Drupalgeddon2
one_gadget
Drupalgeddon2 | one_gadget | |
---|---|---|
2 | 1 | |
562 | 1,975 | |
- | - | |
0.0 | 6.0 | |
over 3 years ago | 3 months ago | |
Ruby | Ruby | |
- | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Drupalgeddon2
-
Automating SQL injection for the exam
Looking at https://github.com/dreadlocked/Drupalgeddon2 : this is an exploit for a particular CVE. Although it is is quite expansive in automating how the exploit should be executed depending on the Drupal version, I do not believe this classifies as automated exploitation as it deals with one particular CVE.
-
drupalgeddon2 is it allowed on the exam?
I am referring to this:https://github.com/dreadlocked/Drupalgeddon2
one_gadget
-
Awesome CTF : Top Learning Resource Labs
one_gadget - A tool to find the one gadget execve('/bin/sh', NULL, NULL) call.
What are some alternatives?
docker-compose-drupal - Drupal 8 Docker Compose dev stack.
pwntools - CTF framework and exploit development library
Discord-Cache-Exploit-POC - Exploit Discord's cache system to remote upload payloads on Discord users machines [Moved to: https://github.com/ecriminal/Exploit-Discord-Cache-System-PoC]
pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy
cve - Gather and update all available and newest CVEs with their PoC.
voidnsrun - Run glibc binaries in musl libc Void Linux environment
discord-zeroclick-exploit - Discord client zero-click RCE
gef - GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
volatility - An advanced memory forensics framework
peda - PEDA - Python Exploit Development Assistance for GDB
objection - 📱 objection - runtime mobile exploration