Docker Remote API Scanner and Exploit

All about bug bounty (bypasses, payloads, and etc)

CVE-2023-32233: Linux内核中的安全漏洞

CVE-2023-0386在ubuntu22.04上的提权

Basic PoC for CVE-2023-27524: Insecure Default Configuration in Apache Superset

File upload vulnerability scanner and exploitation tool.

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

针对（CVE-2023-0179）漏洞利用 该漏洞被分配为CVE-2023-0179，影响了从5.5到6.2-rc3的所有Linux版本，该漏洞在6.1.6上被测试。 漏洞的细节和文章可以在os-security上找到。

HULK DoS tool ported to Go with some additional features.

Create spinning prize wheels on HTML canvas with Winwheel.js

A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager

Linux privilege escalation auditing tool

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

CVE-2021-4034 1day

Source code for Eat The Blocks, a screencast for Ethereum Dapp Developers

HashLips Art Engine is a tool used to create multiple different instances of artworks based on provided layers.

🔖 Decentraland Marketplace Contracts

Privilege escalation with polkit - CVE-2021-3560

BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator r…

The classic email sending library for PHP

Bruteforce attack for Instagram

Sudo Baron Samedit Exploit

PoC for CVE-2021-3156 (sudo heap overflow)