exploits
Proof of Concept Exploit for vCenter CVE-2021-21972
A tool to extract the IdP cert from vCenter backups and log in as Administrator
Red team tool that emulates the SolarWinds CI compromise attack vector.
Exploit for CVE-2020-3952 in vCenter 6.7 https://www.guardicore.com/2020/04/pwning-vmware-vcenter-cve-2020-3952/
Utilities to extract secrets from 1Password
Python script to execute commands via Erlang/OTP Distribution Protocol
Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle)
🌮 INTERACTIVE reverse shell everywhere! (Particularly digestible with socat multi-handler listener)
Binary and CrackMapExec module to impersonate tokens on a windows machine
Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged processes to access malicious pipes for exploitation
CVE-2022-36946 linux kernel panic in netfilter_queue
解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
Windows x64 handcrafted token stealing kernel-mode shellcode
Root shell exploit for several Xiaomi routers: 4A Gigabit, 4A 100M, 4, 4C, 3Gv2, 4Q, miWifi 3C...
A reverse engineering framework written in Python.