blazeinfosec / ssrf-ntlm
Proof of concept written in Python to show that in some situations a SSRF vulnerability can be used to steal NTLMv1/v2 hashes.
☆57Updated 6 years ago
Related projects: ⓘ
- A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs☆54Updated 7 years ago
- ☆51Updated this week
- All about CVE-2018-14667; From what it is to how to successfully exploit it.☆47Updated 5 years ago
- ☆34Updated 5 years ago
- CVE-2017-10271 WEBLOGIC RCE (TESTED)☆37Updated 6 years ago
- Python api for usage with cobalt strike's External C2 specification☆61Updated 5 years ago
- Learn how to get a reverse shell from JIRA application server☆24Updated 5 years ago
- PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM☆52Updated 6 years ago
- sploit☆67Updated 4 years ago
- XSS payloads for edge cases☆34Updated 5 years ago
- ☆26Updated this week
- Custom THP Dropper☆27Updated 6 years ago
- CORS checking☆35Updated 6 years ago
- ☆20Updated this week
- ☆70Updated this week
- A tool to analyse JMX API security level.☆43Updated 10 years ago
- ☆29Updated 6 years ago
- This is a filter bypass exploit that results in arbitrary file upload and remote code execution in class.upload.php <= 2.0.4☆36Updated 4 years ago
- Cobaltstrike Aggressor Scripts☆28Updated 7 years ago
- Use Waitfor.exe to maintain persistence☆55Updated 3 years ago
- Another plugin for CRLF vulnerability detection☆26Updated 7 years ago
- Metasploit msfvenom Bash Completions Generator☆40Updated 8 years ago
- ☆44Updated 4 years ago
- ☆63Updated 5 years ago
- ☆28Updated this week
- Splunk Dashboard for CobaltStrike logs☆83Updated 3 years ago
- Use powershell to test Office-based persistence methods☆76Updated 3 years ago
- A simple scanner to find and brute force tomcat manager logins☆28Updated 4 years ago
- Some talks about security☆13Updated 3 years ago
- Use to perform Microsoft exchange account brute-force.☆73Updated 3 years ago