Menu
  • New Tool CMS Detection.

    New Tool CMS Detection.

Ip Is toxic Proxy Spam report

Host Subdomain Ip

Nmap scan options Don't select marked with default

Host Protocol Port State Service Version

Exploit Search

Tools for System administrator and Network troubleshooting

Shell codes

Release Date Description Type Platform Author
2019-03-11 "Linux/x86 - Polymorphic execve(/bin/sh) Shellcode (63 bytes)" shellcode linux_x86 "Daniele Votta"
2019-03-11 "Linux/x86 - MMX-XOR Encoder / Decoder execve(/bin/sh) Shellcode (44 bytes)" shellcode linux_x86 "Daniele Votta"
2019-03-08 "Linux/x86 - INSERTION Encoder / Decoder execve(/bin/sh) Shellcode (88 bytes)" shellcode linux_x86 "Daniele Votta"
2019-03-05 "Linux/x86 - XOR Encoder / Decoder execve(/bin/sh) Shellcode (45 bytes)" shellcode linux_x86 "Daniele Votta"
2019-02-18 "macOS - execve(/bin/sh) + Null-Free Shellcode (31 bytes)" shellcode macos "Ken Kitahara"
2019-02-18 "macOS - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (123 bytes)" shellcode macos "Ken Kitahara"
2019-02-18 "macOS - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (103 bytes)" shellcode macos "Ken Kitahara"
2019-02-18 "macOS - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (129 bytes)" shellcode macos "Ken Kitahara"
2019-02-18 "macOS - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (119 bytes)" shellcode macos "Ken Kitahara"
2019-03-04 "Linux/x86 - iptables -F Shellcode (43 bytes)" shellcode linux_x86 "Cameron Brown"
2019-03-04 "Linux/x64 - Kill All Processes Shellcode (11 bytes)" shellcode linux_x86-64 "Aron Mihaljevic"
2019-03-04 "Linux/x86 - NOT Encoder / Decoder - execve(/bin/sh) Shellcode (44 bytes)" shellcode linux_x86 "Daniele Votta"
2019-02-05 "Linux/x86 - Random Insertion Encoder and Decoder Shellcode (Generator)" shellcode linux_x86 "Aditya Chaudhary"
2019-02-01 "Linux/x86 - Read /etc/passwd Shellcode (58 Bytes) (3)" shellcode linux_x86 Kiewicz
2019-01-29 "Linux/x86 - execve(/bin/sh) + RShift-1 Encoded Shellcode (29 bytes)" shellcode linux_x86 "Joao Batista"
2019-01-28 "Linux/ARM - Bind TCP (0.0.0.0:4321) Shell (/bin/sh) + Null-Free Shellcode (84 bytes)" shellcode arm "Gokul Babu"
2019-01-30 "Windows/x86 - 'msiexec.exe' Download and Execute Shellcode (95 bytes)" shellcode windows_x86 "Kartik Durg"
2019-01-28 "Linux/ARM - Reverse TCP (192.168.1.124:4321) Shell (/bin/sh) Shellcode (64 bytes)" shellcode arm "Gokul Babu"
2019-01-28 "Linux/x86 - Read /etc/passwd Shellcode (58 Bytes) (2)" shellcode linux_x86 "Joao Batista"
2019-01-28 "Linux/x86 - exit(0) Shellcode (5 bytes)" shellcode linux_x86 "Daniele Votta"
2019-01-29 "Linux/x86 - execve() - Terminal Calculator (bc) Shellcode (53 bytes)" shellcode linux_x86 "Daniele Votta"
2019-01-15 "Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) Shellcode (100 bytes)" shellcode linux_x86 "Joao Batista"
2019-01-11 "Windows/x86 - Download With TFTP And Execute Shellcode (51-60 bytes) (Generator)" shellcode generator "Semen Alexandrovich Lyhin"
2019-01-09 "Linux/x86 - wget chmod execute over execve /bin/sh -c Shellcode (119 bytes)" shellcode linux_x86 strider
2018-12-24 "Linux/x86 - Kill All Processes Shellcode (14 bytes)" shellcode linux strider
2018-12-19 "Linux/x64 - Disable ASLR Security Shellcode (93 Bytes)" shellcode linux_x86-64 "Kağan Çapar"
2018-12-11 "Linux/x86 - Bind (1337/TCP) Ncat (/usr/bin/ncat) Shell (/bin/bash) + Null-Free Shellcode (95 bytes)" shellcode linux_x86 T3jv1l
2018-12-04 "Linux/x64 - Reverse (0.0.0.0:1907/TCP) Shell Shellcode (119 Bytes)" shellcode linux_x86-64 "Kağan Çapar"
2018-12-04 "Linux/x86 - /usr/bin/head -n99 cat etc/passwd Shellcode (61 Bytes)" shellcode linux Nelis
2018-11-13 "Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode (58 bytes)" shellcode linux_x86 "Javier Tello"

