ntkscnzv Goto Github PK

-cve-2024-21683-rce-in-confluence-data-center-and-server

This vulnerability allows an unauthenticated attacker to remotely execute arbitrary code on a vulnerable Confluence server. The vulnerability exists due to an improper validation of user-supplied input in the Confluence REST API. This allows an attacker to inject malicious code into the Confluence server, which can then be executed by the server

akamai-security-research

This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.

amsi-bypass

amsi_bypass_in_2023

Amsi Bypass payload that works on Windwos 11

ansible-havoc

Scripts I use to deploy Havoc on Linode and setup categorization and SSL

banshee

Experimental Windows x64 Kernel Rootkit.

blacklotus

BlackLotus UEFI Windows Bootkit

blocklist

boopkit

Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.

bootlicker

A generic UEFI bootkit used to achieve initial usermode execution. It works with modifications.

bypass_av

c2-cloud

The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cloud. It can manage several simultaneous backdoor sessions with a user-friendly interface.

callstackspoofingpoc

C++ self-Injecting dropper based on various EDR evasion techniques.

cameradar

Cameradar hacks its way into RTSP videosurveillance cameras

chaos-rootkit

Now You See Me, Now You Don't

cnext-exploits

Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()

containyourself

A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.

crossc2

generate CobaltStrike's cross-platform payload

curlshell

reverse shell using curl

cve-2020-14947

The official exploit for OCS Inventory NG v2.7 Remote Command Execution CVE-2020-14947

cve-2021-43008-adminerread

Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability

cve-2022-33679

One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html

cve-2022-39952

POC for CVE-2022-39952

cve-2022-44268-imagemagick-arbitrary-file-read-poc

CVE-2022-44268 ImageMagick Arbitrary File Read - Payload Generator

cve-2022-44666

Write-up for another forgotten Windows vulnerability (0day): Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape, which was not fully fixed as CVE-2022-44666 in the patches released on December, 2022.

cve-2023-20198

CVE-2023-20198 Exploit PoC

cve-2023-20198-rce

CVE-2023-20198-RCE, support adding/deleting users and executing cli commands/system commands.

cve-2023-20273

CVE-2023-20273 Exploit PoC

cve-2023-21554-poc

CVE-2023-21554 Windows MessageQueuing PoC，分析见 https://www.zoemurmure.top/posts/cve_2023_21554/

cve-2023-21716

A vulnerability within Microsoft Office's wwlib allows attackers to achieve remote code execution with the privileges of the victim that opens a malicious RTF document. The attacker could deliver this file as an email attachment (or other means).