oxagast / oxasploits
A number of exploits and tools I've written for CVEs accredited to Marshall Whittaker/oxagast
☆2Updated this week
Alternatives and similar repositories for oxasploits:
Users that are interested in oxasploits are comparing it to the libraries listed below
- ☆16Updated last year
- The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application pen…☆10Updated 8 years ago
- Automation for grabbing keys from a Linux host. Useful during red team exercises to quickly help assess what access to a Linux host can l…☆17Updated 3 years ago
- Tool to crawl, visualize and interact with SQL server links in a d3 graph to help in your red/blue/purple/.../risk assessments pentest …☆19Updated 4 years ago
- This is a proof-of-concept of malicious software running inside of ModSecurity WAF.☆31Updated 2 years ago
- This repository is to provide a write-up and PoC for CVE-2023-41717.☆13Updated last year
- wsnet☆24Updated 3 months ago
- A compilation of Aggressor/Sleep scripts for operational purposes that I've made.☆11Updated 3 years ago
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆18Updated 3 years ago
- Exfiltrate files using the HTTP protocol version ("HTTP/1.0" is a 0 and "HTTP/1.1" is a 1)☆21Updated 3 years ago
- A python-based padding oracle tool☆20Updated 3 months ago
- Script to setup a phishing server on the cloud☆12Updated 3 years ago
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆9Updated 2 years ago
- Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…☆18Updated 4 years ago
- A collection of Metasploit plugins I have written for various reasons.☆15Updated 3 years ago
- Cisco CallManager User Enumeration☆15Updated 2 years ago
- Easily-guessable Password Generator for Password Spray Attack☆20Updated 4 years ago
- Drakus allows you to monitor the artifacts and domains used in a Red Team exercise to see if they have been uploaded to certain online ma…☆13Updated 3 years ago
- A basic proxylogon scanner☆27Updated 3 years ago
- Exploit POC for CVE-2024-22026 affecting Ivanti EPMM "MobileIron Core"☆11Updated 6 months ago
- Exploit PoC for CVE's and non CVE's alike☆22Updated 4 years ago
- Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them b…☆19Updated 7 months ago
- 3gsocks - a reverse connection socks5 based network pivot☆9Updated 3 years ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆14Updated 3 years ago
- ☆15Updated 4 years ago
- just manipulatin these here tokens yes sir nothing weird☆22Updated 2 years ago
- Golang C2 Agent PoC utilizing web and social media paltforms to issue command and control and pasting results to PasteBin☆15Updated 4 years ago
- Exactly what it sounds like, which is something rad☆20Updated 2 years ago