Pinned Repositories
-CVE-2017-9805
Exploit script for Apache Struts2 REST Plugin XStream RCE (CVE-2017-9805)
CVE-2016-2098
Ruby On Rails unrestricted render() exploit
CVE-2018-1000001
glibc getcwd() local privilege escalation compiled binaries
CVE-2018-10517
CMS Made Simple 2.2.7 RCE exploit
CVE-2018-12613
PHPMyAdmin v4.8.0 and v.4.8.1 LFI exploit
CVE-2019-0841-BYPASS
A fully automatic CVE-2019-0841 bypass targeting all versions of Edge in Windows 10.
FakePip
Pip install exploit package
Shellkiller
A killer reverse-shell script that is able to use a lot of techniques to ensure your shell will pop back to you.
ShellPop
Pop shells like a master.
TelePreter
Telegram-based PowerShell Runspace Host
0x00-0x00's Repositories
0x00-0x00/CVE-2018-1000001
glibc getcwd() local privilege escalation compiled binaries
0x00-0x00/CVE-2016-2098
Ruby On Rails unrestricted render() exploit
0x00-0x00/CVE-2016-10033
PHPMailer < 5.2.18 Remote Code Execution Exploit
0x00-0x00/CVE-2017-5638
Struts02 s2-045 exploit program
0x00-0x00/XXE
My own repository used for testing XXE vulnerabilities in a more automated way.
0x00-0x00/CVE-2018-7600
CVE-2018-7600 - Drupal 7.x RCE
0x00-0x00/CVE-2015-3224
Modification of Metasploit module for RCE in Ruby-On-Rails Console CVE-2015-3224
0x00-0x00/CVE-2018-10949
Zimbra Collaboration Suite Username Enumeration
0x00-0x00/CVE-2018-8897
Arbitrary code execution with kernel privileges using CVE-2018-8897.
0x00-0x00/gadreel-bot
Telegram bot to help with task management and CTF wargames
0x00-0x00/aquatone
A Tool for Domain Flyovers
0x00-0x00/Arjun
Arjun is a python script for finding hidden GET & POST parameters.
0x00-0x00/GitHack
A `.git` folder disclosure exploit
0x00-0x00/Invoke-TheHash
PowerShell Pass The Hash Utils
0x00-0x00/metasploit-framework
Metasploit Framework
0x00-0x00/powersap
Powershell SAP assessment tool
0x00-0x00/shell_scripts
My own shell scripts used for management.
0x00-0x00/snallygaster
Tool to scan for secret files on HTTP servers
0x00-0x00/cansina
Web Content Discovery Tool
0x00-0x00/cPickleExploitExample
Simple and easy to understand cPickle deserialization vulnerability example.
0x00-0x00/dirsearch
Web path scanner
0x00-0x00/dnsrecon
DNS Enumeration Script
0x00-0x00/evilwifi
Tool to play with wifi networks
0x00-0x00/Invoke-PSImage
Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute
0x00-0x00/Invoke-WMILM
0x00-0x00/jenkins-cve-2016-0792
Exploit for Jenkins serialization vulnerability - CVE-2016-0792
0x00-0x00/OpenVPN-install
Set up your own OpenVPN server on Debian, Ubuntu, Fedora CentOS, and Arch Linux
0x00-0x00/proxychains-ng
proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained proxychains project. the sf.net page is currently not updated, use releases from github release page instead.
0x00-0x00/rpivot
socks4 reverse proxy for penetration testing
0x00-0x00/WinBypass
Windows UAC Bypass