Tenable PoC

Proof of Concepts As the result of plugin writing or just general bug hunting, researchers at Tenable often stumble upon new and interesting vulnerabilities. These vulnerabililities are shared with the community. We've decided to create a more centralized repository for our proof of concepts. Everything is sorted by vendor with…

GhostPack

GhostPack A collection of security related toolsets.   https://github.com/GhostPack  

The KRACK ATTACK POC: WPA2 CRACK: Key reset

CVE-2017-13082: Key Reinstall in FT Handshake: The Krack Attack the KRACK attack website for details: https://www.krackattacks.com/ the KRACK attack original PoC: https://github.com/vanhoefm/krackattacks-test-ap-ft

CrunchRAT

CrunchRAT CrunchRAT currently supports the following features: File upload File download Command execution It is currently single-threaded (only one task at a time), but multi-threading (or multi-tasking) is currently in the works. Additional features will be included at a later date. Crunch RAT (Remote Admin Tool, Not Trojan) https://github.com/t3ntman/CrunchRAT/tree/dev

PHP OPcache Override

PHP OPcache Override This project contains the demo website and the tools presented in the following blog post http://blog.gosecure.ca/2016/04/27/binary-webshell-through-opcache-in-php-7 https://github.com/GoSecure/php7-opcache-override

CVE-2016-0051 (MS-016)

Proof-of-concept BSoD (Blue Screen of Death) and Elevation of Privilege (to SYSTEM) code for my CVE-2016-0051 (MS-016). this PoC will run from CMD and the shell will spwan in the same CMD -pid   vulnerabilty poc auhor: koczkatamas https://twitter.com/koczkatamas Original code: https://github.com/koczkatamas/CVE-2016-0051 Thanks to koczkatamas    

ImageTragick POC

ImageTragick POCs How To Use git clone https://github.com/ImageTragick/PoCs.git cd PoCs ./test.sh To test a policy.xml file place it in the script directory and run test.sh.  

WPA2-HalfHandshake-Crack

Conventional WPA2 attacks work by listening for a handshake between client and Access Point. This full fourway handshake is then used in a dictonary attack. This tool is a Proof of Concept to show it is not necessary to have the Access Point present. A person can simply listen for…