oxagast / oxasploits
A number of exploits and tools I've written for CVEs accredited to Marshall Whittaker/oxagast
☆6Updated last week
Alternatives and similar repositories for oxasploits:
Users that are interested in oxasploits are comparing it to the libraries listed below
- Exfiltrate data with DNS queries. Based on CertUtil and NSLookup.☆22Updated last year
- A basic proxylogon scanner☆27Updated 3 years ago
- A parallel scanner that utilises axiom to spin up servers and parallel scan using masscan.☆16Updated 4 years ago
- Exploit PoC for CVE's and non CVE's alike☆22Updated 4 years ago
- SMB Auto Relay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environme…☆47Updated 4 years ago
- Very Easy Relative Backdoor Application☆12Updated 3 years ago
- PoC for CVE-2020-11651☆6Updated 4 years ago
- pwncat windows c2 components☆19Updated 3 years ago
- This is a proof-of-concept of malicious software running inside of ModSecurity WAF.☆32Updated 3 years ago
- Use rpc null sessions to retrieve machine list, domain admin list, domain controllers☆14Updated 2 years ago
- wpscvn is a tool for pentesters, website owner to test if their websites had some vulnerable plugins or themes☆15Updated 6 years ago
- ☆27Updated last year
- An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.☆14Updated 10 months ago
- Nmap script to check vulnerability CVE-2021-21972☆28Updated 4 years ago
- A python-based padding oracle tool☆20Updated 7 months ago
- A malicious .cab creation tool for CVE-2021-40444☆12Updated 3 years ago
- PoC for the CVE-2021-20837 : RCE in MovableType☆19Updated 3 years ago
- The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application pen…☆10Updated 8 years ago
- Tool to crawl, visualize and interact with SQL server links in a d3 graph to help in your red/blue/purple/.../risk assessments pentest …☆19Updated 4 years ago
- Identify common attack paths to get Domain Administrator☆22Updated 5 years ago
- Cryptanalysis of the DAO exploit & Multi-Stage Attack☆18Updated 11 months ago
- Stealthy Stand Alone PHP Web Shell☆33Updated 5 years ago
- ☆12Updated last year
- inviteflood : SIP/SDP INVITE message flooding over UDP/IP☆12Updated 9 years ago
- Validate proxies for specific domain☆35Updated 3 years ago
- OSINT tool abusing SecurityTrails domain suggestion API to find potentially related domains by keyword and brute force.☆26Updated 2 years ago
- Kibana app for RedELK☆16Updated 2 years ago
- Cobalt Strike/C2 Servers☆13Updated 3 years ago
- c# reverse shell poc☆26Updated 6 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆38Updated 4 years ago