Topic: "command-injection"
commixproject/commix
Automated All-in-One OS Command Injection Exploitation Tool.
Language: Python - Size: 6.9 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 5,272 - Forks: 871
payloadbox/command-injection-payload-list
🎯 Command Injection Payload List
Size: 23.4 KB - Last synced at: 4 days ago - Pushed at: 11 months ago - Stars: 3,309 - Forks: 699
arch3rPro/PentestTools
Awesome Pentest Tools Collection
Size: 17 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 1,285 - Forks: 283
hansmach1ne/LFImap
Local File Inclusion discovery and exploitation tool
Language: Python - Size: 517 KB - Last synced at: 10 days ago - Pushed at: 5 months ago - Stars: 309 - Forks: 39
paralax/lfi-labs
small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns
Language: PHP - Size: 29.3 KB - Last synced at: over 1 year ago - Pushed at: over 4 years ago - Stars: 302 - Forks: 81
dragonked2/Egyscan
Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
Language: Python - Size: 212 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 250 - Forks: 46
yuriisanin/CVE-2022-45025
[PoC] Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)
Size: 12.4 MB - Last synced at: 10 months ago - Pushed at: over 2 years ago - Stars: 89 - Forks: 20
jackaduma/NLP4CyberSecurity
NLP model and tech for cyber security tasks
Language: Jupyter Notebook - Size: 89.8 MB - Last synced at: about 1 month ago - Pushed at: about 2 years ago - Stars: 87 - Forks: 27
TrixSec/waymap
Waymap is a fast and optimized web vulnerability scanner built for penetration testers. It helps in identifying vulnerabilities by testing against various payloads.
Language: Python - Size: 4.69 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 75 - Forks: 6
omurugur/OS_Command_Payload_List
OS Command Injection Vulnerability Payload List
Size: 76.2 KB - Last synced at: about 2 years ago - Pushed at: over 4 years ago - Stars: 33 - Forks: 20
vladan-stojnic/ML-based-WAF
Simple machine learning based web application firewall (WAF) created in python
Language: Jupyter Notebook - Size: 16.8 MB - Last synced at: about 2 years ago - Pushed at: almost 5 years ago - Stars: 27 - Forks: 10
dogancanbakir/metamaska
μετάμάσκα - malevolent payload classifier
Language: Jupyter Notebook - Size: 30.2 MB - Last synced at: 12 days ago - Pushed at: almost 2 years ago - Stars: 24 - Forks: 2
UNICORDev/exploit-CVE-2022-25765
Exploit for CVE-2022–25765 (pdfkit) - Command Injection
Language: Python - Size: 42 KB - Last synced at: 14 days ago - Pushed at: 5 months ago - Stars: 23 - Forks: 3
JackDoan/TP-Link-ArcherC5-RCE
CVE-2018-19537
Language: Python - Size: 36.1 KB - Last synced at: almost 2 years ago - Pushed at: over 6 years ago - Stars: 18 - Forks: 5
ThatNotEasy/CVE-2023-34960
Perform with Massive Command Injection (Chamilo)
Language: Python - Size: 61.5 KB - Last synced at: over 1 year ago - Pushed at: almost 2 years ago - Stars: 16 - Forks: 8
Traumatism/raycharles
Blind RCE fuzzer
Language: Python - Size: 4.5 MB - Last synced at: 3 months ago - Pushed at: almost 2 years ago - Stars: 16 - Forks: 3
gigaryte/cve-2022-31898
Exploit POC code for CVE-2022-31898, a command injection for GL-iNet routers with firmware below 3.215
Language: Python - Size: 16.6 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 15 - Forks: 5
abrahim7112/hackers_CVE_2023_poc
The largest hacking program with new tools CVE-2023-PoC for the year 2023 It contains all the attack and exploitation tools for testing websites, as well as a graphical interface to facilitate its use for beginners
Language: Python - Size: 17.1 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 12 - Forks: 2
hartwork/antijack
:ninja: seccomp-based anti-TTY-hijacking proof-of-concept (prevents TIOCSTI and TIOCLINUX)
Language: C - Size: 70.3 KB - Last synced at: about 2 months ago - Pushed at: 7 months ago - Stars: 11 - Forks: 0
twseptian/cve-2022-22947
Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)
Language: Dockerfile - Size: 26.5 MB - Last synced at: about 2 months ago - Pushed at: about 3 years ago - Stars: 11 - Forks: 1
v0lp3/CVE-2022-39073
Proof of concept for the command injection vulnerability affecting the ZTE MF286R router, including an RCE exploit.
Language: Python - Size: 75.2 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 10 - Forks: 2
MilindPurswani/hacker101 Fork of Hacker0x01/hacker101
Hacker101 is a free class for web security. Whether you're a programmer with an interest in bug bounties or a seasoned security professional, Hacker101 has something to teach you.
