Нуки's repositories
AMSI-BYPASS
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
AVEvasionCraftOnline
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
BlueDucky
🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)
CVE-2024-21345
Proof-of-Concept for CVE-2024-21345
CVE-2024-21683-RCE
CVE-2024-21683 Post Auth RCE
CVE-2024-22026
Exploit POC for CVE-2024-22026 affecting Ivanti EPMM "MobileIron Core"
CVE-2024-22120-RCE
Time Based SQL Injection in Zabbix Server Audit Log --> RCE
CVE-2024-26026
CVE-2024-26026: BIG-IP Next Central Manager API UNAUTHENTICATED SQL INJECTION
CVE-2024-26218
Proof-of-Concept for CVE-2024-26218
CVE-2024-27130
PoC for CVE-2024-27130
CVE-2024-27956-RCE
PoC for SQL Injection in CVE-2024-27956
CVE-2024-31848-PoC
PoC for Exploiting CVE-2024-31848/49/50/51 - File Path Traversal
Damn-Vulnerable-Drone
Damn Vulnerable Drone is an intentionally vulnerable drone hacking simulator based on the popular ArduPilot/MAVLink architecture, providing a realistic environment for hands-on drone hacking.
Decrypt-XWormV5.2
This project serves the purpose of decrypting encrypted settings within XClient.exe. It decrypts AES-encrypted data stored as static string variables, revealing the settings upon decryption.
Deserialize-Signature-Vulnerability-in-Bitcoin-Network
In this study, we will look at the DeserializeSignature vulnerability, discovered in 2023, which allows attackers to create invalid signatures that can be accepted as valid by the Bitcoin network.
ELFieScanner
A C++ tool for process memory scanning & suspicious telemetry generation that attempts to detect a number of malicious techniques used by threat actors & those which have been incorporated into open-source user-mode rootkits.
git_rce
Exploit PoC for CVE-2024-32002
hook
Hook for the PoC for exploiting CVE-2024-32002
Kematian-Stealer
The best and completely open source Stealer
lokpack
Ransomware tooling for x84_64 Linux
netnuker
netnuker is a tool built in Python3 that uses TCP Syn Flooding and Slowloris HTTP for DoS attacks, and nmap and a custom sub directory brute forcer, subdestroyer.py for sub directory brute forcing.
No_X_Memory_ShellCodeLoader
无可执行权限加载 ShellCode (点点 Star,非常感谢!)
PolyFU
Polyglot file generator to bypass the file content validation from an webserver
PyinMemoryPE
load PE in memory Filelessly
rasberry-lie
a tool that will flood deauth packets to all wifi until control + c is pressed
ring3-hidden
Hide processes, files, services in ring3
sppen
Malware and malicious applications database
spy-py
The ultimate Python spyware
SPYMAX-Rat
spymax free download
WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956
WordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries