a2u / Cve 2018 7600
💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002
Stars: ✭ 330
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Cve 2018 7600
Drupalgeddon2
Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)
Stars: ✭ 464 (+40.61%)
Mutual labels: drupal, exploit, poc
Exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
Stars: ✭ 3,056 (+826.06%)
Mutual labels: drupal, exploit, poc
Penetration testing poc
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+1069.09%)
Mutual labels: poc, exploit
Scripts-Sploits
A number of scripts POC's and problems solved as pentests move along.
Stars: ✭ 37 (-88.79%)
Mutual labels: exploit, poc
CVE-2021-44228-PoC-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
Stars: ✭ 760 (+130.3%)
Mutual labels: exploit, poc
PoC-Bank
Focus on cybersecurity | collection of PoC and Exploits
Stars: ✭ 83 (-74.85%)
Mutual labels: exploit, poc
PocOrExp in Github
聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
Stars: ✭ 544 (+64.85%)
Mutual labels: exploit, poc
Umbraco-RCE
Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution
Stars: ✭ 61 (-81.52%)
Mutual labels: exploit, poc
awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
Stars: ✭ 538 (+63.03%)
Mutual labels: exploit, poc
Pentesting
Misc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-92.73%)
Mutual labels: exploit, poc
Exploit-Development
Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
Stars: ✭ 84 (-74.55%)
Mutual labels: exploit, poc
Drupalgeddon3
Drupal < 7.58 - Drupalgeddon 3 Authenticated Remote Code Execution (Metasploit)
Stars: ✭ 18 (-94.55%)
Mutual labels: drupal, exploit
dheater
D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Stars: ✭ 142 (-56.97%)
Mutual labels: exploit, poc
Wordpress Xmlrpc Brute Force Exploit
Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield
Stars: ✭ 315 (-4.55%)
Mutual labels: exploit, poc
Exploits
A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.
Stars: ✭ 75 (-77.27%)
Mutual labels: exploit, poc
Commodity Injection Signatures
Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (-19.09%)
Mutual labels: exploit, poc
Xattacker
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+171.82%)
Mutual labels: drupal, exploit
CVE-2021-33766
ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit
Stars: ✭ 37 (-88.79%)
Mutual labels: exploit, poc
IMPORTANT: Is provided only for educational or information purposes.
Protect rules for ModSecurity (by fuzzylogic)
Protect rules for ModRewrite .htaccess
FOR MEDIA:
Please do not post a link to this repository in your articles, without specifying how to protect against an attack (recommend updating Drupal, setting rules for WAF, etc.)
PoC based CheckPoint article.
https://research.checkpoint.com/uncovering-drupalgeddon-2/
by Eyal Shalev, Rotem Reiss and Eran Vaknin
PoC not working on Drupal 7.x. See here for Drupal 7.x & 8.x
CVE-2018-7600 / SA-CORE-2018-002 Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].