shamo0 / CVE-2023-38646-PoC
Metabase Pre-auth RCE
☆13Updated last year
Related projects ⓘ
Alternatives and complementary repositories for CVE-2023-38646-PoC
- A Proof-Of-Concept for the CVE-2023-43770 vulnerability.☆32Updated last year
- Hadoken: A versatile Active Directory pentesting tool engineered to identify vulnerabilities and streamline security assessments.☆49Updated last year
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals…☆60Updated 10 months ago
- PrestaXSRF is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆30Updated 10 months ago
- Azure Service Subdomain Enumeration☆42Updated 2 months ago
- Little thing put together quickly to demonstrate this CVE☆27Updated 2 years ago
- 「💥」CVE-2022-33891 - Apache Spark Command Injection☆27Updated 2 years ago
- ☆31Updated last year
- ☆68Updated 6 months ago
- JoomSploit is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆26Updated 10 months ago
- ☆43Updated last year
- Pwndoc local file inclusion to remote code execution of Node.js code on the server☆46Updated last year
- ☆41Updated last year
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆35Updated 10 months ago
- List of MurmurHash3 favicon hashes of widely used technologies by vendor to search with Shodan.☆20Updated 6 months ago
- A simple automation tool to detect lfi, rce and ssti vulnerability☆55Updated 2 years ago
- Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)☆35Updated last year
- Python tool to test known techniques to bypass 403 and 401 HTTP responses.☆35Updated last year
- PassMute - A multi featured Password Transmutation/Mutator Tool☆51Updated last year
- An offensive security tool used to enumerate and spray passwords for O365 accounts on both Managed and Federated AD services.☆47Updated last year
- Enumeration & fingerprint tool☆23Updated 8 months ago
- WooCommerce Payments: Unauthorized Admin Access Exploit☆39Updated last year
- ASPX Shellcode Ceasar Encrypted Generator is a Python script automating shellcode generation, embedding, encryption, and execution in an …☆11Updated last year
- Highly configurable script for dictionary/spray attacks against online web applications.☆54Updated 2 years ago
- CVE-2022-22963 is a vulnerability in the Spring Cloud Function Framework for Java that allows remote code execution. This python script w…☆22Updated last year
- ☆27Updated last year
- Proof of Concept Exploit for PaperCut CVE-2023-27350☆47Updated last year
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆42Updated 8 months ago
- Tools used for Pentesting☆22Updated last year
- ☆14Updated 11 months ago