😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!

burpsuite extension for check unauthorized vulnerability

Apache HugeGraph Server Unauthenticated RCE - CVE-2024-27348 Proof of concept Exploit

A Python script to extract the list of users of a GiTea instance, unauthenticated or authenticated.

DroidSniper - Misconfigured Android Debug Bridge Scanner

Kumpulan Exploit Wordpress Plugins + Tools + and cara penggunaannya

Perform With Massive Openfire Unauthenticated Users

CVE-2023-26269: Misconfigured JMX in Apache James

Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE).

Python scripts to find ADCS servers on a network without any credentials.

A light & organized Python module built with the sole purpose of extracting a Twitter user-object while conforming to Tweepy standards, all without using Twitter's authenticated API.

This will check if your server is vulnerable to SMBGhost, and partially mitigate it

NTP is not authenticated... but trusted

MAL-004: Command Injection Bypass for CVE-2020-12641 in Roundcube Webmail

MAL-012: Reflected Cross-Site Scripting in Admin Console leading to Remote Code Execution in Payara Server

CVE-2021-46362: FreeMarker Server-Side Template Injection in Magnolia CMS

Case Study: SSHtranger Things (CVE-2019-6111, CVE-2019-6110) in Cisco SD-WAN

CVE-2020-12641: Command Injection via “_im_convert_path” Parameter in Roundcube Webmail

CVE-2019-12401: XML Bomb in Apache Solr

Unauthenticated SQL injection exploit for CVE-2019-9053 in CMS Made Simple <= 2.2.9. Extracts admin creds with time-based SQLi.