bigb0x/CVE-2024-40348 external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

bigb0x/CVE-2024-40348

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/bigb0x/CVE-2024-40348)

Close

bigb0x / CVE-2024-40348View on GitHubMore

• External links
• Readme badge

POC for CVE-2024-40348. Will attempt to read /etc/passwd from target

☆32Jul 21, 2024Updated last year

Alternatives and similar repositories for CVE-2024-40348

Users that are interested in CVE-2024-40348 are comparing it to the libraries listed below

• bigb0x / CVE-2024-7928

  View on GitHub
  Will attempt to retrieve DB details for FastAdmin instances
  ☆69Aug 20, 2024Updated last year
• 0xRahim / Argus

  View on GitHub
  Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection
  ☆14Nov 1, 2024Updated last year
• bigb0x / CVE-2024-36991

  View on GitHub
  POC for CVE-2024-36991: This exploit will attempt to read Splunk /etc/passwd file.
  ☆126Jul 12, 2024Updated last year
• bigb0x / CVE-2024-36401

  View on GitHub
  POC for CVE-2024-36401. This POC will attempt to establish a reverse shell from the vlun targets.
  ☆35Jul 4, 2024Updated last year
• Chocapikk / CVE-2024-36401

  View on GitHub
  GeoServer Remote Code Execution
  ☆86Apr 6, 2025Updated 11 months ago
• keywa7 / keywa7

  View on GitHub
  The tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.
  ☆61Aug 19, 2024Updated last year
• bigb0x / CVE-2024-34102

  View on GitHub
  POC for CVE-2024-34102. A pre-authentication XML entity injection issue in Magento / Adobe Commerce.
  ☆31Jun 29, 2024Updated last year
• ifconfig-me / subowner

  View on GitHub
  SubOwner - A Simple tool check for subdomain takeovers.
  ☆116Oct 18, 2024Updated last year
• rynosec / noshit

  View on GitHub
  A simple bug bounty utility tool to remove uninteresting entries from a list of URLs.
  ☆14Jul 22, 2024Updated last year
• mqst / gouge

  View on GitHub
  Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…
  ☆28Jul 21, 2024Updated last year
• EN5R / SubCortex

  View on GitHub
  SubCortex is a fast and efficient tool for passive subdomain enumeration. It aggregates subdomain data from multiple APIs, helping penetr…
  ☆16Jul 10, 2025Updated 8 months ago
• securelayer7 / CVE-2024-38856_Scanner

  View on GitHub
  Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)
  ☆49Oct 2, 2024Updated last year
• 0xSojalSec / scilla

  View on GitHub
  Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
  ☆12Jun 2, 2024Updated last year
• RevoltSecurities / CVE-2024-7339

  View on GitHub
  An Vulnerability detection and Exploitation tool for CVE-2024-7339
  ☆16Aug 10, 2024Updated last year
• iomoath / FileWatchTower

  View on GitHub
  FWT is a security analysis and file monitoring tool that utilizes Sysmon events.
  ☆28Jul 15, 2024Updated last year
• thisisveryfunny / CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26

  View on GitHub
  CVE-2024-25641 - RCE Automated Exploit - Cacti 1.2.26
  ☆10Aug 28, 2024Updated last year
• nullenc0de / netscan

  View on GitHub
  NetScan CLI is a command-line tool for retrieving and analyzing IP address information. It provides detailed subnet and organization data…
  ☆62Sep 4, 2024Updated last year
• nullenc0de / FFUF-Workflow-Tool

  View on GitHub
  This tool automates the process of running FFUF (Fuzz Faster U Fool) and post-processing its results to extract valid URLs. It supports b…
  ☆36Nov 5, 2024Updated last year
• th3gokul / CVE-2024-34102

  View on GitHub
  CVE-2024-34102: Unauthenticated Magento XXE
  ☆14Jan 12, 2025Updated last year
• ifconfig-me / JScripter

  View on GitHub
  JScripter is a Python script designed to scrape and save unique JavaScript files from a list of URLs or a single URL.
  ☆29Nov 26, 2024Updated last year
• dmcxblue / SharpHIBP

  View on GitHub
  A C# Tool to gather information about email breaches
  ☆16Dec 21, 2023Updated 2 years ago
• e1abrador / Burp-headerSnipper

  View on GitHub
  Burp extension used to snip any header from all the requests.
  ☆23Nov 12, 2023Updated 2 years ago
• chebuya / exploits

  View on GitHub
  Repo for all my exploits/PoCs
  ☆52May 6, 2025Updated 10 months ago
• Anof-cyber / AlphaScan

  View on GitHub
  A BurpSuite extension for vulnerability Scanning
  ☆29Feb 16, 2024Updated 2 years ago
• ElNiak / BountyDork

  View on GitHub
  BountyDork is a comprehensive tool designed for penetration testers and cybersecurity researchers. It integrates various modules for perf…
  ☆26Jun 25, 2024Updated last year
• ifconfig-me / CVE-2024-4956-Bulk-Scanner

  View on GitHub
  [CVE-2024-4956] Nexus Repository Manager 3 Unauthenticated Path Traversal Bulk Scanner
  ☆17Sep 26, 2024Updated last year
• RevoltSecurities / CVE-2024-24919

  View on GitHub
  An Vulnerability detection and Exploitation tool for CVE-2024-24919
  ☆25Jun 5, 2024Updated last year
• 0xPugal / monitor.sh

  View on GitHub
  Continuous Reconnaissance and Vulnerability Scanning for Bug Bounties
  ☆18Jun 6, 2024Updated last year
• Brut-Security / CVE-2024-4879

  View on GitHub
  CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow
  ☆26Jul 13, 2024Updated last year
• Stuub / CVE-2024-28995

  View on GitHub
  CVE-2024-28955 Exploitation PoC
  ☆34Jul 1, 2024Updated last year
• sinsinology / CVE-2024-5009

  View on GitHub
  Exploit for CVE-2024-5009
  ☆13Jul 8, 2024Updated last year
• Laburity / CVE-2022-31814

  View on GitHub
  Updated Exploit - pfBlockerNG <= 2.1.4_26 Unauth RCE (CVE-2022-31814)
  ☆23Jul 23, 2024Updated last year
• CyberSecurityN00b / shellfeck

  View on GitHub
  A BrainF*ck Inspired Shell Obfuscation Proof-of-Concept
  ☆16Mar 11, 2024Updated 2 years ago
• H4cker-Nafeed / Nafeed-Broken-Link

  View on GitHub
  Nafeed-Broken-Link: A Python tool designed to check for broken social media links on a given domain. This script crawls all accessible pa…
  ☆66Aug 15, 2024Updated last year
• scs-labrat / android_autorooter

  View on GitHub
  Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability remotely
  ☆77Jul 31, 2024Updated last year
• Offensive-Panda / .NET_PROFILER_DLL_LOADING

  View on GitHub
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆46Jul 29, 2024Updated last year
• 0xKayala / Custom-Nuclei-Templates

  View on GitHub
  Community curated list of templates for the nuclei engine to find security vulnerabilities.
  ☆82Nov 24, 2025Updated 3 months ago
• mmiszczyk / CVE-2024-33352

  View on GitHub
  BlueStacks privilege escalation through VM backdooring
  ☆21Jul 16, 2024Updated last year
• mbadanoiu / CVE-2024-37081

  View on GitHub
  CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server
  ☆10Jul 6, 2024Updated last year