gotr00t0day

Pinned Repositories

CVE-2024-4040
A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.
Language:Python9 1 03
CVE-2024-4577
Argument injection vulnerability in PHP
Language:Python10 1 02
DeepWeb
DeepWeb is a tool that extracts links from a webpage and does a deep analysis on every link.
Language:Python15 1 03
F5-BIG-IP-Scanner
F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.
Language:Python15 2 01
forbiddenpass
Language:Python149 4 140
Gsec
Web Security Scanner
Language:Python302 5 1459
IGF
Informatrion Gathering Framework
Language:Python20 2 34
spyhunt
recon for bug hunters
Language:Python472 8 32107
valhalla
Valhalla finds vulnerable devices on shodan, it can also scan a list of domains to find vulnerabilities.
Language:Python37 1 39
wpdisect
WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.
Language:Python12 2 05

gotr00t0day's Repositories

gotr00t0day/spyhunt
recon for bug hunters
Language:Python472 8 32107
gotr00t0day/Gsec
Web Security Scanner
Language:Python302 5 1459
gotr00t0day/forbiddenpass
Language:Python149 4 140
gotr00t0day/valhalla
Valhalla finds vulnerable devices on shodan, it can also scan a list of domains to find vulnerabilities.
Language:Python37 1 39
gotr00t0day/IGF
Informatrion Gathering Framework
Language:Python20 2 34
gotr00t0day/DeepWeb
DeepWeb is a tool that extracts links from a webpage and does a deep analysis on every link.
Language:Python15 1 03
gotr00t0day/F5-BIG-IP-Scanner
F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.
Language:Python15 2 01
gotr00t0day/CVE-2024-4577
Argument injection vulnerability in PHP
Language:Python10 1 02
gotr00t0day/CVE-2024-4040
A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.
Language:Python9 1 03
gotr00t0day/vulnparams
crawl a website for links and expose all the vulnerable parameters.
Language:Python9 2 02
gotr00t0day/OpenSSH-Scanner
OpenSSH Vulnerabilities Scanner: Bulk Scanning Tool for 21 different OpenSSH CVEs.
Language:Python82
gotr00t0day/gotasn
Extract the IP range associated with a given ASN (Autonomous System Number) and subsequently utilize the Masscan tool to identify open HTTP ports within that range.
Language:Python6 1 02
gotr00t0day/gotr00t0day
6 2 10
gotr00t0day/PathTraversal
Language:Python6 1 05
gotr00t0day/rmap
Automated enumeration for red teamers
Language:Python5 1 01
gotr00t0day/gotr00tbot
discord.py bot
Language:Python4 2 00
gotr00t0day/LinkFinder
A python script that finds endpoints in JavaScript files
Language:Python4 0 02
gotr00t0day/nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Language:Go4 1 02
gotr00t0day/Domainator
Domainator is a tool that will find new assets for any organization.
Language:Python3 1 0
gotr00t0day/CVE-2022-1388
A remote code execution vulnerability exists in the iControl REST API feature of F5's BIG-IP product. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands with root privileges.
Language:Python2 1 0
gotr00t0day/DDOS-RootSec
Explore RootSec's DDOS Archive, featuring top-tier scanners, powerful botnets (Mirai & QBot) and other variants, high-impact exploits, advanced methods, and efficient sniffers. Ideal for cybersecurity professionals and researchers.
Language:C2 0 03
gotr00t0day/HostHeaderInjection
Language:Python2 1 03
gotr00t0day/Ivanti_PoC
Authentication bypass in Ivanti Endpoint Manager Mobile
Language:Python2 1 0
gotr00t0day/localipbug
In some cases the Miscorosoft HTTP Server API leaks internal ip addresses while sending a GET / HTTP/1.0 request to the server.
Language:Python2 1 0
gotr00t0day/CVE-2024-28995
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
Language:Python1 1 01
gotr00t0day/gotr00t0day.github.io
Language:HTML1 2 0
gotr00t0day/NextGen-Mirth-Connect-Exploit
A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application.
Language:Python11
gotr00t0day/TokenFucker
Token Stealing Tool for Windows and Linux
Language:Python1 1 0
gotr00t0day/DVR_Sploit
Simple python3 script to automate CVE-2018-9995
Language:Python0 02
gotr00t0day/fsociety
fsociety Hacking Tools Pack – A Penetration Testing Framework