mpgn's repositories
CVE-2019-0192
RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl
CVE-2019-7238
🐱💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱💻
CVE-2019-3799
CVE-2019-3799 - Spring Cloud Config Server: Directory Traversal < 2.1.2, 2.0.4, 1.4.6
CVE-2019-9580
CVE-2019-9580 - StackStorm: exploiting CORS misconfiguration (null origin) to gain RCE
CVE-2018-19276
CVE-2018-19276 - OpenMRS Insecure Object Deserialization RCE
DllInjectExec
:syringe: Dll injection for executable file :syringe:
Slanger-RCE
RCE in Slanger using deserialization of Ruby objects
CVE-2018-11686
CVE-2018-11686 - FlexPaper PHP Publish Service RCE <= 2.3.6
copper-jekyll-theme
Copper Jekyll theme - simple and useful
DllInjectService
:syringe: Dll ready to be injected into a service :syringe:
AChat-Reverse-TCP-Exploit
Tested on AChat 0.150 Beta 7 Windows 7/8/10 x86/x64
Invoke-MetasploitPayload
Powershell script to download and kick off Metasploit payloads. Relies on the exploit/multi/scripts/web_delivery metasploit module.
actuator-testbed
A vulnerable application exposing Spring Boot Actuators
discourse-ldap-auth
:cop: Discourse plugin to enable LDAP/Active Directory authentication :cop:
mnk-game-test
Automatic test of the mnk-game
SerialBrute
Java serialization brute force attack tool.
tid-jekyll-theme
TID is a simple and minimalist jekyll theme with tag