mokeneto's starred repositories
CVE-2024-22274-RCE
PoC - Authenticated Remote Code Execution in VMware vCenter Server (Exploit)
CVE-2024-36991
POC for CVE-2024-36991: This exploit will attempt to read Splunk /etc/passwd file.
CVE-2024-4885
Exploit for CVE-2024-4885
CVE-2024-36401
Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions with multies ways to exploit
CVE-2024-36401
POC for CVE-2024-36401. This POC will attempt to establish a reverse shell from the vlun targets.
CSPTBurpExtension
CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
cnext-exploits
Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()
Voidgate
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
trufflehog
Find and verify secrets
okta-terrify
Okta Verify and Okta FastPass Abuse Tool
CVE-2024-29849
Veeam Backup Enterprise Manager Authentication Bypass (CVE-2024-29849)
certspotter
Certificate Transparency Log Monitor
no-defender
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
GAMADV-XTD3
Command line tool to manage Google Workspace
CVE-2024-3400
CVE-2024-3400
404StarLink
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
keychecker
a key checker for various AI services
CrimsonEDR
Simulate the behavior of AV/EDR for malware development training.
server-side-prototype-pollution
A collection of Server-Side Prototype Pollution gadgets and exploits
lsa-whisperer
Tools for interacting with authentication packages using their individual message protocols
reverse-ssh
Statically-linked ssh server with reverse shell functionality for CTFs and such