WARNING: This is a vulnerable application to test the exploit for the Cacti command injection (CVE-2023-39362). Run it at your own risk!

A Simple CTF Challenge that expects user to see Client Side Login Algorithm, Path Traversal and Command Injection

CVE-2020-8250: Privilege Escalation via Command Injection in Pulse Secure VPN Linux Client

mpsl exploit mirai rce command injection iot firmware poc

MalTrail - Command Injection / RCE

[Sunrin Security Project] Command Injection Static Analyzer with IDAPython

This script will prepare some tmux session precompiled to test command injection on some web page parameter (on a GET or POST request).

Proxy сервер

This is a project involving the setting up a penetration testing environment using Kali Linux and Metasploitable2 to practice and exploit common vulnerabilities such as SQL Injection, Command Injection, and Cross-Site Scripting (XSS). Tools used include Nmap, BurpSuite, and SQLmap.

A PoC exploit for CVE-2022-33891 - Apache Spark UI Remote Code Execution (RCE)

Exploit toolkit for old ip cameras. Inspired by Black Hat 2013 - Exploiting Network Surveillance Cameras Like a Hollywood Hacker

WARNING: This is a vulnerable application to test the exploit for the Cacti command injection (CVE-2022-46169). Run it at your own risk!

Flask Powered Vulnerable Image Generator

The first in a series of four machines, each pen-tested and explained.

A PoC exploit for CVE-2024-3273 - D-Link Remote Code Execution RCE

This python script utilises Scapy to hijack a Telnet session for monitoring or command injection.

Vulnerabilities scanner tool

An advanced RCE tool tailored for exploiting a vulnerability in Cacti v1.2.22. Crafted with precision, this utility aids security researchers in analyzing and understanding the depth of the CVE-2022-46169 flaw. Use responsibly and ethically.

Tool for exploiting file upload vulnerabilities in DVWA (Damn Vulnerable Web Application).