Vulnerability Exploitation Code Collection Repository

Last update: Feb 14, 2022

Overview

Introduction

expbox is an exploit code collection repository

List

CVE-2021-41349 Exchange XSS PoC

<= Exchange 2013 update 23
<= Exchange 2016 update 22
<= Exchange 2019 update 11

CVE-2021–3945 Django-helpdesk stored XSS PoC

<= 0.3.0

Note

All content comes from the Internet, if there is a copyright problem, please contact me to delete.

Owner

0x0021h

一切都在不言中

GitHub Repository

OLOP: One-Line & Obfuscated Python

OLOP: One-Line & Obfuscated Python This repository contains useful python modules for one-line and obfuscated python. pip install olop-ShadowLugia650

1 Jan 09, 2022

Crypto Meta Extractor

Crypto Meta Extractor This repository contains the code which extracts some metadata of all the cryptocurrencies listed (9K) on CoinMarketCap. Coding

3 Jul 03, 2022

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or CVE from Github by CVE ID.

PocOrExp in Github 聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网注意：只通过通用的CVE号聚合，因此对于MS17-010等Windows编号漏洞以及著名的有绰号的漏洞，还是自己检索一下比较好 Usage python3 exp.py -h usage: ex

567 Dec 30, 2022

Proof of Concept Exploit for vCenter CVE-2021-21972

CVE-2021-21972 Proof of Concept Exploit for vCenter CVE-2021-21972

210 Dec 31, 2022

Generate obfuscated meterpreter shells

Generator Evade AV with obfuscated payloads Installation must install dotnet prior to running the script with net45 Running ./generator.py -ip Your-I

219 Nov 28, 2022

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

26 Dec 26, 2022

Scan all java processes on your host to check weather it's affected by log4j2 remote code execution

Log4j2 Vulnerability Local Scanner (CVE-2021-45046) Log4j 漏洞本地检测脚本，扫描主机上所有java进程，检测是否引入了有漏洞的log4j-core jar包，是否可能遭到远程代码执行攻击（CVE-2021-45046）。上传扫描报告到指定的服

86 Dec 09, 2022

Osint-Tool - Information collection tool in python

Osint-Tool Herramienta para la recolección de información Pronto más opciones In

3 Apr 09, 2022

Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.

31 Oct 21, 2022

A terminal based web shell controller

shell-hack Tribute to Chinese ant sword； A Powerful terminal based webshell controller； Usage : Usage : python3 shell-hack.py --url [URL] --w

10 Dec 28, 2021

A local Socks5 server written in python, used for integrating Multi-hop

proxy-Zata proxy-Zata v1.0 This is a local Socks5 server written in python, used for integrating Multi-hop (Socks4/Socks5/HTTP) forward proxy then pro

4 Feb 24, 2022

A small Python Script To get all levels of subdomains from a list

getlevels A small Python Script To get all levels of subdomains Easily get 1st level, 2nd level, 3rd level, 4th level .... nth level subdomains Usag

9 Feb 15, 2022

Apache OFBiz rmi反序列化EXP(CVE-2021-26295)

Apache OFBiz rmi反序列化EXP(CVE-2021-26295) 目前仅支持nc弹shell 将ysoserial.jar放置在同目录下，py3运行，根据提示输入漏洞url，你的vps地址和端口第二次使用建议删除exp.ot 本工具仅用于安全测试，禁止未授权非法攻击站点，否则后果自负

15 Nov 09, 2022

CVE-2021-41773 Path Traversal for Apache 2.4.49

3 Oct 20, 2021

script that pulls cve collections from NVD.NIST.GOV.

# cvepull.py #script that pulls cve collections from NVD.NIST.GOV. #edit line 17 (timedelta) number to change the amount of days to search backwards

1 Dec 18, 2021

This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit

CVE-2021-40444 builders This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit. This repo is just for testing, re

168 Nov 09, 2022

Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.

Log4jScanner Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains. Disc

35 Dec 12, 2022