adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
80,937 Commits 27 Branches 1,043 Tags
91633fdad7e9474debefbfd044d2b8bc7652deee
Commit Graph

7768 Commits

Author SHA1 Message Date
Diego Ledda 1d5eae0f5b Merge pull request #21034 from Chocapikk/add-module-opendcim-sqli-rce 
Add openDCIM install.php SQLi to RCE module
 2026-04-14 16:04:13 -04:00
Diego Ledda addcd69205 Merge pull request #20933 from madefourit/persis_pwrshell_profile 
Windows Persistence: Powershell Profile
 2026-04-14 15:43:06 -04:00
Diego Ledda 31a2de9562 Merge pull request #20839 from h00die/bits 
New persistence module: Microsoft Bits
 2026-04-14 15:42:55 -04:00
msutovsky-r7 5b6c2be9d1 Land #21003, unifies Selenium Firefox and Chrome modules 
Unified Selenium Grid/Selenoid RCE with Firefox + Chrome auto-detection
 2026-04-14 16:32:06 +02:00
madefourit 05914feb4d module docs and description_formatted 2026-04-14 09:45:45 -04:00
madefourit 0ba93b6ae3 module docs and description 2026-04-14 09:45:45 -04:00
h00die 14cd7fad47 module docs 2026-04-14 09:45:44 -04:00
h00die 9e506cc5a0 update pshell module 2026-04-14 09:45:43 -04:00
h00die a4d84fa734 Merge branch 'rapid7:master' into bits 2026-04-13 05:14:48 -04:00
Brendan a90ec1071c Merge pull request #21075 from Chocapikk/avideo-catname-sqli 
Add AVideo catName blind SQLi credential dump (CVE-2026-28501)
 2026-04-09 16:22:45 -05:00
h00die 475f203760 windows telemetry persistence 2026-04-09 15:02:42 +02:00
adfoster-r7 3de026b88c Merge pull request #21221 from cgranleese-r7/update-module-doc-template-with-example 
Adds examples to module template markdown
 2026-04-08 10:51:49 +01:00
cgranleese-r7 db9f98e704 Adds examples to module template markdown 2026-04-08 09:25:08 +01:00
jheysel-r7 94ccd8bd20 Merge pull request #20948 from ArkaprabhaChakraborty/osticket 
Add initial osticket arbitraray file read auxiliary module
 2026-04-07 09:39:01 -07:00
Diego Ledda 08e29e833d Merge pull request #20814 from h00die/s4u 
s4u persistence updates
 2026-04-07 05:22:01 -04:00
Spencer McIntyre a0852387fc Merge pull request #20752 from bwatters-r7/feature/certificate-web-enrollment 
Add Authenticating Web Enrollment module for AD/CS
 2026-04-06 15:27:28 -04:00
jheysel-r7 0f156364eb Merge pull request #21158 from sfewer-r7/CVE-2026-20127 
Add auxiliary module for Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability (CVE-2026-20127)
 2026-04-02 09:50:22 -07:00
Spencer McIntyre 1d41776cf8 Merge pull request #21032 from Nayeraneru/UserInitMprLogon 
windows persistence userinit_mpr_logon
 2026-04-01 14:59:36 -04:00
Spencer McIntyre 34c7a18ef4 Merge pull request #21217 from dineshg0pal/fix/small-typo-fixes 
Fix: small typo's in Documentation
 2026-04-01 12:38:25 -04:00
Dinesh b668069682 fix: corrected SHA12 to SHA512 2026-04-01 21:32:28 +05:30
Dinesh 7bdfdf9703 fix: removed extra "use" in cmd lines 2026-04-01 21:29:21 +05:30
Dinesh fe0c7e4e97 fix: removed "are" duplicate 2026-04-01 21:25:00 +05:30
Dinesh 2d4c3e748e fix: removed duplicate "which" 2026-04-01 21:22:38 +05:30
Nayeraneru 609866dc94 add doc 2026-03-31 23:46:09 +02:00
Christophe De La Fuente 09a59af789 Merge pull request #21069 from Chocapikk/add-module-freescout-htaccess-rce 2026-03-31 18:09:30 +02:00
msutovsky-r7 6d4b268f9f Land #21029, adds module for Grav CMS (CVE-2025-50286) 
Adds exploit module for Grav CMS (CVE-2025-50286)
 2026-03-31 14:47:44 +02:00
cgranleese-r7 e5e18383a2 Merge pull request #21187 from Devansh7006/patch-1 
Improve HTTP PUT module documentation
 2026-03-31 13:03:56 +01:00
cgranleese-r7 55152da83a Merge pull request #21186 from Devansh7006/add-wordpress-pingback-doc 
Add documentation for wordpress_pingback_access module
 2026-03-31 11:40:24 +01:00
Devansh7006 b9666f5f0e Improve formatting and clarity of WordPress pingback module 
Reformatted the verification steps and options for clarity. Removed redundant lines and added example usage.
