cyberxml / log4j-poc
A Docker based LDAP RCE exploit demo for CVE-2021-44228 Log4Shell
☆68Updated last year
Related projects: ⓘ
- Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)☆101Updated 2 years ago
- Upload files done during my research.☆128Updated 2 weeks ago
- Windows Kernel Exploits☆65Updated 7 years ago
- This could have been a bash one-liner but guess what. It's a small Go tool that lists the trending CVEs from cvetrends.com☆105Updated 2 years ago
- ☆111Updated 3 years ago
- Shell Simulation over Net-SNMP with extend functionality☆85Updated 3 years ago
- ☆35Updated last year
- Lookup for interesting stuff in SMB shares☆147Updated last year
- Proof on Concept Exploit for CVE-2021-38647 (OMIGOD)☆234Updated 3 years ago
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…☆136Updated last year
- Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)☆77Updated 2 years ago
- https://alvinsmith.gitbook.io/progressive-oscp/☆38Updated 10 months ago
- Becoming the spider, crawling through the webs to catch the fly.☆70Updated 3 years ago
- ☆41Updated 2 years ago
- Showcase of DNS Exfiltration and Infiltration☆40Updated 3 years ago
- Dumping LAPS from Python☆251Updated last year
- Peas create serialized payload for deserialization RCE attack on python driven applications where pickle ,pyYAML, ruamel.yaml or jsonpick…☆96Updated 9 months ago
- Run several volatility plugins at the same time☆107Updated last year
- ☆43Updated 3 months ago
- generate payloads that force authentication against an attacker machine☆85Updated last year
- Toolset for automating common management actions used in CTF's☆36Updated 3 years ago
- ☆121Updated last year
- Low and slow password spraying tool, designed to spray on an interval over a long period of time☆186Updated 2 months ago
- A simple NodeJS WebSocket WebApp vulnerable to blind SQL injection☆69Updated 3 years ago
- This project demonstrates SPF-bypass techniques utilised by phishers to abuse domains that haven't been secured by DMARC.☆41Updated last year
- This is a walkthrough about understanding the #BoF machine present in the #OSCP exam.☆63Updated 3 years ago
- An active directory laboratory for penetration testing.☆124Updated 3 years ago
- Traditional AD RedTeam Full Enumeration Script used to query all aspects of your target Forest.☆39Updated 3 months ago
- CVE-2022-21449 Proof of Concept demonstrating its usage with a client running on a vulnerable Java version and a malicious TLS server☆120Updated 2 years ago
- This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on th…☆39Updated 10 months ago