ColdFusionX

Pwning

Mayank Deshmukh ColdFusionX

Pwning

Cybersecurity Analyst | CTF Player | Pen-tester | InfoSec Enthusiast

70 followers · 14 following

Achievements

CVE-2022-44877-CWP7 Public

Control Web Panel 7 (CWP7) Remote Code Execution (RCE) (CVE-2022-44877) (Unauthenticated)

1 MIT License Updated Feb 2, 2023
CVE-2022-36804 Public

Atlassian Bitbucket Server and Data Center - Command Injection Vulnerability (CVE-2022-36804)

7 5 MIT License Updated Oct 4, 2022
Keycloak-12.0.1-CVE-2020-10770 Public

Keycloak 12.0.1 - 'request_uri ' Blind Server-Side Request Forgery (SSRF) (Unauthenticated)

Python 7 4 MIT License Updated Jul 11, 2022
CVE-2022-26134 Public

Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134)

exploit rce confluence 0day ognl zeroday ognl-expression

2 2 MIT License Updated Jun 24, 2022
CVE-2022-24124 Public

POC for CVE-2022-24124

exploit sqli sqlinjection casdoor

Go 9 4 MIT License Updated Mar 1, 2022
CVE-2020-9484 Public

POC - Apache Tomcat Deserialization Vulnerability (CVE-2020-9484)

docker serialization exploit tomcat deserialization rce cve-2020-9484

Java 4 2 Updated Feb 11, 2022
CVE-2021-44228-Log4Shell-POC Public

POC for Infamous Log4j CVE-2021-44228

ldap log4j poc rce log4j2 jndi-lookups cve-2021-44228

Java 2 1 MIT License Updated Jan 20, 2022
log4j-scanner Public
Forked from cisagov/log4j-scanner

log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

Java Updated Dec 28, 2021
log4j-scan Public
Forked from fullhunt/log4j-scan

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

Python MIT License Updated Dec 27, 2021
Simple-Nginx-Webapp Public

Sample Web Application on Nginx server

CSS 8 MIT License Updated Nov 8, 2021
CVE-2021-34429 Public

POC for CVE-2021-34429 - Eclipse Jetty 11.0.5 Sensitive File Disclosure

docker exploit eclipse jetty path-traversal cve-2021-34429 web-xml

Java 4 2 MIT License Updated Nov 3, 2021
CVE-2021-26086 Public

Atlassian Jira Server/Data Center 8.4.0 - Arbitrary File read (CVE-2021-26086)

jira file-read-vulnerability cve-2021-26086

23 7 MIT License Updated Oct 12, 2021
CVE-2021-26085 Public

Atlassian Confluence Server 7.5.1 Pre-Authorization Arbitrary File Read vulnerability (CVE-2021-26085)

confluence file-read-vulnerability cve-2021-26085

14 5 MIT License Updated Oct 12, 2021
docker-php-helloworld Public
Forked from mfieldhouse/docker-php-helloworld

A simple PHP application deployed using Docker

PHP Updated Aug 20, 2021
ColdFusionX.github.io Public

exploit hacking ctf-writeups pentesting pentest-scripts ctf-challenges hackthebox

SCSS 5 23 MIT License Updated Jun 30, 2021
PHP-8.1.0-dev_WebShell-RCE Public

PHP 8.1.0-dev WebShell Remote Code Execution

Python 3 1 MIT License Updated May 30, 2021
cve-bin-tool Public
Forked from intel/cve-bin-tool

This tool scans for a number of common, vulnerable components (openssl, libpng, libxml2, expat and a few others) to let you know if your system includes common libraries with known vulnerabilities.

HTML GNU General Public License v3.0 Updated Apr 14, 2021
dockerized_backdrop_cms Public
Forked from JSitter/dockerized_backdrop_cms

The Backdrop CMS in a Docker Container.

Python MIT License Updated Mar 27, 2021
ColdFusionX Public

Updated Mar 21, 2021
CVE-2019-11447_CuteNews-AvatarUploadRCE Public

Exploit Code for CVE-2019-11447 aka CuteNews 2.1.2 Avatar upload RCE (Authenticated)

php avatar register rce bypass remote-code-execution cutenews

Python 3 Updated Mar 17, 2021
CTF-Writeups Public

Updated Mar 15, 2021
ProwlPhisher Public

Python tool to send Phishing mails

automation script tool email phishing python3 smtp

Python 1 1 MIT License Updated Dec 7, 2020
VerityScan Public

Auto full port & aggressive scan integrating masscan & Nmap

Python 1 Updated Nov 10, 2020
ZipBreaker Public

Zip file Password Cracking tool

script tool zip extractor bruteforce python3 bruteforce-password-cracker

Python 4 3 MIT License Updated Nov 8, 2020
KeysUnveil Public

Authenticated Memcached Keys Brute force Script

memcached bruteforce python3 keys binary-protocol

Python 4 2 MIT License Updated Nov 8, 2020
LabScripts Public

Scripts that I wrote & used in HackTheBox and other CTF's

exploit code scripts

Python 1 1 Updated Nov 2, 2020
DigitalStriker Public

Digital Implementation of High Striker using FSR with PIC18F4550 Micro-controller

C Updated Oct 31, 2020
CVE-2019-17240_Bludit-BF-Bypass Public

Bludit <= 3.9.2 - Authentication Bruteforce Mitigation Bypass Exploit/PoC

cms proof-of-concept exploit python3 poc brute-force pwn

Python 2 3 MIT License Updated Oct 24, 2020
HowToHunt Public
Forked from KathanP19/HowToHunt

Tutorials and Things to Do while Hunting Vulnerability.

Updated Oct 24, 2020
CTF-writeups-public Public
Forked from shiltemann/CTF-writeups-public

Writeups for infosec Capture the Flag events by team Galaxians

Java Updated Oct 2, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Mayank Deshmukh ColdFusionX

Achievements

Achievements

Block or report ColdFusionX

CVE-2022-44877-CWP7 Public

CVE-2022-36804 Public

Keycloak-12.0.1-CVE-2020-10770 Public

CVE-2022-26134 Public

CVE-2022-24124 Public

CVE-2020-9484 Public

CVE-2021-44228-Log4Shell-POC Public

log4j-scanner Public

log4j-scan Public

Simple-Nginx-Webapp Public

CVE-2021-34429 Public

CVE-2021-26086 Public

CVE-2021-26085 Public

docker-php-helloworld Public

ColdFusionX.github.io Public

PHP-8.1.0-dev_WebShell-RCE Public

cve-bin-tool Public

dockerized_backdrop_cms Public

ColdFusionX Public

CVE-2019-11447_CuteNews-AvatarUploadRCE Public

CTF-Writeups Public

ProwlPhisher Public

VerityScan Public

ZipBreaker Public

KeysUnveil Public

LabScripts Public

DigitalStriker Public

CVE-2019-17240_Bludit-BF-Bypass Public

HowToHunt Public

CTF-writeups-public Public