 2026-03-31 12:40:19 +05:30
Devansh7006 d3a1bdaa88 Fix HTTP PUT module documentation formatting and structure 
Updated example usage and added details for the PUT action.
 2026-03-31 12:28:17 +05:30
bcoles b17a5727b5 Improve post/linux/gather/enum_protections module 
* Add system hardening checks
* Add detection for modern security tools
* Add module documentaiton
 2026-03-29 15:07:56 +11:00
adfoster-r7 20bb912515 Merge pull request #21023 from g0tmi1k/os_cmd_exec 
Add: exploits/multi/http/os_cmd_exec
 2026-03-27 16:38:03 +00:00
Devansh7006 bccbf35950 Enhance documentation for WordPress pingback module 
Updated verification steps and added example run for clarity.
 2026-03-27 17:07:24 +05:30
Devansh7006 e56610b530 Enhance documentation for HTTP PUT scanner module 
Added verification steps and detailed options for HTTP PUT scanner.
 2026-03-27 16:45:55 +05:30
Devansh7006 63ad9b06bf Refactor WordPress Pingback Access documentation 
Removed redundant sections and improved formatting for clarity.
 2026-03-27 16:39:37 +05:30
cgranleese-r7 ab4f24db5d Merge pull request #21149 from Adithyadspawar/add-auxiliary-scanner-docs 
Add documentation for auxiliary scanner modules
 2026-03-27 11:02:43 +00:00
Devansh7006 8e2e293062 Improve HTTP PUT module documentation 
Updated the documentation for the HTTP PUT File Upload Scanner module to clarify usage and options.
 2026-03-27 15:33:23 +05:30
Devansh7006 93fb3b464b Add WordPress Pingback Access Scanner documentation 
This document outlines the WordPress Pingback Access Scanner module, its verification steps, options, and scenarios for use in security assessments.
 2026-03-27 15:04:49 +05:30
x1o3 d12e3945fe plugin version parsing and check logic improvement, msftidy & rubocop compliant 2026-03-27 11:47:30 +05:30
x1o3 de81c5f0dc plugin version parsing and check logic improvement, msftidy & rubocop compliant 2026-03-27 11:45:20 +05:30
arkaprabhachakraborty 26a73b060d Resolve rubocop errors and warnings. Address copilot comments on docs and code quality. 
Signed-off-by: arkaprabhachakraborty <chakrabortyarkaprabha998@gmail.com>
 2026-03-27 00:43:23 +05:30
sfewer-r7 aa84007608 dont mix vprint_status and teh slient flag. improve some of the print message for better consistency 2026-03-26 15:08:29 +00:00
sfewer-r7 f857ea77c9 get rid of STORE_SSH_KEY_FILES as the private key will be in loot anyway 2026-03-26 14:53:25 +00:00
msutovsky-r7 0976f88058 Land #20835, adds module unauthenticated command injection Eclipse Che machine-exec (CVE-2025-12548) 
Add Eclipse Che machine-exec unauthenticated RCE (CVE-2025-12548)
 2026-03-25 14:39:01 +01:00
g0t mi1k 51f36982c7 Add: exploits/multi/http/os_cmd_exec 
A lot of this was based on: exploits/unix/webapp/php_eval
 2026-03-24 20:01:30 +00:00
Brendan 7ea60dd7d1 Merge pull request #20478 from futileskills/escpos-injector-module 
Create escpos_tcp_command_injector.rb
 2026-03-24 14:40:27 -05:00
jheysel-r7 81faae13ca Merge pull request #21033 from Alpenlol/barracuda-esg-cve-2023-2868 
Add exploit for CVE-2023-2868 Barracuda ESG command injection
 2026-03-23 13:18:34 -07:00
arkaprabhachakraborty ae71513ce1 Add feature to create tickets and grab ticket number when TICKET_NUMBER is not specified 
Signed-off-by: arkaprabhachakraborty <chakrabortyarkaprabha998@gmail.com>
 2026-03-21 19:02:39 +05:30
sfewer-r7 f822f98438 add in aux module for CVE-2026-20127 2026-03-20 12:33:24 +00:00
Adithyadspawar 6326f14768 Add documentation for 5 auxiliary scanner modules 2026-03-19 22:59:00 +05:30