k0x-offsec / CDPwnLinks
CDPwn is a python script designed to capture screenshots of files via the Chrome DevTools Protocol (CDP), a technique useful for privilege escalation when the CDP service runs with root permissions.
☆12Updated last year
Alternatives and similar repositories for CDPwn
Users that are interested in CDPwn are comparing it to the libraries listed below
Sorting:
- List of some AD tools I frequently use☆47Updated 2 weeks ago
- Ruby-SAML / GitLab Authentication Bypass (CVE-2024-45409) exploit☆79Updated 8 months ago
- ☆13Updated 4 years ago
- pdfkit <0.8.6 command injection shell. The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sa…☆20Updated 2 years ago
- CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability☆41Updated 2 years ago
- CVE-2022-22963 is a vulnerability in the Spring Cloud Function Framework for Java that allows remote code execution. This python script w…☆23Updated 2 years ago
- Automating Juicy Potato Local Privilege Escalation CMD exploit for penetration testers.☆46Updated 2 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆26Updated last year
- CVE-2023-21554 Windows MessageQueuing PoC,分析见 https://www.zoemurmure.top/posts/cve_2023_21554/☆57Updated 2 years ago
- ☆17Updated 6 months ago
- CVE-2024-41570: Havoc C2 0.7 Teamserver SSRF exploit☆75Updated 9 months ago
- Tool to enable blind sql injection attacks against websockets using sqlmap☆62Updated last month
- Github repository which contains a functional exploit for CVE-2021-39165☆21Updated 2 years ago
- A repository of tools developed while studying for OSEP. The contents here are not part of courseware but some tools, i wrote as an exten…☆2Updated last year
- Proof of conept to exploit vulnerable proxycommand configurations on ssh clients☆19Updated last year
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆51Updated last year
- Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")☆57Updated last year
- CVE-2023-34362: MOVEit Transfer Unauthenticated RCE☆64Updated last year
- ☆36Updated this week
- Proof of Concept Exploit for CVE-2024-9464☆45Updated 8 months ago
- Burp Extension to add additional functionality for pentesting websocket based applications☆95Updated last year
- Simple python which takes FirstName and LastName to generate possible AD Usernames. Usefull for OSCP, Labs...☆22Updated 5 months ago
- ☆41Updated last week
- OpenSSH Pre-Auth Double Free CVE-2023-25136 POC☆45Updated 2 years ago
- cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text ver…☆39Updated 2 years ago
- ☆11Updated last year
- CVE-2021-38647 - POC to exploit unauthenticated RCE #OMIGOD☆68Updated 3 years ago
- Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell☆22Updated 3 years ago
- CVE-2023-20052, information leak vulnerability in the DMG file parser of ClamAV☆28Updated 2 years ago
- Use the GCP testIamPermissions functionality to bruteforce and discover your permissions☆35Updated 2 months ago