😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!
burpsuite extension for check unauthorized vulnerability
Apache HugeGraph Server Unauthenticated RCE - CVE-2024-27348 Proof of concept Exploit
A Python script to extract the list of users of a GiTea instance, unauthenticated or authenticated.
#安卓#DroidSniper - Misconfigured Android Debug Bridge Scanner
Kumpulan Exploit Wordpress Plugins + Tools + and cara penggunaannya
Perform With Massive Openfire Unauthenticated Users
CVE-2023-26269: Misconfigured JMX in Apache James
A light & organized Python module built with the sole purpose of extracting a Twitter user-object while conforming to Tweepy standards, all without using Twitter's authenticated API.
Python scripts to find ADCS servers on a network without any credentials.
Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE).
This will check if your server is vulnerable to SMBGhost, and partially mitigate it
CVE-2021-46362: FreeMarker Server-Side Template Injection in Magnolia CMS
CVE-2020-12641: Command Injection via “_im_convert_path” Parameter in Roundcube Webmail
CVE-2020-12625: Cross-Site Scripting via Malicious HTML Attachment in Roundcube Webmail
WSO2-2021-1261: Multiple Cross-Site Scripting in WSO2 ESB
CVE-2019-12401: XML Bomb in Apache Solr
MAL-004: Command Injection Bypass for CVE-2020-12641 in Roundcube Webmail
Case Study: SSHtranger Things (CVE-2019-6111, CVE-2019-6110) in Cisco SD-WAN