k0x-offsec / CDPwn
CDPwn is a python script designed to capture screenshots of files via the Chrome DevTools Protocol (CDP), a technique useful for privilege escalation when the CDP service runs with root permissions.
☆12Updated 11 months ago
Alternatives and similar repositories for CDPwn:
Users that are interested in CDPwn are comparing it to the libraries listed below
- Speedy probe-based UDP service scanner☆70Updated last week
- Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")☆57Updated last year
- ☆13Updated 4 years ago
- CVE-2023-34362: MOVEit Transfer Unauthenticated RCE☆64Updated last year
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆26Updated last year
- List of some AD tools I frequently use☆45Updated 2 months ago
- Small toolkit for extracting information and dumping sensitive strings from Windows processes☆110Updated 9 months ago
- ☆15Updated 3 years ago
- A repository of tools developed while studying for OSEP. The contents here are not part of courseware but some tools, i wrote as an exten…☆1Updated 10 months ago
- Ruby-SAML / GitLab Authentication Bypass (CVE-2024-45409) exploit☆77Updated 6 months ago
- ☆15Updated 4 months ago
- ☆39Updated last year
- CVE-2023-21554 Windows MessageQueuing PoC,分析见 https://www.zoemurmure.top/posts/cve_2023_21554/☆56Updated last year
- Burp Extension to add additional functionality for pentesting websocket based applications☆93Updated 10 months ago
- Automating Juicy Potato Local Privilege Escalation CMD exploit for penetration testers.☆42Updated 2 years ago
- ☆65Updated 3 months ago
- ☆29Updated 2 years ago
- This repository serves as a curated resource for OffSec's OSEP (PEN-300) certification preparation, containing useful links, materials, a…☆14Updated 5 months ago
- CVE-2022-22963 is a vulnerability in the Spring Cloud Function Framework for Java that allows remote code execution. This python script w…☆22Updated 2 years ago
- PoCs of RCEs against open source C2 servers☆80Updated 6 months ago
- .NET deserialization hunter☆77Updated 9 months ago
- Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell☆21Updated 3 years ago
- ZSH integration for Impacket☆61Updated 3 months ago
- To audit the security of read-only domain controllers☆115Updated last year
- Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV☆26Updated 2 years ago
- Golden collection of weak passwords☆61Updated 4 months ago
- Exploit for CVE-2024-20767 - Adobe ColdFusion☆34Updated 4 months ago
- CobaltStrike beacon written in golang☆26Updated 2 years ago
- Copy as XMLHttpRequest BurpSuite extension☆31Updated 4 years ago
- ☆59Updated last year