Pinned Repositories
CVE-2017-1000486
Primefaces <= 5.2.21, 5.3.8 or 6.0 - Remote Code Execution Exploit
CVE-2017-5645
CVE-2017-5645 - Apache Log4j RCE due Insecure Deserialization
CVE-2018-7600
Exploit for Drupal 7 <= 7.57 CVE-2018-7600
CVE-2019-2725
WebLogic Insecure Deserialization - CVE-2019-2725 payload builder & exploit
docker-java-xxe
Docker image to test XXE attacks in java with tomcat.
gopher-tomcat-deployer
Gopher Tomcat Deployer
JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
pdf-NTLMLeaker
This script implements the Proof of Concept attack from the Checkpoint research "NTLM Credentials Theft via PDF Files"
wsuxploit
This is a weaponized WSUS exploit
ysoserial-modified
That repository contains my updates to the well know java deserialization exploitation tool ysoserial.
pimps's Repositories
pimps/JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
pimps/wsuxploit
This is a weaponized WSUS exploit
pimps/ysoserial-modified
That repository contains my updates to the well know java deserialization exploitation tool ysoserial.
pimps/CVE-2018-7600
Exploit for Drupal 7 <= 7.57 CVE-2018-7600
pimps/CVE-2017-5645
CVE-2017-5645 - Apache Log4j RCE due Insecure Deserialization
pimps/CVE-2017-1000486
Primefaces <= 5.2.21, 5.3.8 or 6.0 - Remote Code Execution Exploit
pimps/gopher-tomcat-deployer
Gopher Tomcat Deployer
pimps/CVE-2019-2725
WebLogic Insecure Deserialization - CVE-2019-2725 payload builder & exploit
pimps/pdf-NTLMLeaker
This script implements the Proof of Concept attack from the Checkpoint research "NTLM Credentials Theft via PDF Files"
pimps/docker-java-xxe
Docker image to test XXE attacks in java with tomcat.
pimps/rizzoma-docker
This is a docker image to run rizzoma standalone for testing or quick deploys.
pimps/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
pimps/CTF-Write-ups
My CTF Write-ups
pimps/CVE-2019-2726
CVE-2019-2725 命令回显
pimps/red_team_tool_countermeasures
pimps/cmd_and_kubectl_demos
pimps/donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
pimps/ipwndfu
open-source jailbreaking tool for many iOS devices
pimps/knary
A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support
pimps/TheGoonies-Assets-1
All the assets done for TheGoonies CTF Team.
pimps/tnumb3rs
CTF Challenge TNumb3rs
pimps/trash