Valentin Lobstein (@Chocapikk)
  • Stars
    star
    1,334
  • Global Rank 23,260 (Top 0.9 %)
  • Followers 542
  • Following 131
  • Registered over 3 years ago
  • Most used languages
    Python
    86.1 %
    PHP
    5.1 %
    Shell
    3.8 %
    Go
    1.3 %
    Ruby
    1.3 %
    HTML
    1.3 %
    Lua
    1.3 %
  • Location 🇫🇷 France
  • Country Total Rank 63,269
  • Country Ranking
    Python
    102
    Lua
    699
    Ruby
    1,203
    PHP
    1,885
    Shell
    2,221
    Go
    2,261
    HTML
    2,662

Top repositories

1

CVE-2023-29357

Microsoft SharePoint Server Elevation of Privilege Vulnerability
Python
224
star
2

CVE-2024-25600

Unauthenticated Remote Code Execution – Bricks <= 1.9.6
Python
146
star
3

CVE-2023-22515

CVE-2023-22515: Confluence Broken Access Control Exploit
Python
127
star
4

CVE-2024-3273

D-Link NAS CVE-2024-3273 Exploit Tool
Python
90
star
5

CVE-2023-6553

Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution
Python
71
star
6

CVE-2024-36401

GeoServer Remote Code Execution
Python
71
star
7

CVE-2023-4966

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.
Python
70
star
8

CVE-2024-21887

A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
Python
50
star
9

CVE-2024-34102

CosmicSting (CVE-2024-34102)
Python
37
star
10

CVE-2024-8504

VICIdial Unauthenticated SQLi to RCE Exploit (CVE-2024-8503 and CVE-2024-8504)
Python
37
star
11

CVE-2024-27198

Proof of Concept for Authentication Bypass in JetBrains TeamCity Pre-2023.11.4
Python
32
star
12

LFIHunt

Advanced Tool To Scan And Exploit Local File Inclusion (LFI) Vulnerabilities
Python
31
star
13

CVE-2024-4577

PHP CGI Argument Injection vulnerability
Python
29
star
14

CVE-2024-21893-to-CVE-2024-21887

CVE-2024-21893 to CVE-2024-21887 Exploit Toolkit
Python
25
star
15

CVE-2024-1212

Unauthenticated Command Injection In Progress Kemp LoadMaster
Python
14
star
16

CVE-2023-50917

MajorDoMo Unauthenticated RCE: Deep Dive & Exploitation Techniques
Python
14
star
17

CVE-2024-29269

An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.
Python
13
star
18

CVE-2023-30943

A Python-based tool to detect the CVE-2023-30943 vulnerability in Moodle, which allows unauthorized folder creation via specially crafted requests in TinyMCE loaders.
Python
12
star
19

CVE-2024-3400

Python
11
star
20

CVE-2023-46805

Ivanti Pulse Secure CVE-2023-46805 Scanner - Based on Assetnote's Research
Python
11
star
21

CVE-2023-51467

Apache OfBiz Auth Bypass Scanner for CVE-2023-51467
Python
10
star
22

CVE-2023-22527

Atlassian Confluence - Remote Code Execution
Python
9
star
23

CVE-2023-5360

Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: CVE-2023-5360.
Python
9
star
24

CVE-2024-7954

Unauthenticated Remote Code Execution in SPIP versions up to and including 4.2.12
Python
9
star
25

CVE-2024-20767

Exploit Toolkit for Adobe ColdFusion CVE-2024-20767 Vulnerability
Python
8
star
26

CVE-2024-8517

SPIP BigUp Plugin Unauthenticated RCE
Python
8
star
27

LeakPy

LeakIX API Client/lib
Python
7
star
28

Balgo-Crypter

Balgo Crypter is a Xor encoded payload generation utility with hexadecimal.
Python
7
star
29

CVE-2024-5084

Hash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated Arbitrary File Upload to Remote Code Execution
Python
6
star
30

CVE-2023-27372

SPIP Vulnerability Scanner - CVE-2023-27372 Detector
Python
6
star
31

Ghost-Framework

Modified Version of Ghost Framework
Python
5
star
32

CVE-2024-45519

Zimbra - Remote Command Execution (CVE-2024-45519)
Python
5
star
33

CVE-2024-22899-to-22903-ExploitChain

Comprehensive Exploit Chain for Multiple Vulnerabilities in VinChin Backup & Recovery <= 7.2
Python
5
star
34

CVE-2017-9841

PHPUnit RCE
Python
4
star
35

CVE-2022-27925-Revshell

Python Script to exploit Zimbra Auth Bypass + RCE (CVE-2022-27925)
Python
4
star
36

