Sherlock Secure's repositories
VMware-CVE-2022-22954
POC for VMWARE CVE-2022-22954
CVE-2022-1388-Exploit-POC
PoC for CVE-2022-1388_F5_BIG-IP
Microsoft-CVE-2022-26809-The-Little-Boy
The poc for CVE-2022-26809 RCE via RPC will be updated here.
Log4j-Detector
This script will help you to automate exploit scanning againts a list of URL's
OpenRedireX
A Fuzzer for OpenRedirect issues
aws-report
AWS Report is a tool for analyzing amazon resources.
sql-injection-payload-list
🎯 SQL Injection Payload List
broken-link-checker
Find broken links, missing images, etc within your HTML.
JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
attacking-and-auditing-docker-containers-and-kubernetes-clusters
Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters
breaking-and-pwning-apps-and-servers-aws-azure-training
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
CVE-2020-1206-POC
CVE-2020-1206 Uninitialized Kernel Memory Read POC
ImageMagick-POC
ImageMagick LFI PoC [CVE-2022-44268]
IPRotate_Burp_Extension
Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
IVR-PHISHING-FRAMEWORK
IVR-PHISHING-FRAMEWORK
log4shell-vulnerable-app
A Basic Java Application Vulnerable to the Log4Shell RCE
ParamSpider
Mining parameters from dark corners of Web Archives
postMessage-tracker
A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
SherlockPortals
A simple python script to check if a domain is using external services like Zendesk, OneDirect, Freshwork, Freshdesk