渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Authentication bypass for outdated WoW emulation authentication servers
NextSploit is a command-line tool designed to detect and exploit CVE-2025-29927, a security flaw in Next.js
Exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
Authentication Bypass Vulnerability — CVE-2024–4358 — Telerik Report Server 2024
🛡️ **Web Penetration Testing** is the process of testing websites or web apps for security flaws. 🔍 It helps find vulnerabilities like SQL injection, XSS, and authentication bypass. 🚨 Used to protect data, improve security, and prevent hacking attacks.
A PoC exploit for CVE-2023-51467 - Apache OFBiz Authentication Bypass
Hack Karadeniz 2022 CyberCafe sorusu için yazdığım writeup
This repository contains a basic custom lab environment designed to demonstrate and explore SQL injection vulnerabilities. The lab provides a hands-on learning experience to understand the risks associated with insecure coding practices and the impact of SQL injection attacks on web applications.
The Vulnerability of GoAhead Service on VStarcam C34S-X4 that allows you to download system.ini configuration file and get login and password.
WARNING: This is a vulnerable application to test the exploit for the Really Simple Security < 9.1.2 authentication bypass (CVE-2024-10924). Run it at your own risk!
A stealth SSH backdoor leveraging PAM shared object (.so) injection to bypass authentication and gain SSH access.
A PoC exploit for CVE-2024-27198 - JetBrains TeamCity Authentication Bypass
It is a simple password brute force tool designed for ethical hacking and security testing. Automates the process of selecting passwords for a given user on a website by sending POST requests with different passwords and analyzing the response.
A Python tool for decrypting passwords hashed with the AuthMe SHA256 algorithm. Ideal for penetration testing and security audits on Minecraft servers using the AuthMe authentication plugin.
Exploits for CVE-2020-9376 and CVE-2020-9377
Perfom With Massive Authentication Bypass In PaperCut MF/NG
This repository details an IDOR vulnerability in AbsysNet 2.3.1, which allows a remote attacker to brute-force session IDs via the /cgi-bin/ocap/ endpoint. Successful exploitation can compromise active user sessions, exposing authentication tokens in HTML. The attack is limited to active sessions and is terminated if the user logs out.
Apache Superset - Authentication Bypass
foundryvtt admin authentication bypass POC exploit
Add a description, image, and links to the authentication-bypass topic page so that developers can more easily learn about it.
To associate your repository with the authentication-bypass topic, visit your repo's landing page and select "manage topics."