😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!

burpsuite extension for check unauthorized vulnerability

Apache HugeGraph Server Unauthenticated RCE - CVE-2024-27348 Proof of concept Exploit

A Python script to extract the list of users of a GiTea instance, unauthenticated or authenticated.

DroidSniper - Misconfigured Android Debug Bridge Scanner

Kumpulan Exploit Wordpress Plugins + Tools + and cara penggunaannya

Perform With Massive Openfire Unauthenticated Users

CVE-2023-26269: Misconfigured JMX in Apache James

Python scripts to find ADCS servers on a network without any credentials.

Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE).

A light & organized Python module built with the sole purpose of extracting a Twitter user-object while conforming to Tweepy standards, all without using Twitter's authenticated API.

NTP is not authenticated... but trusted

This will check if your server is vulnerable to SMBGhost, and partially mitigate it

MAL-004: Command Injection Bypass for CVE-2020-12641 in Roundcube Webmail

Case Study: SSHtranger Things (CVE-2019-6111, CVE-2019-6110) in Cisco SD-WAN

CVE-2020-13965: Cross-Site Scripting via Malicious XML Attachment in Roundcube Webmail

CVE-2019-12409: RCE Vulnerability Due to Bad Defalut Config in Apache Solr

MAL-012: Reflected Cross-Site Scripting in Admin Console leading to Remote Code Execution in Payara Server

Unauthenticated SQL injection exploit for CVE-2019-9053 in CMS Made Simple <= 2.2.9. Extracts admin creds with time-based SQLi.

CVE-2019-14223: Open Redirect in Alfresco Share