Exploits & CVEs

Metasploit modules & payloads

Linux Command Shell, Reverse TCP Inline (IPv6)

Splunk Custom App Remote Code Execution

Shellcodes

Linux/x86 - IPv6 TCP bind tcp shell

CVEs

CVE-2020-5752 | Druva - inSync Windows Client 6.6.3 - Path Traversal LPE

CVE-2020-10680 | Polycom - RealPresence Desktop - Windows Client - Local BoF

CVE-2020-2035 | Palo Alto Networks - PAN-OS: URL filtering policy is not enforced on TLS handshakes for decrypted HTTPS sessions

CVE-2020-15936 | Fortinet - Inspection not enforced in TLS handshakes

CVE-2021-34749 | Cisco - Multiple Cisco Products Server Name Identification Data Exfiltration Vulnerability

 

Tools

Credential Dumping

PykDumper

ATPMiniDump

Heap Exploitation

Heappo

IDAPython scripts

Payload Exfiltration

SNIcat