Javascript payload that inject a malicious payload into the copy-buffer of the victim
☆37May 25, 2018Updated 7 years ago
Alternatives and similar repositories for xss-to-rce
Users that are interested in xss-to-rce are comparing it to the libraries listed below
Sorting:
- A python RCE exploit on QNAP-QTS☆14Sep 15, 2020Updated 5 years ago
- ☆10Jan 17, 2022Updated 4 years ago
- collection of beacon object file (Cobalt strike)☆12Jan 21, 2023Updated 3 years ago
- A PoC exploit for CVE-2023-23752 - Joomla Improper Access Check in Versions 4.0.0 through 4.2.7☆16Feb 1, 2026Updated last month
- A simple script that edits the XML of a macro-enabled Word document (.docm or Word 97 document) to add a reference to a remote stylesheet…☆11Oct 5, 2022Updated 3 years ago
- Custom Python shellcode encryptor and obfuscator☆14Jul 31, 2025Updated 7 months ago
- Rasta's mouse AMSI patch but with function that makes it undetectable.☆14Apr 21, 2021Updated 4 years ago
- port+dir+param bruteforcing at the same time using ffuf☆17Jul 27, 2024Updated last year
- Passworld is a fully customizable wordlist generator☆16Sep 13, 2024Updated last year
- This script leverages CVE-2023046604 (Apache ActiveMQ) to generate a pseudo shell. The vulnerability allows for remote code execution due…☆18Jan 24, 2024Updated 2 years ago
- Scripts and One-Liners☆20Jan 31, 2025Updated last year
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Aug 8, 2022Updated 3 years ago
- Python3 HTTP Server with upload functionality☆20Dec 4, 2023Updated 2 years ago
- Notes and Commands for CTFs☆22Apr 28, 2020Updated 5 years ago
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆25May 19, 2022Updated 3 years ago
- My personal collection of webshells for educational purposes. Most are custom implementations/adaptations of stuff I found on the interne…☆21May 20, 2024Updated last year
- Vulnerability analysis and PoC for the Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (RCE)☆23Sep 4, 2021Updated 4 years ago
- CVE-2019-0232-Remote Code Execution on Apache Tomcat 7.0.42☆20Nov 21, 2019Updated 6 years ago
- ☆21Feb 22, 2025Updated last year
- Experience the power of a PHP webshell designed to overcome the limitations of blacklisted system/exec functions.☆26Jul 14, 2024Updated last year
- 一个普通的BOF用来BypassUAC☆22Apr 6, 2024Updated last year
- Ivanti EPM SQL Injection Remote Code Execution Vulnerability☆26Jun 12, 2024Updated last year
- Reverse-HTTP Redirector via DigitalOcean Apps Platform☆32Aug 16, 2023Updated 2 years ago
- Wrapper for blocksec2go allowing easy hardware-based signing of Ethereum transactions☆12Feb 8, 2023Updated 3 years ago
- Beacon Object File to locate and suspend the threads hosting the Event Log service☆29Jun 17, 2022Updated 3 years ago
- ☆35May 31, 2023Updated 2 years ago
- python spraying tools based on impacket lib☆55Sep 6, 2022Updated 3 years ago
- An exploit for Microsoft IIS 6.0 CVE-2017-7269☆22Mar 29, 2017Updated 8 years ago
- Table of AD and Azure assets and whether they belong to Tier Zero☆26Sep 12, 2023Updated 2 years ago
- A docker example for privilege escalation☆25Jul 17, 2017Updated 8 years ago
- A fast multi-threaded tool to bruteforce openssl ciphers with a wordlist against an encrypted file.☆23Aug 5, 2018Updated 7 years ago
- Windows Thread Pool Injection Havoc Implementation☆33Mar 23, 2024Updated last year
- CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability☆30Aug 16, 2021Updated 4 years ago
- Log converter from CS log to Ghostwriter CSV☆31Nov 23, 2020Updated 5 years ago
- PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10…☆35Sep 24, 2022Updated 3 years ago
- Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetM…☆40Oct 26, 2023Updated 2 years ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆154Nov 2, 2025Updated 4 months ago
- 漏洞检测与利用常见api库☆34Nov 20, 2022Updated 3 years ago
- ☆38Jan 7, 2025Updated last year