to the libraries listed below
Sorting:
- Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-3847…☆99Updated 10 months ago
- CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File☆319Updated 4 months ago
- POC for CVE-2024-36991: This exploit will attempt to read Splunk /etc/passwd file.☆126Updated last year
- Ghostscript command injection vulnerability PoC (CVE-2023-36664)☆128Updated last year
- CVE-2024-3400 Palo Alto OS Command Injection☆160Updated last year
- Unauthenticated Remote Code Execution – Bricks <= 1.9.6☆168Updated last year
- POC for CVE-2021-41091☆65Updated 2 years ago
- Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC☆154Updated last year
- ☆75Updated last month
- SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions…☆66Updated 9 months ago
- Session Hijacking Visual Exploitation☆201Updated last year
- CVE-2023-22515: Confluence Broken Access Control Exploit☆136Updated last year
- Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)☆132Updated 11 months ago
- GameOver(lay) Ubuntu Privilege Escalation☆128Updated last year
- CVE-2024-41570: Havoc C2 0.7 Teamserver SSRF exploit☆75Updated 10 months ago
- Bypass-Four03 is a powerful bash tool designed to help testers bypass HTTP 403 forbidden errors through various path and header manipulat…☆148Updated 2 months ago
- Microsoft SharePoint Server Elevation of Privilege Vulnerability☆233Updated last year
- ☆58Updated last year
- PowerShell Obfuscator☆181Updated last year
- Parse FFUF results in GUI with option to sort based by response code , size , keyword☆98Updated 10 months ago
- Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the int…☆136Updated 7 months ago
- CVE-2023-2255 Libre Office☆60Updated 2 years ago
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals…☆67Updated last year
- ☆100Updated last year
- CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure☆90Updated last year
- The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.☆91Updated 2 weeks ago
- CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support☆57Updated last year
- A fast, minimalistic scanner for time-based SQL injection (SQLi) detection – built in Go.☆129Updated 2 months ago
- Reverse shell that can bypass windows defender detection☆166Updated last year
- Helios: Automated XSS Testing☆154Updated last year