A PoC for the Bamboo deserialization exploit (CVE-2015-6576), Bamboo is a continous build server from Atlassian. introduction Deserialization Vulnerabilities in Java : Deserialization vulnerabilities in…
Changelog v20/11/2015: + adding obfuscation to VBA Signature based spam filters (seen in gmail and office365) flag macros with the word “powershell”. Splitting up the…
The INURLBR tool was developed aiming to meet the need of Hacking community. Purpose: Make advanced searches to find potential vulnerabilities in web applications known…
Application for launching two different process in two shell configurable. The first process is a TCP server application exploited by the second process. How it…
Latest Change : + support full attacker path recognition on plugins change attacker filepath transformer from os.path.abspath() to utils.path.truepath(), which also supports expanduser() and expandvars()….
Example of Linux buffer overflow attack. To start practicing injecting shell code in this repo you have: + shellcode.asm – simple asm code that print…
Java Deserialization Exploit is A tool which weaponizes frohoff’s original ysoserial code to gain a remote shell on vulnerable Linux machines. This tool builds upon…
Changelog v 11/17/2015: + Fixed bug in set port. Load can now handle full paths to modules. Added Netgear auth bypass exploit for N300 routers….