Unrestricted Upload of File with Dangerous Type vulnerability in brx8r Nice Backgrounds allows Upload a Web Shell to a Web Server.This issue affects Nice Backgrounds: from n/a through 1.0.
#EXPLOIT

Leading source of security tools, hacking tools, cybersecurity and network security. Learn about new tools and updates in one place.

A network attack aims to access a network without permission, either to steal or alter data. This differs from endpoint, malware, and software vulnerability attacks. Learn about passive vs. active network attacks and more.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF.

0day Today is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals. Our aim is to collect exploits from submittals and various mailing lists and concentrate them in one, easy-to-navigate database. This was written solely for educational purposes. Use it at your own risk. The author will be not responsible for any damage.

A huge chunk of my personal notes since I started playing CTFs and working as a red teamer. These are living documents and I updated or add to them relatively often.

Welcome to the wiki where you will find each hacking trick/technique/whatever I have learnt from CTFs, real life apps, reading researches, and news.

exploit.education provides a variety of resources that can be used to learn about vulnerability analysis, exploit development, software debugging, binary analysis, and general cyber security issues.

A curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.

The page where you will find each hacking trick/technique/whatever related to CI/CD & Cloud I have learnt in CTFs, real life environments, researching, and reading researches and news.

The Kubenomicon was born of a desire to understand more about Kubernetes from an offensive perspective. I found many great resources to aid in my journey, but I quickly realized.

A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities.

Global Security Resource. In these times where a new major data breach occurs on a daily basis, it is important for the personal Internet user, corporations, and governments to stay aware of vulnerabilities that may affect their systems. Packet Storm provides around-the-clock information and tools in order to help mitigate both personal data and fiscal loss on a global scale. As new information surfaces, Packet Storm releases everything immediately through it's RSS feeds, Twitter, and Facebook. The site is referenced in over a hundred books and has a history of being spotlighted in the news.

A vast collection of security tools.

I have gathered these notes from lots of sources on the internet, such as OSCP guides, enumeration guides and books. If you see any content that you wrote and I haven't credited you, please let me know and I will add it.

Exploits for Penetration Testers, Researchers and Ethical Hackers.

A subreddit dedicated to red and blue teaming content.

Sticky notes for pentesting. Search hacking techniques and tools for penetration testings, bug bounty, CTFs.