Language: Ruby - Size: 20.4 MB - Last synced at: about 2 years ago - Pushed at: almost 7 years ago - Stars: 10 - Forks: 0
dokDork/SiteSniper
bash script to automate the penetration test
Language: Shell - Size: 1.84 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 8 - Forks: 0
SystemVll/CVE-2022-47966
The manage engine mass loader for CVE-2022-47966
Language: Python - Size: 3.91 KB - Last synced at: 5 days ago - Pushed at: over 2 years ago - Stars: 7 - Forks: 1
superswan/CamMander
Exploit toolkit for old ip cameras. Inspired by Black Hat 2013 - Exploiting Network Surveillance Cameras Like a Hollywood Hacker
Language: Python - Size: 148 KB - Last synced at: 14 days ago - Pushed at: 6 months ago - Stars: 6 - Forks: 1
m3z0diac/vuln-windows-application
simple C vulnerable windows program for practicing and learning windows exploitation.
Language: C - Size: 720 KB - Last synced at: about 2 months ago - Pushed at: over 3 years ago - Stars: 6 - Forks: 1
abaykan/Labs
Repositori ini berisi file-file vulnerable terhadap bug tertentu yang saya jadikan demo pada artikel yang saya tulis di abaykan.com
Language: PHP - Size: 388 KB - Last synced at: about 3 hours ago - Pushed at: over 4 years ago - Stars: 6 - Forks: 5
FOGSEC/awesome-web-security Fork of R3dFruitRollUp/awesome-web-security
🐶 A curated list of Web Security materials and resources.
Size: 122 KB - Last synced at: over 1 year ago - Pushed at: over 7 years ago - Stars: 6 - Forks: 0
LinuxUser255/Web-Security-Academy-Series Fork of rkhal101/Web-Security-Academy-Series
Exploit Code, notes, and resources to accompany PortSwiggers' WebAcademy Labs.
Language: Python - Size: 32.4 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 5 - Forks: 2
Asjidkalam/CVE-2020-8958
CVE-2020-8958: Authenticated RCE exploit for NetLink HG323
Language: Python - Size: 2.93 KB - Last synced at: 10 months ago - Pushed at: about 4 years ago - Stars: 5 - Forks: 1
SaraBaradaran/Web-Fuzzer
Implementation of A Web Fuzzer for Detecting XSS, Command and SQL Injection Vulnerabilities in Websites
Language: Python - Size: 31.3 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 3 - Forks: 1
xfox64x/CVE-2019-3929
Crestron/Barco/Extron/InFocus/TeqAV Remote Command Injection (CVE-2019-3929) Metasploit Module
Language: Ruby - Size: 5.86 KB - Last synced at: about 1 year ago - Pushed at: over 5 years ago - Stars: 3 - Forks: 2
schoi1337/CVE-2025-20029-simulation
Simulated environment for CVE-2025-20029 using Docker. Includes PoC and auto-reporting.
Language: Python - Size: 385 KB - Last synced at: 24 days ago - Pushed at: 24 days ago - Stars: 2 - Forks: 0
0xNslabs/Rakuten5GTurboAPI
PoC API that exploits multiple vulnerabilities in the Rakuten 5G Turbo R2314M device
Language: Python - Size: 148 MB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 2 - Forks: 0
0xNslabs/SoftBankMeshAPI
PoC API that exploits multiple vulnerabilities in SoftBank RP562B mesh device.
Language: Python - Size: 11.7 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 2 - Forks: 0
TearsAchly/DVWA
DVWA (Damn Vulnerable Web Application) DVWA is a web application that is intentionally made vulnerable for educational and security testing purposes. It lets users practice and understand different types of web security attacks.
Language: PHP - Size: 11.7 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 2 - Forks: 0
K3ysTr0K3R/CVE-2019-15107-EXPLOIT
A PoC exploit for CVE-2019-1510 - Webmin Remote Code Execution
Language: Python - Size: 37.1 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 2 - Forks: 2
qwqoro/Mail-Injection
📧 [Research] E-Mail Injection: Vulnerable applications
Language: HTML - Size: 4.51 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 2 - Forks: 0
TheWation/CiCeSandbox
This web application provides a sandbox environment for testing and learning about command injection and code execution vulnerabilities, with several endpoints for testing different types of vulnerabilities.
Language: Python - Size: 5.86 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 2 - Forks: 0
anil-yelken/www-project-vulnerable-flask-app Fork of OWASP/www-project-vulnerable-flask-app
OWASP Foundation Web Respository
Size: 6.84 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 2 - Forks: 0
moeinfatehi/lfi-to-rce-scenario
This repository is a Dockerized php application containing a LFI (Local File Inclusion) vulnerability which can lead to RCE (Remote Code Execution).
Language: PHP - Size: 404 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 2 - Forks: 0
tom474/security_attacks_analysis
[RMIT 2024C] COSC2539 - Security in Computing and IT - Programming-based Security Project
Language: Python - Size: 47.9 KB - Last synced at: 3 months ago - Pushed at: 4 months ago - Stars: 1 - Forks: 0
ILIASMORSEL/SecureShield
SecureShield — это мощная PHP-библиотека, которая защищает ваш проект от большинства известных атак: SQL-инъекции, XSS, CSRF, Command Injection, PHP Injection, и даже больше! Она готова к работе "из коробки", проста в использовании и может быть интегрирована в любой проект.