Get updated with the latest exploits, useful if you are a usual pentester

Release Date Title Type Platform Author
2019-07-17 "Oracle Siebel CRM 19.0 - Persistent Cross-Site Scripting" webapps linux "Sarath Nair"
2019-07-17 "MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow" remote windows hyp3rlinx
2019-07-17 "Windows - NtUserSetWindowFNID Win32k User Callback Privilege Escalation (Metasploit)" local windows Metasploit
2019-07-17 "Linux - Broken Permission and Object Lifetime Handling for PTRACE_TRACEME" local linux "Google Security Research"
2019-07-17 "WinMPG iPod Convert 3.0 - 'Register' Denial of Service" dos windows stresser
2019-07-16 "CentOS Control Web Panel 0.9.8.838 - User Enumeration" webapps linux "Pongtorn Angsuchotmetee_ Nissana Sirijirakal_ Narin Boonwasanarak"
2019-07-16 "CentOS Control Web Panel 0.9.8.836 - Privilege Escalation" webapps linux "Pongtorn Angsuchotmetee_ Nissana Sirijirakal_ Narin Boonwasanarak"
2019-07-16 "CentOS Control Web Panel 0.9.8.836 - Authentication Bypass" webapps linux "Pongtorn Angsuchotmetee"
2019-07-16 "PHP Laravel Framework 5.5.40 / 5.6.x < 5.6.30 - token Unserialize Remote Command Execution (Metasploit)" remote linux Metasploit
2019-07-16 "Microsoft Windows 10 < build 17763 - AppXSvc Hard Link Privilege Escalation (Metasploit)" local windows Metasploit
2019-07-16 "DameWare Remote Support 12.0.0.509 - 'Host' Buffer Overflow (SEH)" local windows "Xavi Beltran"
2019-07-16 "R 3.4.4 (Windows 10 x64) - Buffer Overflow SEH (DEP/ASLR Bypass)" local windows blackleitus
2019-07-16 "Microsoft Compiled HTML Help / Uncompiled .chm File - XML External Entity Injection" dos windows hyp3rlinx
2019-07-15 "FlightPath < 4.8.2 / < 5.0-rc2 - Local File Inclusion" webapps php "Mohammed Althibyani"
2019-07-15 "CISCO Small Business 200 / 300 / 500 Switches - Multiple Vulnerabilities" webapps hardware Ramikan
2019-07-15 "NETGEAR WiFi Router JWNR2010v5 / R6080 - Authentication Bypass" webapps hardware Wadeek
2019-07-15 "Streamripper 2.6 - 'Song Pattern' Buffer Overflow" local windows "Andrey Stoykov"
2019-07-15 "Microsoft Windows Remote Desktop - 'BlueKeep' Denial of Service (Metasploit)" dos windows "RAMELLA Sebastien"
2019-07-15 "Android 7 - 9 VideoPlayer - 'ihevcd_parse_pps' Out-of-Bounds Write" dos android "Marcin Kozlowski"
2019-07-12 "Citrix SD-WAN Appliance 10.2.2 - Authentication Bypass / Remote Command Execution" webapps cgi "Chris Lyne"
2019-07-12 "Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting" webapps java "Ishaq Mohammed"
2019-07-12 "Sahi Pro 8.0.0 - Remote Command Execution" webapps java AkkuS
2019-07-12 "MyT Project Management 1.5.1 - User[username] Persistent Cross-Site Scripting" webapps php "Metin Yunus Kandemir"
2019-07-12 "Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting" webapps hardware ABDO10
2019-07-11 "Sitecore 9.0 rev 171002 - Persistent Cross-Site Scripting" webapps aspx "Owais Mehtab"
2019-07-12 "Xymon 4.3.25 - useradm Command Execution (Metasploit)" remote multiple Metasploit
2019-07-12 "Microsoft Windows 10.0.17134.648 - HTTP -> SMB NTLM Reflection Leads to Privilege Elevation" local windows "Google Security Research"
2019-07-11 "SNMPc Enterprise Edition 9/10 - Mapping Filename Buffer Overflow" local windows xerubus
2019-07-12 "Microsoft Font Subsetting - DLL Heap Corruption in ComputeFormat4CmapData" dos windows "Google Security Research"
2019-07-07 "Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Buffer Overflow (2)" remote unix "Brian Peters"
CMS Detection and Exploitation suite

CMS Detection and Exploitation suite

CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and 150 other CMSs

Offensive features

  • Admin page finder
  • User Enumeration
  • Core vulnerability detection
  • Modular bruteforce system
  • Advanced Joomla Scans
  • Advanced Wordpress Scans
  • Drupal version detection
  • Basic CMS Detection of over 155 CMS
Raccoon tool

Raccoon tool

Offensive Security Tool for Reconnaissance and Information Gathering

Offensive features

  • DNS details
  • DNS visual mapping using DNS dumpster
  • WHOIS information
  • TLS Data - supported ciphers
  • Port Scan
  • Subdomain enumeration
  • Web application data retrieval
  • Detects known WAFs
WhatWeb

WhatWeb

WhatWeb recognises web technologies including content management systems (CMS).

Offensive features

  • Over 1800 plugins
  • Control the trade off between speed/stealth and reliability
  • Performance tuning. Control how many websites to scan concurrently.
  • Proxy support including TOR
  • Custom HTTP headers
  • Basic HTTP authentication
  • Control over webpage redirection

Subdomain finder libraries

  • Knockpy
  • Subbrute
  • Sublist3r
  • Raccoons's Subdomain finder
  • AltDNS

Scan ports with Nmap

Detect Web application firewalls

Troubleshoot webservers

CMS Detections

Signup and Track your records