Antonio Francesco Sardella's repositories
CTF-Writeups
Bunch of CTF writeups.
gitlab_rce_cve-2022-2884
Exploits GitLab authenticated RCE vulnerability known as CVE-2022-2884.
spring-break_cve-2017-8046
This is a Java program that exploits Spring Break vulnerability (CVE-2017-8046).
SpringBreakVulnerableApp
WARNING: This is a vulnerable application to test the exploit for the Spring Break vulnerability (CVE-2017-8046). Run it at your own risk!
data-grabber
This is a simple PHP script that can be used as a cookie grabber / session stealer. It uses MySQL to store data in a structured way.
wordpress_cve-2018-6389
Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service.
cacti-rce-cve-2022-46169-vulnerable-application
WARNING: This is a vulnerable application to test the exploit for the Cacti command injection (CVE-2022-46169). Run it at your own risk!
struts2_cve-2017-5638
This is a sort of Java porting of the Python exploit at: https://www.exploit-db.com/exploits/41570/.
AltoroJ
WARNING: This app contains security vulnerabilities. AltoroJ is a sample banking J2EE web application. It shows what happens when web applications are written with consideration of app functionality but not app security. It's a simple and uncluttered platform for demonstrating and learning more about real-life application security issues.
AltoroMutual-OWASP-ZAP-Context
Altoro Mutual OWASP ZAP Context file
massive-appscan-prepare
This is a Python 2.7 script that can be used to launch massive 'appscan prepare' commands.
massive-git-clone
This is a Python 2.7 script that can be used to clone several Git repositories defined, via URL, into a text file.
cacti-rce-snmp-options-vulnerable-application
WARNING: This is a vulnerable application to test the exploit for the Cacti command injection (CVE-2023-39362). Run it at your own risk!
ctf-rsa-breaker
This is a Python 2.7 script that can be used to solve RSA challenges in CTFs.