gh-ost00 / CVE-2024-28987-POC
Web Help Desk Hardcoded Credential Vulnerability (CVE-2024-28987)
☆11Updated 6 months ago
Alternatives and similar repositories for CVE-2024-28987-POC:
Users that are interested in CVE-2024-28987-POC are comparing it to the libraries listed below
- Proof of concept : CVE-2024-1071: WordPress Vulnerability Exploited☆14Updated 6 months ago
- Python script that generates Visual Basic Script (VBS) stagers for executing PowerShell scripts directly from specified URLs. It provides…☆13Updated 10 months ago
- This Python script provides functionality to encode PowerShell commands while preserving the environment variables. It's especially usefu…☆16Updated 10 months ago
- PHP CGI Argument Injection (CVE-2024-4577) RCE☆19Updated 7 months ago
- A PHP script demonstrating cookie stealing by capturing and logging request information, including the victim's cookie, IP address, HTTP …☆35Updated last year
- F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.☆17Updated 2 years ago
- The provided Python program, Nim-Backdoor.py, generates a Nim program that operates as a backdoor, allowing remote command execution via …☆42Updated 8 months ago
- crawl a website for links and expose all the vulnerable parameters.☆12Updated 2 years ago
- Bxss Sniper: A web application penetration testing tool for Blind XSS detection☆19Updated last year
- Simple-XSS is a multiplatform cross-site scripting (XSS) vulnerability exploitation tool.☆47Updated 9 months ago
- A simple utility to quickly gather historic Port and CVE exposures from an IP range.☆38Updated last year
- ☆13Updated this week
- This repository contains the best fuzzing wordlist files☆29Updated 3 months ago
- WebDirScan is a tool for brute-forcing URIs (directories and files) on web servers by taking input directory to scan for files & director…☆12Updated last year
- Mass bruteforce authentication of common services with common credentials.☆47Updated last year
- Brute forcing login pages with SQL Injection queries with cURL☆17Updated 2 years ago
- A simple utility to perform reverse WHOIS lookups using whoisxml API☆40Updated last year
- An offensive security tool used to enumerate and spray passwords for O365 accounts on both Managed and Federated AD services.☆48Updated 2 years ago
- Certina is an OSINT tool for red teamers and bug hunters to discover subdomains from web certificate data☆54Updated last year
- Interactive shell to execute commands anonymously using Proxychains and Tor☆37Updated 2 years ago
- Highly configurable script for dictionary/spray attacks against online web applications.☆53Updated 2 years ago
- Enumeration & fingerprint tool☆24Updated last year
- medor is an OSINT tool that enables you to discover a WordPress website IP behind a WAF or behind Onion Services.☆14Updated 8 months ago
- xdebug 2.5.5 RCE exploit☆30Updated 2 months ago
- This project explores secure remote access using Metasploit's reverse TCP payloads. Ethically and responsibly, we showcase potential risk…☆29Updated last year
- subBruter is a tool designed to efficiently probe for alive subdomins from a provided wordlist.☆27Updated last year
- The powerfull Extract and Scanner Javascript urls (Upgrade Deeper search)☆16Updated 4 months ago
- Cobalt Strike is threat emulation software. Red teams and penetration testers use Cobalt Strike to demonstrate the risk of a breach and e…☆13Updated 2 years ago
- ParamFirstCheck identifies in a list of urls those containing a parameter of the top 25 of the most vulnerable parameters for SQLi, LFI, …☆34Updated last year
- Tips, Tricks, and Scripts for Linux Post Exploitation☆38Updated 2 years ago