Pinned Repositories
citrix_cve-2023-4966
Citrix CVE-2023-4966 from assetnote modified for parallel and file handling
CVE-2022-22963
CVE-2022-22963 PoC
CVE-2024-20931
CVE-2024-20931, this is the bypass of the patch of CVE-2023-21839
hikvision
Hikvision log4j PoC
kubei
Kubei is a flexible Kubernetes runtime scanner, scanning images of worker and Kubernetes nodes providing accurate vulnerabilities assessment, for more information checkout:
netscaler-startwebview
Netscaler simple python exploit for mass checks
proxyshell
A basic proxylogon scanner
spring-core-rce
Spring core rce
synack_burp
synackDUO
Python Duo Push API
dinosn's Repositories
dinosn/hikvision
Hikvision log4j PoC
dinosn/CVE-2024-20931
CVE-2024-20931, this is the bypass of the patch of CVE-2023-21839
dinosn/synackDUO
Python Duo Push API
dinosn/synack_burp
dinosn/citrix_cve-2023-4966
Citrix CVE-2023-4966 from assetnote modified for parallel and file handling
dinosn/netscaler-startwebview
Netscaler simple python exploit for mass checks
dinosn/ysoserial.net-docker
ysoserial.net docker image
dinosn/weblogic
Weblogic exploits
dinosn/avred
Analyse your malware to surgically obfuscate it
dinosn/awesome-industrial-protocols
Security-oriented list of resources about industrial network protocols.
dinosn/BypassAV
This map lists the essential techniques to bypass anti-virus and EDR
dinosn/Caro-Kann
Encrypted shellcode Injection to avoid Kernel triggered memory scans
dinosn/cs2br-bof
dinosn/CVE-2022-33679
One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html
dinosn/CVE-2022-36537
POC of CVE-2022-36537
dinosn/CVE-2022-41040-metasploit-ProxyNotShell
the metasploit script(POC) about CVE-2022-41040. Microsoft Exchange are vulnerable to a server-side request forgery (SSRF) attack. An authenticated attacker can use the vulnerability to elevate privileges.
dinosn/CVE-2023-46604
dinosn/DonPAPI
Dumping DPAPI credz remotely
dinosn/ExecIT
Execute shellcode files with rundll32
dinosn/JNDI-Injection-Exploit-Plus
60+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.
dinosn/JNDI-Injection-LDAP-Deserialization
dinosn/KubeStalk
KubeStalk discovers Kubernetes and related infrastructure based attack surface from a black-box perspective.
dinosn/LOLDrivers_finder
dinosn/nanodump
The swiss army knife of LSASS dumping
dinosn/Offensive-C-Sharp
dinosn/redis_get
Get redis keys from open redis, or by using a password. This is to create a proof of concept to be used later in reports.
dinosn/RichFaces
A collection of exploits created or modified by me
dinosn/SeeYouCM-Thief
dinosn/Weblogic-1
WebLogic vulnerability exploration from beginner to expert.
dinosn/WeblogicEnvironment
WeblogicEnvironment docker setup for research