PoC
mad-metasploit
| PoC | mad-metasploit | |
|---|---|---|
| 10 | 1 | |
| 788 | 371 | |
| - | - | |
| 5.3 | 10.0 | |
| 3 months ago | over 1 year ago | |
| Ruby | Ruby | |
| GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
PoC
- Unauthenticated Remote Code Execution in Cisco Nexus Dashboard Fabric Controller (formerly DCNM) using a vulnerability in 2017 in 2022 (it wasn't patched prior March 2021)
- Cisco Nexus Dashboard Fabric Controller unauth web-to-root shell
-
Windows filehosting
And the fix that they couldn't be bothered to implement? Literally one line of code.
- Pre-auth WAN remote root for Cisco RV340 VPN Gateway Router
- “Podem tomar o controlo da sua TV e espiá-lo com a câmara e o microfone”. Ataque à Vodafone analisado por um dos maiores ‘hackers’ do mundo
- RCE vulnerability in TIBCO Data Virtualization
- Pwning Cisco ISE: from XSS to a root shell (w/ exploit video)
- Command Injection and SQL Injection Vulnerabilities in Micro Focus Operations Bridge Reporter (CVE-2021-22502)
- Unauth cmd injection as root on login / logout (plus other hilarious vulns) in Micro Focus Operations Bridge Reporter
-
How We Hacked a TP-Link Router and Took Home $55.000 in Pwn2Own
If you already have a day job in security, the $500 the manufacturer will give you won't give you a big boost. I prefer to drop the advisory and exploit after they fixed it even if I don't get money, as that gives me more street credz amongst the hacker crowd. See my github for examples: https://github.com/pedrib/PoC
mad-metasploit
What are some alternatives?
CVE-2021-36260 - command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
Anti-Virus-Evading-Payloads - During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!
dawnscanner - Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
awesome-pentest - A collection of awesome penetration testing resources, tools and other shiny things
WhatWeb - Next generation web scanner
WebHackersWeapons - ⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
evil-winrm - The ultimate WinRM shell for hacking/pentesting