POC for CVE-2024-40348. Will attempt to read /etc/passwd from target
☆32Jul 21, 2024Updated last year
Alternatives and similar repositories for CVE-2024-40348
Users that are interested in CVE-2024-40348 are comparing it to the libraries listed below
Sorting:
- Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection☆13Nov 1, 2024Updated last year
- POC for CVE-2024-36991: This exploit will attempt to read Splunk /etc/passwd file.☆126Jul 12, 2024Updated last year
- GeoServer Remote Code Execution☆86Apr 6, 2025Updated 10 months ago
- Will attempt to retrieve DB details for FastAdmin instances☆69Aug 20, 2024Updated last year
- Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…☆28Jul 21, 2024Updated last year
- POC for CVE-2024-36401. This POC will attempt to establish a reverse shell from the vlun targets.☆35Jul 4, 2024Updated last year
- Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)☆49Oct 2, 2024Updated last year
- CVE-2024-34102: Unauthenticated Magento XXE☆14Jan 12, 2025Updated last year
- SubOwner - A Simple tool check for subdomain takeovers.☆116Oct 18, 2024Updated last year
- An Vulnerability detection and Exploitation tool for CVE-2024-24919☆25Jun 5, 2024Updated last year
- Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration☆12Jun 2, 2024Updated last year
- SubCortex is a fast and efficient tool for passive subdomain enumeration. It aggregates subdomain data from multiple APIs, helping penetr…☆16Jul 10, 2025Updated 7 months ago
- CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow☆26Jul 13, 2024Updated last year
- The tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.��☆61Aug 19, 2024Updated last year
- A simple bug bounty utility tool to remove uninteresting entries from a list of URLs.☆14Jul 22, 2024Updated last year
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- FWT is a security analysis and file monitoring tool that utilizes Sysmon events.☆28Jul 15, 2024Updated last year
- [CVE-2024-4956] Nexus Repository Manager 3 Unauthenticated Path Traversal Bulk Scanner☆17Sep 26, 2024Updated last year
- POC for CVE-2024-34102. A pre-authentication XML entity injection issue in Magento / Adobe Commerce.☆31Jun 29, 2024Updated last year
- Multi-target unauthenticated RCE scanner for CVE-2025-34085 affecting WordPress Simple File List plugin. Uploads, renames, and triggers P…☆33Jul 13, 2025Updated 7 months ago
- Community curated list of templates for the nuclei engine to find security vulnerabilities.☆80Nov 24, 2025Updated 3 months ago
- Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability remotely☆76Jul 31, 2024Updated last year
- JScripter is a Python script designed to scrape and save unique JavaScript files from a list of URLs or a single URL.☆29Nov 26, 2024Updated last year
- CVE-2024-24919 [Check Point Security Gateway Information Disclosure]☆32Jun 2, 2024Updated last year
- CVE-2024-28955 Exploitation PoC☆34Jul 1, 2024Updated last year
- This tool automates the process of running FFUF (Fuzz Faster U Fool) and post-processing its results to extract valid URLs. It supports b…☆36Nov 5, 2024Updated last year
- NetScan CLI is a command-line tool for retrieving and analyzing IP address information. It provides detailed subnet and organization data…☆62Sep 4, 2024Updated last year
- Updated Exploit - pfBlockerNG <= 2.1.4_26 Unauth RCE (CVE-2022-31814)☆23Jul 23, 2024Updated last year
- Continuous Reconnaissance and Vulnerability Scanning for Bug Bounties☆18Jun 6, 2024Updated last year
- ☆12Jul 4, 2024Updated last year
- ☆10Mar 11, 2024Updated last year
- Nafeed-Broken-Link: A Python tool designed to check for broken social media links on a given domain. This script crawls all accessible pa…☆66Aug 15, 2024Updated last year
- ☆26Jun 5, 2024Updated last year
- CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support☆60Jul 7, 2024Updated last year
- This Python script checks for the CVE-2024-6387 vulnerability in OpenSSH servers. It supports multiple IP addresses, URLs, CIDR ranges, a…☆98Jul 10, 2024Updated last year
- BountyDork is a comprehensive tool designed for penetration testers and cybersecurity researchers. It integrates various modules for perf…☆26Jun 25, 2024Updated last year
- Some oneliners with descriptions and Regex that I frequently use while doing bug hunting. More to come 🚀🚀☆22Dec 24, 2022Updated 3 years ago
- The tool helps in quickly identifying vulnerabilities by examining a comprehensive list of potential paths on a website, making it useful…☆11Mar 24, 2025Updated 11 months ago
- This repository is related to specialized books published by the THB team.☆20Aug 13, 2025Updated 6 months ago