POC A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process 13 January 2023
POC POC for CVE-2022-22972 affecting VMware Workspace ONE, vIDM, and vRealize Automation 7.6 POC for CVE-2022-22972 affecting VMware Workspace ONE, vIDM, and vRealize Automation 7.6 07 August 2022
CVE Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE) Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE) 26 July 2022
CVE POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina 25 July 2022
POC PoC for MS-DFSNM coerce authentication using NetrDfsRemoveStdRoot method PoC for MS-DFSNM coerce authentication using NetrDfsRemoveStdRoot method 22 June 2022
POC A lightweight, flexible and novel open source poc verification framework A lightweight, flexible and novel open source poc verification framework 25 March 2022
Scripts POC script for Malware Hunting over the WWW POC script for Malware Hunting over the WWW 25 March 2022
Remote Apache APISIX Remote Code Execution (CVE-2022-24112) proof of concept exploit Apache APISIX Remote Code Execution (CVE-2022-24112) proof of concept exploit 18 March 2022
Pytest Pytest + rich integration (proof of concept) Pytest + rich integration (proof of concept) 18 February 2022
POC Files related to PoC||GTFO 21:21 - NSA’s Backdoor of the PX1000-Cr Files related to PoC||GTFO 21:21 - NSA’s Backdoor of the PX1000-Cr 18 February 2022
CVE SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536 SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536 17 February 2022
Tool Command line search tool for sploitus.com. Think searchsploit, but with more POCs Command line search tool for sploitus.com. Think searchsploit, but with more POCs 17 February 2022
POC A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY 17 February 2022
vulnerability SQL Injection Vulnerability on PhpIPAM v1.4.4 SQL Injection Vulnerability on PhpIPAM v1.4.4 16 February 2022
CVE Pwncat module that automatically exploits CVE-2021-4034 (pwnkit) Pwncat module that automatically exploits CVE-2021-4034 (pwnkit) 13 February 2022
POC Proofs of concept which successfully authenticate with MikroTik Winbox and MAC Telnet servers running on RouterOS version 6.45.1+ Proofs of concept which successfully authenticate with MikroTik Winbox and MAC Telnet servers running on RouterOS version 6.45.1+ 12 February 2022
HTTP HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907 HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907 12 February 2022
vulnerability Vulnerability assessment for CVE-2022-22536 Vulnerability assessment for CVE-2022-22536 11 February 2022
POC A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats 10 February 2022
Burp Extension PortSwigger Burp Plugin for the Log4j (CVE-2021-44228) PortSwigger Burp Plugin for the Log4j (CVE-2021-44228) 01 February 2022
CVE Python exploit code for CVE-2021-4034 (pwnkit) Python exploit code for CVE-2021-4034 (pwnkit) 27 January 2022
POC A simple PoC for the newly found Polkit error names PwnKit A simple PoC for the newly found Polkit error names PwnKit 27 January 2022
CVE Python exploit code for CVE-2021-4034 (pwnkit) Python exploit code for CVE-2021-4034 (pwnkit) 27 January 2022
Tool Simple tool downloads public PoC (refer from nomi-sec) Simple tool downloads public PoC (refer from nomi-sec) 26 January 2022
Proof-Of-Concept Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely 25 January 2022
Proof-Of-Concept Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers 19 January 2022
POC POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection Vulneralibity POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection Vulneralibity 15 January 2022
Shell Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell 14 January 2022
Tool Automated tool to find & created Exploit Poc for Clickjacking Vulnerability Automated tool to find & created Exploit Poc for Clickjacking Vulnerability 13 January 2022
Log4j Log4jScanner: a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains Log4jScanner: a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains 10 January 2022
POC Details,PoC and patches for CVE-2021-45383 & CVE-2021-45384 Details,PoC and patches for CVE-2021-45383 & CVE-2021-45384 06 January 2022
Log4j This plugin discovers vulnerable files for the CVE-2021-44228-log4j issue This plugin discovers vulnerable files for the CVE-2021-44228-log4j issue 04 January 2022
Exploit Auerswald COMpact 8.0B Backdoors exploit Auerswald COMpact 8.0B Backdoors exploit 29 December 2021
Exploit Auerswald COMpact 8.0B Backdoors exploit Auerswald COMpact 8.0B Backdoors exploit 28 December 2021
intelligence A collection of intelligence about Log4Shell and its exploitation activity A collection of intelligence about Log4Shell and its exploitation activity 22 December 2021
Log4j log4j2 dos exploit,CVE-2021-45105 exploit,Denial of Service poc log4j2 dos exploit,CVE-2021-45105 exploit,Denial of Service poc 21 December 2021