motikan2010 / CVE-2021-29447
WordPress - Authenticated XXE (CVE-2021-29447)
☆41Updated 2 years ago
Related projects: ⓘ
- Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1☆54Updated last year
- CVE-2021-38647 - POC to exploit unauthenticated RCE #OMIGOD☆69Updated 2 years ago
- DLL to open up calc.exe to demonstrate that you injected DLLs☆23Updated 3 years ago
- Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell☆20Updated 2 years ago
- User enumeration and password spraying tool for testing Azure AD☆67Updated 2 years ago
- Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.☆43Updated 3 weeks ago
- Copy as XMLHttpRequest BurpSuite extension☆31Updated 3 years ago
- Generate image payloads in JS to bypass filters☆39Updated 3 years ago
- ☆12Updated 3 years ago
- pdfkit <0.8.6 command injection shell. The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sa…☆22Updated last year
- Just some random small tools for dealing with asp.net Forms Authentication Cookies☆21Updated 3 years ago
- PoC for CVE-2021-45897☆17Updated 2 years ago
- Local File Inclusion Burp-Suite Intruder Payload Generator Plugin☆39Updated 3 years ago
- DO NOT RUN THIS.☆47Updated 2 years ago
- ☆29Updated last year
- InfluxDB CVE-2019-20933 vulnerability exploit☆39Updated 2 years ago
- This is a pre-authenticated RCE exploit for VMware vRealize Operations Manager☆48Updated 11 months ago
- Determine the Version Running on the Palo Alto Network Firewall for the Global Protect Portal☆11Updated 4 years ago
- ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker bypassin…☆30Updated 3 years ago
- Arbitrary File Disclosure Vulnerability in Icinga Web 2 <2.8.6, <2.9.6, <2.10☆14Updated last year
- Writeup of CVE-2020-15906☆44Updated 3 years ago
- This script implements the Proof of Concept attack from the Checkpoint research "NTLM Credentials Theft via PDF Files"☆23Updated 6 years ago
- Tests for LFI in PHP apps and automates the process of leveraging LFI's to recursively download source code and discover new files via in…☆12Updated last year
- CVE-2023-34362: MOVEit Transfer Unauthenticated RCE☆62Updated 5 months ago
- SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing☆91Updated 4 years ago
- ☆44Updated 2 years ago
- ☆28Updated this week
- ☆38Updated 9 months ago
- F5 BIG-IP iControl REST vulnerability RCE exploit with Java including a testing LAB☆13Updated last year
- Collection of python3 exploits written by me to practice exploit development. Also is good preparation for OSED-301 course released by of…☆21Updated 3 years ago