• Stars
    star
    7
  • Rank 2,294,772 (Top 46 %)
  • Language
  • License
    Creative Commons ...
  • Created about 2 years ago
  • Updated about 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

ElasticSearch exploit and Pentesting guide for penetration tester

More Repositories

1

ICS-Pentesting-Tools

A curated list of tools related to Industrial Control System (ICS) security and Penetration Testing
222
star
2

smartrecon

smartrecon is a powerful shell script to automate the recon and finding common vulnerabilities for bug hunter
Shell
82
star
3

cloud-penetration-testing

A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud
58
star
4

Ransomware-Samples

Small collection of Ransomware organized by family.
48
star
5

bug-bounty-writeups

A curated list of available Bug Bounty & Disclosure Programs and Write-ups.
34
star
6

exchange-penetration-testing

The great Microsoft exchange hack: A penetration tester’s guide (exchange penetration testing)
PowerShell
29
star
7

Apache-Tomcat-Pentesting

Apache Tomcat exploit and Pentesting guide for penetration tester
27
star
8

Penetration-Testing-Interview-Questions

Penetration Testing Interview Questions
23
star
9

wifi-password-stealer

steal saved wifi passwords in a computer & ip of target then report them through email.
Python
17
star
10

Application-Security-Interview-Questions

Here are some common interview questions for an application security position you can review for your own interview, along with example answers
17
star
11

Ransomware

Ransomware Simulator for Blue team ,Ransomware Simulator for Red team ,Ransomware infographic, open source Anti Ransomware, Ransomware As A Service and Ransomware protection technologies
16
star
12

Malware-Analysis

A curated list of awesome malware analysis tools and resources
15
star
13

security-mindmap

This repository stores various roadmap(Mindmaps) for bug bounty Hunter, pentester, offensive(red team), defensive(blue team) and security Professional people
15
star
14

Spring-CVE

This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed "SpringShell".
Python
13
star
15

ProxyShell

CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability
Python
12
star
16

CVE-2022-23131

Zabbix - SAML SSO Authentication Bypass
Python
9
star
17

xmlrpc-exploit

Exploiting the xmlrpc.php on all WordPress versions
9
star
18

FFUF-Tricks

Describe how to use ffuf different options with examples
7
star
19

DDoS-Attack

DDoS Attack and type of ddos attack and ddos mitigation approach
7
star
20

Shodan-Dorks

a curated list of shodan dorks for finding sensitive data in shodan.io
7
star
21

Active-Directory-Attacks

A curated list of awesome Active Directory Penetration Testing and attack resources
6
star
22

DevSecOps

Collection and Roadmap for everyone who wants DevSecOps, contains list of tools and methodologies
6
star
23

Smishing-Botnets

Smishing Botnets Going Viral in Iran
5
star
24

Cyber-Threat-Hunting

A curated list of threat detection and hunting resources
5
star
25

Cloud-Flaws-CTF

flAWS.cloud and flAWS2.cloud Interactive tutorial/CTFs to learn common AWS security mistakes.
5
star
26

Bug-Hunting-Handbook

Bug Hunting Handbook
5
star
27

Nextcloud-Pentesting

Nextcloud exploit and Pentesting guide for penetration tester
5
star
28

Fresh-Resolvers

List of fresh DNS resolvers updated daily
4
star
29

bruteforce-http-authentication

Bruteforce HTTP Authentication. Supports: Basic HTTP authentication ,Digest HTTP authentication
Python
4
star
30

ProxyLogon

ProxyLogon (CVE-2021-26855+CVE-2021-27065) Exchange Server RCE (SSRF->GetWebShell)
Python
4
star
31

RabbitMQ-Pentesting

RabbitMQ exploit and Pentesting guide for penetration tester
4
star
32

CVE-2022-26134

[PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE)
Python
3
star
33

PHP-Interview-Questions

a curated list of php interview questions and answers
3
star
34

cyber-attacks-in-iran

A curated list of awesome cyber attacks in iran, we want to review and explain some advanced attack that happened in iran, in order to learned some security tips.
3
star
35

Webmin-CVE

a Curated list of Webmin vulnerability for penetration tester
Python
3
star
36

open-DNS-resolver

DNS Open resolvers or Open DNS resolver vulnerability are type of DNS amplification attack.
3
star
37

Python-Interview-Questions

a curated list of Python interview questions and answers
2
star
38

CVE-2023-38646

Metabase Pre-auth RCE (CVE-2023-38646)
Python
2
star
39

Gitlab-CVE

a Curated list of gitlab vulnerability
2
star
40

GitLab-SSRF-CVE-2021-22214

POC for CVE-2021-22214: Gitlab SSRF
Python
2
star
41

FortiWeb

FortiWeb is a web application firewall (WAF)
2
star
42

kh4sh3i

1
star
43

CKEditor-Pentesting

1
star
44

Grafana-CVE

a Curated list of Grafana Security Vulnerabilities, CVE & exploit
1
star
45

Favicon-Hash

Calculate Favicon Hash for Shodan
Python
1
star
46

Splunk

a useful tutorial about splunk and security splunk app
1
star
47

97-Tests-for-Authentication-API

97 JSON Tests for Authentication Endpoints
1
star
48

Redis-Pentesting

Redis exploit and Pentesting guide for penetration tester
1
star
49

CVE-2021-30573

Google Chrome Vulnerabilities CVE-2021-30573 allowed a remote attacker to potentially exploit heap corruption
HTML
1
star