Pinned Repositories
PingCastle-Notify
Monitor your PingCastle scans to highlight the rule diff between two scans
BackupOperatorToDA
From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller
ByP-SOP
🏴☠️ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files 🏴☠️
CVE-2019-0192
RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl
CVE-2019-5418
CVE-2019-5418 - File Content Disclosure on Ruby on Rails
Padding-oracle-attack
:unlock: Padding oracle attack against PKCS7 :unlock:
poodle-PoC
:poodle: Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566 :poodle:
Rails-doubletap-RCE
RCE on Rails 5.2.2 using a path traversal (CVE-2019-5418) and a deserialization of Ruby objects (CVE-2019-5420)
Spring-Boot-Actuator-Exploit
Spring Boot Actuator (jolokia) XXE/RCE
NetExec
The Network Execution Tool
mpgn's Repositories
mpgn/Spring-Boot-Actuator-Exploit
Spring Boot Actuator (jolokia) XXE/RCE
mpgn/CVE-2019-19781
CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit
mpgn/discord-e2e-encryption
:key: Tampermonkey script that encrypt and decrypt your messages on Discord :key:
mpgn/CVE-2018-17246
CVE-2018-17246 - Kibana LFI < 6.4.3 & 5.6.13
mpgn/CVE-2019-7609
RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer
mpgn/CVE-2018-16341
CVE-2018-16341 - Nuxeo Remote Code Execution without authentication using Server Side Template Injection
mpgn/ntlmrelayx-prettyloot
Convert the loot directory of ntlmrelayx into an enum4linux like output
mpgn/CVE-2018-3760
Rails Asset Pipeline Directory Traversal Vulnerability
mpgn/CVE-2019-9978
CVE-2019-9978 - RCE on a Wordpress plugin: Social Warfare < 3.5.3
mpgn/ropycat
Scripts that allow you to copy/past text into another Windows process to bypass Citrix copy/paste limitation
mpgn/pywerview
A (partial) Python3 rewriting of PowerSploit's PowerView
mpgn/Enum4LinuxPy
Everyone's favorite SMB/SAMBA/CIFS enumeration tool ported over to Python.
mpgn/Guardian
A simple script that watch for unusual tcp/http/ssh activity and ban ip via routing
mpgn/Invoke-Vnc
Powershell VNC injector
mpgn/SharpGPOAbuse
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.
mpgn/Builder
mpgn/chisel
A fast TCP tunnel over HTTP
mpgn/CobaltStrike
CobaltStrike's source code
mpgn/CVE-2020-1472
PoC for Zerologon - all research credits go to Tom Tervoort of Secura
mpgn/itm4n
mpgn/ldapdomaindump
Active Directory information dumper via LDAP
mpgn/msdat
MSDAT: Microsoft SQL Database Attacking Tool
mpgn/NTHASH-FPC
mpgn/nuclei-templates
Template files for the nuclei scanner
mpgn/Perfusion
Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
mpgn/pi-pwnbox-rogueap
Homemade Pwnbox :rocket: / Rogue AP :satellite: based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap :bulb:
mpgn/saadeghi
mpgn/SharpHellsGate
C# Implementation of the Hell's Gate VX Technique
mpgn/SharpRDP
Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
mpgn/sqlinjection-training-app
A simple PHP application to learn SQL Injection detection and exploitation techniques.