assetnote / exploits

Related projects ⓘ

Alternatives and complementary repositories for exploits

• c53elyas / CVE-2023-33733
  CVE-2023-33733 reportlab RCE
  ☆112Updated last year
• Hackmanit / template-injection-table
  The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.
  ☆63Updated 7 months ago
• Moopinger / smugglefuzz
  A rapid HTTP downgrade smuggling scanner written in Go.
  ☆246Updated 5 months ago
• pruzko / hakuin
  A blazing fast Blind SQL Injection optimization and automation framework.
  ☆117Updated 3 weeks ago
• codewhitesec / HttpRemotingObjRefLeak
  Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)
  ☆85Updated 7 months ago
• BKreisel / sqlmap-websocket-proxy
  Tool to enable blind sql injection attacks against websockets using sqlmap
  ☆56Updated last year
• h4x0r-dz / CVE-2024-3400
  CVE-2024-3400 Palo Alto OS Command Injection
  ☆149Updated 6 months ago
• h4x0r-dz / CVE-2024-21893.py
  CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure
  ☆91Updated 9 months ago
• carlosevieira / CVE-2022-40684
  PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)
  ☆87Updated 2 years ago
• jakabakos / CVE-2023-36664-Ghostscript-command-injection
  Ghostscript command injection vulnerability PoC (CVE-2023-36664)
  ☆115Updated last year
• BishopFox / CVE-2023-27997-check
  Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing
  ☆130Updated 6 months ago
• sfewer-r7 / CVE-2023-34362
  CVE-2023-34362: MOVEit Transfer Unauthenticated RCE
  ☆63Updated 7 months ago
• snyk / socketsleuth
  Burp Extension to add additional functionality for pentesting websocket based applications
  ☆83Updated 4 months ago
• PortSwigger / splitting-the-email-atom
  ☆65Updated last month
• synacktiv / laravel_cookie_killer
  ☆24Updated 2 years ago
• sinsinology / CVE-2023-34039
  VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)
  ☆95Updated last year
• Icare1337 / LibreOffice_Tips_Bug_Bounty
  Some tips for Bug Bounty using LibreOffice
  ☆32Updated 3 months ago
• puzzlepeaches / ffufw
  ☆134Updated 6 months ago
• 0xless / slip
  Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z, jar, war, apk and ipa …
  ☆88Updated 6 months ago
• ambionics / scalpel
  Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.
  ☆51Updated 5 months ago
• horizon3ai / CVE-2022-47966
  POC for CVE-2022-47966 affecting multiple ManageEngine products
  ☆124Updated last year
• BishopFox / CVE-2023-3519
  RCE exploit for CVE-2023-3519
  ☆220Updated last year
• TheHermione / CVE-2023-28231
  DHCP Server Remote Code Execution impact: 2008 R2 SP1 до Server 2019
  ☆69Updated last year
• Occamsec / CVE-2023-2825
  GitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the /etc/passwd file from a system running GitLab…
  ☆142Updated last year
• HuskyHacks / cve-2022-33891
  Apache Spark Shell Command Injection Vulnerability
  ☆87Updated 2 years ago
• roughiz / lfito_rce
  LFI to RCE via phpinfo() assistance or via controlled log file
  ☆59Updated last year
• usdAG / slipit
  Utility for creating ZipSlip archives
  ☆66Updated last year
• carlospolop / bf-aws-permissions
  ☆73Updated 3 months ago
• vchan-in / CVE-2023-35078-Exploit-POC
  CVE-2023-35078 Remote Unauthenticated API Access Vulnerability Exploit POC
  ☆116Updated last year
• trickest / find-gh-poc
  Find CVE PoCs on GitHub
  ☆137Updated last year