assetnote / exploitsLinks
Repository to store exploits created by Assetnotes Security Research team
☆178Updated last year
Alternatives and similar repositories for exploits
Users that are interested in exploits are comparing it to the libraries listed below
Sorting:
- CVE-2023-33733 reportlab RCE☆117Updated last year
- Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing☆133Updated last year
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆89Updated last year
- ☆37Updated 2 years ago
- Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z and zip-like (jar, war,…☆103Updated last month
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆90Updated 7 months ago
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆63Updated last year
- ☆111Updated last year
- Tool to enable blind sql injection attacks against websockets using sqlmap☆62Updated last month
- CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure☆90Updated last year
- CVE-2023-38408 Remote Code Execution in OpenSSH's forwarded ssh-agent☆7Updated last year
- Microsoft SharePoint Server Elevation of Privilege Vulnerability☆231Updated last year
- ☆154Updated 11 months ago
- PoC for CVE-2022-26809, analisys and considerations are shown in the github.io.☆107Updated 3 years ago
- POC for CVE-2022-47966 affecting multiple ManageEngine products☆127Updated 2 years ago
- Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)☆77Updated last year
- DHCP Server Remote Code Execution impact: 2008 R2 SP1 до Server 2019☆69Updated 2 years ago
- Ghostscript command injection vulnerability PoC (CVE-2023-36664)☆128Updated last year
- A rapid HTTP downgrade smuggling scanner written in Go.☆295Updated last year
- Burp Extension to add additional functionality for pentesting websocket based applications☆95Updated last year
- ☆86Updated 2 months ago
- MOVEit CVE-2023-34362☆139Updated last year
- ☆27Updated 2 years ago
- Dockerized POC for CVE-2022-42889 Text4Shell☆76Updated 2 years ago
- CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disclosure Vulnerability☆141Updated 5 months ago
- PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)☆87Updated 2 years ago
- A GraphQL enumeration and extraction tool☆131Updated 2 years ago
- A better way of querying certificate transparency logs☆86Updated 2 months ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆87Updated last year
- Recurrent Neural Network SubDomain Discovery Tool☆95Updated 2 years ago