SpecterOps Presentations

Quickly and automatically test systems inside Quickemu virtual machines 🧑‍🔬

Some payloads of JNDI Injection in JDK 1.8.0_191+

Leaked Mirai Source Code for Research/IoC Development Purposes

【两万字原创】零基础学fastjson漏洞（基础篇），公众号：追梦信安

A script to automatically dump all URLs present in /server-status to a file locally.

Script for searching the extracted firmware file system for goodies!

A Post Exploitation Tool for High Value Systems

🧟 The modern PHP app server

Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()

Official writeups for Business CTF 2024: The Vault Of Hope

CVE-2024-32002 RCE PoC

gather gather gather

IDA Plugin to automatically identify and set enums for standard functions

Azure mindmap for penetration tests

Cyber Security ALL-IN-ONE Platform

Weblogic IIOP CVE-2020-2551

This is a proof of concept for CVE-2024-20356, a Command Injection vulnerability in Cisco's CIMC.

A recursive internet scanner for hackers.

The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning

OSCP Cheat Sheet

Kerberos unconstrained delegation abuse toolkit

Potential Integer Overflow Leading To Heap Overflow in AMD KFD.

GLPIScan is a vulnerability scanner for GLPI.

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 9…

GEF - GDB Enhanced Features for exploit devs & reversers