Drupalgeddon2
cve
| Drupalgeddon2 | cve | |
|---|---|---|
| 2 | 13 | |
| 562 | 6,100 | |
| - | 1.9% | |
| 0.0 | 9.7 | |
| over 3 years ago | 4 days ago | |
| Ruby | HTML | |
| - | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Drupalgeddon2
-
Automating SQL injection for the exam
Looking at https://github.com/dreadlocked/Drupalgeddon2 : this is an exploit for a particular CVE. Although it is is quite expansive in automating how the exploit should be executed depending on the Drupal version, I do not believe this classifies as automated exploitation as it deals with one particular CVE.
-
drupalgeddon2 is it allowed on the exam?
I am referring to this:https://github.com/dreadlocked/Drupalgeddon2
cve
-
Strange subdomain found during nmap scan
Did you try using https://trickest.com?
- A folosit cineva până acum Trickest?
- CVE POCs
- windows exploit dev ctfs
- Asking for Advice - How can we find Linux N-days to develop exploits for?
-
[Help] I'm looking for a downloadable list of all CVEs including vulnerability
Anyhow, these project might help: - https://cve-search.github.io/cve-search/ - https://github.com/trickest/cve/ - https://github.com/ChrisIvie/offline-cve - https://avleonov.com/2017/10/03/downloading-and-analyzing-nvd-cve-feed/ - opencve.io
- Awesome Hacker Search Engines
-
PoC available for CVE's
https://github.com/trickest/cve this repo might have what you want
- A constantly updated collection of almost every publicly available CVE PoC
What are some alternatives?
docker-compose-drupal - Drupal 8 Docker Compose dev stack.
CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera - 🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337
Discord-Cache-Exploit-POC - Exploit Discord's cache system to remote upload payloads on Discord users machines [Moved to: https://github.com/ecriminal/Exploit-Discord-Cache-System-PoC]
nuclei-templates - Community curated list of templates for the nuclei engine to find security vulnerabilities.
discord-zeroclick-exploit - Discord client zero-click RCE
CVE-2021-4034 - PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
cervantes - Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.
A-Red-Teamer-diaries - RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
unikernels - State of the art for unikernels
fleet - A flexible control server for osquery fleets
CVE-2021-44228-PoC-log4j-bypass-words - 🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
Google-Dorks-Simplified - Best Resource for learning Google Dorks