• Stars
    star
    2
  • Language
    Python
  • Created over 1 year ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

In some cases the Miscorosoft HTTP Server API leaks internal ip addresses while sending a GET / HTTP/1.0 request to the server.

More Repositories

1

spyhunt

recon for bug hunters
Python
470
star
2

Gsec

Web Security Scanner
Python
302
star
3

forbiddenpass

Python
148
star
4

valhalla

Valhalla finds vulnerable devices on shodan, it can also scan a list of domains to find vulnerabilities.
Python
37
star
5

IGF

Informatrion Gathering Framework
Python
20
star
6

DeepWeb

DeepWeb is a tool that extracts links from a webpage and does a deep analysis on every link.
Python
15
star
7

wpdisect

WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.
Python
12
star
8

CVE-2024-4577

Argument injection vulnerability in PHP
Python
10
star
9

vulnparams

crawl a website for links and expose all the vulnerable parameters.
Python
9
star
10

CVE-2024-4040

A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.
Python
9
star
11

subdomainbrute

a subdomain brute forcer
Python
6
star
12

VulnBanner

Checks the banner of system services and compares it to a vulnerable banner list.
Python
6
star
13

PathTraversal

Python
6
star
14

gotasn

Extract the IP range associated with a given ASN (Autonomous System Number) and subsequently utilize the Masscan tool to identify open HTTP ports within that range.
Python
6
star
15

gotr00t0day

6
star
16

SSHbrute

brute force ssh login passwords.
Python
6
star
17

rmap

Automated enumeration for red teamers
Python
5
star
18

subrecon

scans for subdomains and probes the domains.
Python
4
star
19

b1n4ryR3v3rs3

Shell
4
star
20

gotr00tbot

discord.py bot
Python
4
star
21

GdorkSearch

Python
3
star
22

FindExploits

FindExploits is an automation script that uses windows exploit suggester in conjuction with searchsploit to find local priv escalation exploits.
Python
3
star
23

Domainator

Domainator is a tool that will find new assets for any organization.
Python
3
star
24

spider00t

Extract links, files and parameters from a page.
Python
3
star
25

secheaders

Python
3
star
26

ipgeolocation

Python
3
star
27

xprobe

A fast HTTP multi tool for recon.
Python
2
star
28

Ivanti_PoC

Authentication bypass in Ivanti Endpoint Manager Mobile
Python
2
star
29

HostHeaderInjection

Python
2
star
30

CVE-2022-1388

A remote code execution vulnerability exists in the iControl REST API feature of F5's BIG-IP product. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands with root privileges.
Python
2
star
31

CVE-2024-28995

SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
Python
1
star
32

NextGen-Mirth-Connect-Exploit

A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application.
Python
1
star
33

gotr00t0day.github.io

HTML
1
star
34

DirbHunt

A fast and simple directory brute forcer
Python
1
star