KrbRelayEx : Mastering Kerberos Ticket Relay Attacks In Active Directory Environments
KrbRelayEx is a sophisticated tool designed for performing Man-in-the-Middle (MitM) attacks by relaying Kerberos AP-REQ tickets.
It is particularly useful in scenarios where an...
CVE-2025-26319 : Understanding The Vulnerability And Exploitation Tools
CVE-2025-26319 is a critical vulnerability affecting FlowiseAI Flowise versions up to and including 2.2.6.
This vulnerability allows attackers to perform arbitrary file uploads, potentially...
Impacket : A Comprehensive Tool For Network Protocol Manipulation
Impacket is a powerful collection of Python classes designed to work with various network protocols, providing low-level access to packet construction and parsing.
Originally...
Open-Source LLM Scanners : Enhancing Security For Large Language Models
As Large Language Models (LLMs) become increasingly integral to various applications, ensuring their security is paramount.
Open-source LLM scanners play a crucial role in...
strongR-frida-android : An Anti-Detection Version Of Frida For Android
strongR-frida-android is a project that builds upon the popular dynamic instrumentation toolkit, Frida, by incorporating anti-detection patches specifically designed for Android devices.
This version...
uBlock Origin And uBlacklist Huge AI Blocklist : Tools For A Cleaner Search Experience
In the era of AI-generated content, maintaining authenticity in search results has become increasingly challenging. To address this issue, the uBlock Origin & uBlacklist...
Web-Check : The Comprehensive Tool For Website Analysis And Optimization
Web-Check is a powerful, open-source tool designed to provide comprehensive insights into a website's underlying structure, security, and performance.
Developed by Alicia Sykes, it...
CVE-2025-24813-PoC : Apache Tomcat 远程代码执行漏洞批量检测脚本
简介
CVE-2025-24813 是一个影响 Apache Tomcat 的远程代码执行(RCE)漏洞,允许攻击者通过发送一个 PUT 请求上传恶意的序列化会话文件,并通过 GET 请求触发反序列化,从而在服务器上执行任意代码。该漏洞已在野外被利用,且其利用条件相对简单,只需 Tomcat 使用文件存储会话且支持部分 PUT 请求即可。
脚本功能
CVE-2025-24813-PoC 脚本主要用于检测 Apache Tomcat 是否存在此漏洞。它支持批量检测和单个检测两种模式。
批量检测:通过指定一个包含目标 URL 列表的文件(如 url.txt),脚本可以并发检测多个目标。使用方式为: bashpython poc.py -l url.txt...
Binwalk : A Comprehensive Firmware Analysis Tool
Binwalk is a powerful tool designed for analyzing and extracting embedded files from firmware images. It is widely used by security researchers and penetration...
Xenon : A New Tool In The Mythic Framework
Xenon is a Windows agent designed for the Mythic framework, inspired by tools like Cobalt Strike.
It is currently in an early stage of...