193 Open source projects that are alternatives of or similar to Cve 2020 0796 Rce Poc

No description or website provided.

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

Some personal exploits/pocs

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

Hacking tools

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

Miscellaneous exploit code

A social experiment

ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.

CVE-2018-19276 - OpenMRS Insecure Object Deserialization RCE

NodeJS Red-Team Cheat Sheet

Exploits for YARA 3.7.1 & 3.8.1

🔮🔬Front-End testing tool which can be used to create a side by side visual comparison between your live site and local site.

Remote command execution vulnerability scanner for Log4j.

Creates a Simulation of Fake Web Events

A number of scripts POC's and problems solved as pentests move along.

🦄🔒 Awesome list of secrets in environment variables 🖥️

Some exploits, which I’ve created during my OSCE preparation.

Juniper Junos Space (CVE-2020-1611) (PoC)

Getting started with java code auditing 代码审计入门的小项目

😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!

Misc. Public Reports of Penetration Testing and Security Audits.

Python bind shell single line code for both Unix and Windows, used to find and exploit RCE (ImageMagick, Ghostscript, ...)

ecshop rce getshell

an RCE (remote command execution) approach of CVE-2018-7750

exploit code for F5-Big-IP (CVE-2020-5902)

JAVA 漏洞靶场 (Vulnerability Environment For Java)

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

集漏洞验证和任务运行的一个框架

CVE-2020-8597 pppd buffer overflow poc

Contact Tracing BLE sniffer PoC

DeepfakeHTTP is a web server that uses HTTP dumps as a source for responses.

A scavenger / conqueror wrapper for collision free multi mining of PoC coins

💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit

Hamster是基于mitmproxy开发的异步被动扫描框架，基于http代理进行被动扫描，主要功能为重写数据包、签名、漏洞扫描、敏感参数收集等功能（开发中）。

SambaCry exploit and vulnerable container (CVE-2017-7494)

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

A complete Grabber, sending data to a TCP server that you have to host and stocking all in a database.

a plenty of poc based on python

Blueborne CVE-2017-1000251 PoC for linux machines

PoC for triggering buffer overflow via CVE-2020-0796

BugBounty Tool

A Proof-of-Concept tool utilizing open DNS resolvers to produce an amplification attack against web servers. Using Shodan APIs and native Linux commands, this tool is in development to cripple web servers using spoofed DNS recursive queries.

ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container

CVE-2020-0796 Pre-Auth POC

Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform bulk vulnerability verification for multiple targets.

Writing Spyware Made Easy - POC spyware Chrome Extension/Server

Vagrant As Automation Script

spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧

Hi! Agentgo is a tool for making remote command executions from server to client with golang, protocol buffers (protobuf) and grpc.