Dirtyc0w Docker POC Logo

Dirtyc0w Docker POC

0
Free
Offensive Security
Docker
Privilege Escalation
Exploit
Apparmor
Container Security
Visit Website

The Dirtyc0w Docker POC utilizes the dirtyc0w kernel exploit for privilege escalation within a standard nginx image by adding a non-root user named hacker to the exploit files. The POC demonstrates the importance of correct container security and provides insights on mitigating the attack without patching using an AppArmor profile.

FEATURES

ALTERNATIVES

C2concealer Logo
C2concealer

Generates randomized C2 profiles for Cobalt Strike to evade detection.

Free
Offensive Security
Pacu Logo
Pacu

Pacu is an open-source AWS exploitation framework for offensive security testing against cloud environments.

Free
Offensive Security
Loading Alternate Data Stream (ADS) DLL/CPL Binaries to Bypass AppLocker Logo
Loading Alternate Data Stream (ADS) DLL/CPL Binaries to Bypass AppLocker

Utilizing Alternate Data Streams (ADS) to bypass AppLocker default policies by loading DLL/CPL binaries.

Free
Offensive Security
dref Logo
dref

A DNS rebinding exploitation framework

Free
Offensive Security
SSH MITM v2.3-dev Logo
SSH MITM v2.3-dev

A penetration testing tool for intercepting SSH connections and logging plaintext passwords.

Free
Offensive Security
IntruderPayloads Logo
IntruderPayloads

A collection of payloads and methodologies for web pentesting.

Free
Offensive Security
GraphQLmap Logo
GraphQLmap

A scripting engine for interacting with GraphQL endpoints for pentesting purposes.

Free
Offensive Security
Projectdiscovery.io | Chaos Logo
Projectdiscovery.io | Chaos

A powerful enumeration tool for discovering assets and subdomains.

Free
Offensive Security

PINNED

Mandos Brief Newsletter Logo

Mandos Brief Newsletter

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Resources
PTJunior Logo

PTJunior

An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.

Offensive Security
CTIChef.com Detection Feeds Logo

CTIChef.com Detection Feeds

A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.

Threat Management
ImmuniWeb® Discovery Logo

ImmuniWeb® Discovery

ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Attack Surface Management
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security