TOP All bugbounty pentesting CVE-2023- POC Exp RCE example payload Things

Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

Remote Code Execution engine in Go

eBPF Python runtime sandbox with seccomp (Blocks RCE).

Exploit PoC for CVE-2024-32002

A PoC exploit for CVE-2014-6271 - Shellshock

local poc for CVE-2024-32002

CVE-2024-32002 RCE PoC

Remote Code Execution Engine that lets you execute any piece of code on a remote server via REST API

WordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries

CVE-2024-32640 | Automated SQLi Exploitation PoC

CVE-2024-29895 PoC - Exploiting remote command execution in Cacti servers using the 1.3.X DEV branch builds

CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support

Check your WAF before an attacker does

JerryCat is a tool that fully automates pentesting against Tomcat services🐭

WConsole Extractor is a python library which automatically exploits a Werkzeug development server in debug mode. You just have to write a python function that leaks a file content and you have your shell :)

Automatic SSTI detection tool with interactive interface