CVE-2022-40684

Fortinet Critical Authentication Bypass Vulnerability (CVE-2022-40684) [ Mass Exploit ]
Python
4
star
37

CVE-2022-1388

CVE-2022-1388 | F5 - Big IP Pre Auth RCE via '/mgmt/tm/util/bash' endpoint
Python
4
star
38

CVE-2024-31819

Unauthenticated Remote Code Execution (RCE) Vulnerability in WWBNIndex Plugin of AVideo Platform from 12.4 to 14.2
Python
4
star
39

CVE-2023-35885

CloudPanel 2 Remote Code Execution Exploit
PHP
3
star
40

CVE-2022-26134

CVE-2022-26134 - Pre-Auth Remote Code Execution via OGNL Injection
Python
3
star
41

CVE-2022-31814

pfBlockerNG <= 2.1.4_26 Unauth RCE (CVE-2022-31814)
Python
3
star
42

dorkscanner

Python
3
star
43

CVE-2023-3519

Citrix ADC RCE CVE-2023-3519
Python
3
star
44

CTF-Challenges

This repo contains challenges I made to train my friends
PHP
3
star
45

CVE-2022-29303

Python script to exploit CVE-2022-29303
Python
3
star
46

My-CVEs

List of my CVEs
3
star
47

CVE-2023-1698

WAGO Remote Exploit Tool for CVE-2023-1698
Python
3
star
48

CVE-2023-28432

Automated vulnerability scanner for CVE-2023-28432 in Minio deployments, revealing sensitive environment variables.
Python
3
star
49

CyberPanel

CyberPanel v2.3.6 Pre-Auth RCE Exploit Tool
Python
3
star
50

msf-exploit-collection

✪ Collection of Metasploit Modules ✪
Ruby
3
star
51

CVE-2022-29464

Python script to exploit CVE-2022-29464 (mass mode)
Python
2
star
52

NmapWeb-Choca

Use nmap from Flask App (testing purpose)
HTML
2
star
53

CVE-2021-46422

Telesquare SDT-CW3B1 1.1.0 - OS Command Injection
Python
2
star
54

PersonalRobloxScripts

Here is my personal exploits
Lua
2
star
55

CVE-2023-33617

Authenticated OS command injection vulnerability (CVE-2023-33617)
Python
2
star
56

CVE-2022-22954

Python script to exploit CVE-2022-22954 and then exploit CVE-2022-22960
Python
2
star
57

SQLI-DIOS

Created SQLI DIOS
2
star
58

CVE-2022-30525-Reverse-Shell

Simple python script to exploit CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection
Python
2
star
59

BalgoFuckerrrr

SSH Botnet remastored by Balgo Security and mindfuckerrrr
Python
2
star
60

CVE-2021-41773

Python
2
star
61

CVE-2021-35064

Python script to exploit CVE-2021-35064 and CVE-2021-36356
Python
2
star
62

CVE-2022-44877

Bash Script for Checking Command Injection Vulnerability on CentOS Web Panel [CWP] (CVE-2022-44877)
Shell
2
star
63

VSCode-Config-File-Parser

This program is designed to parse Visual Studio Code configuration files (sftp.json) that may be exposed on the internet
Python
2
star
64

CVE-2022-39952

PoC for CVE-2022-39952 affecting Fortinet FortiNAC.
Python
2
star
65

CVE-2022-29455

DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions.
Python
2
star
66

CVE-2022-36804-ReverseShell

PoC exploit for CVE-2022-36804 (BitBucket Critical Command Injection)
Python
2
star
67

CVE-2023-35082

Remote Unauthenticated API Access Vulnerability in MobileIron Core 11.2 and older
Python
2
star
68

CVE-2023-38646

Remote Code Execution on Metabase CVE-2023-38646
Python
2
star
69

pentest-reseau

Projet de pentest réseau automatisé
Python
2
star
70

CVE-2023-36846

Remote Code Execution on Junos OS CVE-2023-36846
Python
2
star
71

CVE-2019-19492

FreeSWITCH Exploit (CVE-2019-19492)
Python
2
star
72

PythonRAT

botnet
Python
1
star
73

GithubBackup

GitHub Backup Script
Shell
1
star
74

Shells

PHP
1
star
75

onelinepy

Python
1
star
76

MultiPwn

Python
1
star
77

Piano-Tiles-Bot

My own Bot to cheat on Piano Tiles
Python
1
star
78

projet_selinux

Projet SELinux
Shell
1
star
79

sinkhole

Sinkhole for my school project
Python
1
star
80

ssl_explorer

A CLI Tool for Extracting Server Ownership Clues from SSL/TLS Certificates
Go
1
star
81

lfi-training

LFI Challenge - Capture The Flag (CTF)
PHP
1
star