Language: PHP - Size: 10.7 KB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 1 - Forks: 0
A-Mahla/Security-Pentest-Part-I
The first in a series of four machines, each pen-tested and explained.
Language: Python - Size: 58.6 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0
copyleftdev/PricklyPwn
An advanced RCE tool tailored for exploiting a vulnerability in Cacti v1.2.22. Crafted with precision, this utility aids security researchers in analyzing and understanding the depth of the CVE-2022-46169 flaw. Use responsibly and ethically.
Language: Go - Size: 2.93 KB - Last synced at: 8 days ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0
TheWation/CiCePhpbox
The command injection sandbox is a tool for testing command injection vulnerabilities in web apps, in a safe environment.
Language: PHP - Size: 5.86 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 1 - Forks: 0
WesleyWong420/Imageception
Flask Powered Vulnerable Image Generator
Language: Python - Size: 860 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 1 - Forks: 0
m3ssap0/cacti-rce-cve-2022-46169-vulnerable-application
WARNING: This is a vulnerable application to test the exploit for the Cacti command injection (CVE-2022-46169). Run it at your own risk!
Language: PHP - Size: 90.8 KB - Last synced at: 3 months ago - Pushed at: about 2 years ago - Stars: 1 - Forks: 2
danielserbu/SeleniumTestXVWACommandInjection
Language: Python - Size: 720 KB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 1 - Forks: 0
KIRAN-KUMAR-K3/vulnerability-payload-lists
A curated repository of categorized payloads for testing and exploiting common web vulnerabilities in ethical hacking and penetration testing.
Size: 91.8 KB - Last synced at: 19 days ago - Pushed at: 19 days ago - Stars: 0 - Forks: 0
Zizo0004/Detecting-Malicious-VSCode-extensions
detecting malicious/vulnerable vscode extensions. Focusing on XSS, Code injections, Command injections and path transversal attacks
Language: Jupyter Notebook - Size: 273 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0
m3ssap0/cacti-rce-snmp-options-vulnerable-application
WARNING: This is a vulnerable application to test the exploit for the Cacti command injection (CVE-2023-39362). Run it at your own risk!
Language: PHP - Size: 41 KB - Last synced at: 3 months ago - Pushed at: 7 months ago - Stars: 0 - Forks: 0
Azad-02/Common-Vulnerabilities-and-Exploitations
The repository includes various vulnerbilities, their types, identification, exploitation and mitigations along with payloads. Includes: Cross-Site Scripting (XSS) SQL Injection (SQLi) Directory Traversal Command Injection
Size: 70.3 KB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 0 - Forks: 0
Kr1shna02/Portswigger_Labs
This repository includes my write-ups on popular web attacks from Portswigger Labs.
Size: 15.6 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 0 - Forks: 0
Backflipper1337/KeeneticOS-exploit-POC
mpsl exploit mirai rce command injection iot firmware poc
Language: Python - Size: 3.91 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
Gill-Singh-A/SHARN-Web-Desktop
A Simple CTF Challenge that expects user to see Client Side Login Algorithm, Path Traversal and Command Injection
Language: HTML - Size: 1.53 MB - Last synced at: 3 months ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
K3ysTr0K3R/CVE-2024-3273-EXPLOIT
A PoC exploit for CVE-2024-3273 - D-Link Remote Code Execution RCE
Language: Python - Size: 7.81 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
dokDork/CommandInjectionShield
This script will prepare some tmux session precompiled to test command injection on some web page parameter (on a GET or POST request).
Size: 549 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
K3ysTr0K3R/CVE-2022-33891-EXPLOIT
A PoC exploit for CVE-2022-33891 - Apache Spark UI Remote Code Execution (RCE)
Language: Python - Size: 6.84 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
0xNslabs/CVE-2022-36553-PoC
PoC Script for CVE-2022-36553: Exploits an unauthenticated remote command injection vulnerability in Hytec Inter HWL-2511-SS device.
Language: Python - Size: 1.95 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
minj-ae/Banalyzer-CMDI
[Sunrin Security Project] Command Injection Static Analyzer with IDAPython
Language: Python - Size: 12.7 KB - Last synced at: 3 months ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
mbadanoiu/CVE-2020-8250
CVE-2020-8250: Privilege Escalation via Command Injection in Pulse Secure VPN Linux Client
Size: 593 KB - Last synced at: 3 months ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
De-Technocrats/dvwaupsploit
Tool for exploiting file upload vulnerabilities in DVWA (Damn Vulnerable Web Application).
Language: Python - Size: 81.1 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0
ilmercu/Scanner-and-Command-Injection
Vulnerabilities scanner tool
Language: Python - Size: 77.1 KB - Last synced at: over 1 year ago - Pushed at: almost 3 years ago - Stars: 0 - Forks: 1
mark-by/proxy
Proxy сервер
Language: Go - Size: 253 KB - Last synced at: about 2 years ago - Pushed at: about 4 years ago - Stars: 0 - Forks: 0
