Atlassian Companion RCE Vulnerability Proof of Concept

Shows off an RCE with better_errors w/ binding_of_caller using DNS Rebinding

Independent security researcher specializing in critical vulnerability discovery across enterprise systems, WordPress ecosystems, and cloud infrastructure. Demonstrated track record of identifying zero-day vulnerabilities in software with millions of users.

Case Study della Tesi di Laurea Triennale in Ingegneria Informatica UniBg

Much More Than a Prank

PoC (Proof of Concept) de la CVE-2024-4367 - Vulnérabilité RCE dans libwebp. Démonstration complète incluant : création de payloads, scénarios d'attaque, analyse des risques et serveur Express.js de test.

Pentesting report of the Zico2 vulnerable machine using Kali Linux and common exploitation tools.

Vulnerable web app

A simple XSS payload host for testing and demonstrating stored/reflected XSS using GitHub Pages. Useful for bug bounty & security research.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

2021年4月15日出现的Chrome payload

JAVA 漏洞靶场 (Vulnerability Environment For Java)

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms