https://github.com/chocapikk/msf-exploit-collection

✪ Collection of Metasploit Modules ✪
https://github.com/chocapikk/msf-exploit-collection

Last synced: 5 months ago
JSON representation

✪ Collection of Metasploit Modules ✪

• Host: GitHub
• URL: https://github.com/chocapikk/msf-exploit-collection
• Owner: Chocapikk
• Created: 2024-09-19T23:28:39.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2024-12-06T22:24:37.000Z (about 1 year ago)
• Last Synced: 2025-03-29T10:23:08.111Z (10 months ago)
• Language: Ruby
• Homepage:
• Size: 64.5 KB
• Stars: 8
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# ✪ My Contributions to Metasploit Framework (MSF)

![Total Modules](https://img.shields.io/badge/Total–39-blue)

![Fully Written](https://img.shields.io/badge/Fully%20Written–33-brightgreen)

![Rewritten](https://img.shields.io/badge/Rewritten–3-yellow)

![Assisted](https://img.shields.io/badge/Assisted–3-blue)

## ✪ Fully Written Modules (33)

- `avideo_wwbnindex_unauth_rce.rb` ([doc](documentation/modules/exploit/multi/http/avideo_wwbnindex_unauth_rce.md))

- `byob_unauth_rce.rb` ([doc](documentation/modules/exploit/unix/webapp/byob_unauth_rce.md))

- `craftcms_preauth_rce_cve_2025_32432.rb` ([doc](documentation/modules/exploit/linux/http/craftcms_preauth_rce_cve_2025_32432.md))

- `cyberpanel_preauth_rce_multi_cve.rb` ([doc](documentation/modules/exploit/unix/webapp/cyberpanel_preauth_rce_multi_cve.md))

- `ictbroadcast_unauth_cookie.rb` ([doc](documentation/modules/exploit/linux/http/ictbroadcast_unauth_cookie.md))

- `invision_customcss_rce.rb` ([doc](documentation/modules/exploit/multi/http/invision_customcss_rce.md))

- `majordomo_cmd_inject_cve_2023_50917.rb` ([doc](documentation/modules/exploit/linux/http/majordomo_cmd_inject_cve_2023_50917.md))

- `spip_bigup_unauth_rce.rb` ([doc](documentation/modules/exploit/multi/http/spip_bigup_unauth_rce.md))

- `spip_porte_plume_previsu_rce.rb` ([doc](documentation/modules/exploit/multi/http/spip_porte_plume_previsu_rce.md))

- `splunk_xslt_authenticated_rce.rb` ([doc](documentation/modules/exploit/unix/http/splunk_xslt_authenticated_rce.md))

- `vbulletin_replace_ad_template_rce.rb` ([doc](documentation/modules/exploit/multi/http/vbulletin_replace_ad_template_rce.md))

- `vicidial_agent_authenticated_rce.rb` ([doc](documentation/modules/exploit/unix/webapp/vicidial_agent_authenticated_rce.md))

- `vicidial_sql_enum_users_pass.rb` ([doc](documentation/modules/auxiliary/scanner/http/vicidial_sql_enum_users_pass.md))

- `vinchin_backup_recovery_cmd_inject.rb` ([doc](documentation/modules/exploit/linux/http/vinchin_backup_recovery_cmd_inject.md))

- `wingftp_null_byte_rce.rb` ([doc](documentation/modules/exploit/multi/http/wingftp_null_byte_rce.md))

- `wp_automatic_sqli_to_rce.rb` ([doc](documentation/modules/exploit/multi/http/wp_automatic_sqli_to_rce.md))

- `wp_bricks_builder_rce.rb` ([doc](documentation/modules/exploit/multi/http/wp_bricks_builder_rce.md))

- `wp_depicter_sqli_cve_2025_2011.rb` ([doc](documentation/modules/auxiliary/gather/wp_depicter_sqli_cve_2025_2011.md))

- `wp_fastest_cache_sqli.rb` ([doc](documentation/modules/auxiliary/scanner/http/wp_fastest_cache_sqli.md))

- `wp_givewp_rce.rb` ([doc](documentation/modules/exploit/multi/http/wp_givewp_rce.md))

- `wp_hash_form_rce.rb` ([doc](documentation/modules/exploit/multi/http/wp_hash_form_rce.md))

- `wp_learnpress_c_fields_sqli.rb` ([doc](documentation/modules/auxiliary/scanner/http/wp_learnpress_c_fields_sqli.md))

- `wp_photo_gallery_sqli.rb` ([doc](documentation/modules/auxiliary/gather/wp_photo_gallery_sqli.md))

- `wp_reallysimplessl_2fa_bypass_rce.rb` ([doc](documentation/modules/exploit/multi/http/wp_reallysimplessl_2fa_bypass_rce.md))

- `wp_royal_elementor_addons_rce.rb` ([doc](documentation/modules/exploit/multi/http/wp_royal_elementor_addons_rce.md))

- `wp_suretriggers_auth_bypass.rb` ([doc](documentation/modules/exploit/multi/http/wp_suretriggers_auth_bypass.md))

- `wp_time_capsule_file_upload_rce.rb` ([doc](documentation/modules/exploit/multi/http/wp_time_capsule_file_upload_rce.md))

- `wp_ti_woocommerce_wishlist_sqli.rb` ([doc](documentation/modules/auxiliary/scanner/http/wp_ti_woocommerce_wishlist_sqli.md))

- `wp_ultimate_member_sorting_sqli.rb` ([doc](documentation/modules/auxiliary/scanner/http/wp_ultimate_member_sorting_sqli.md))

- `wp_user_registration_membership_escalation.rb` ([doc](documentation/modules/exploit/multi/http/wp_user_registration_membership_escalation.md))

- `xorcom_completepbx_diagnostics_file_read.rb` ([doc](documentation/modules/auxiliary/scanner/http/xorcom_completepbx_diagnostics_file_read.md))

- `xorcom_completepbx_file_disclosure.rb` ([doc](documentation/modules/auxiliary/scanner/http/xorcom_completepbx_file_disclosure.md))

- `xorcom_completepbx_scheduler.rb` ([doc](documentation/modules/exploit/linux/http/xorcom_completepbx_scheduler.md))

## ✭ Rewritten Modules (3)

- `spip_connect_exec.rb` ([doc](documentation/modules/exploit/multi/http/spip_connect_exec.md))

- `spip_rce_form.rb` ([doc](documentation/modules/exploit/multi/http/spip_rce_form.md))

- `wp_backup_migration_php_filter.rb` ([doc](documentation/modules/exploit/multi/http/wp_backup_migration_php_filter.md))

## ✹ Assisted Modules (3)

- `geoserver_unauth_rce_cve_2024_36401.rb` ([doc](documentation/modules/exploit/multi/http/geoserver_unauth_rce_cve_2024_36401.md))

- `craftcms_ftp_template.rb` ([doc](documentation/modules/exploit/linux/http/craftcms_ftp_template.md))

- `maltrail_rce.rb` ([doc](documentation/modules/exploit/unix/http/maltrail_rce.md))

## ✪ Weekly Wrap-Ups

| Date       | Link                                                                                 |

|:----------:|:-------------------------------------------------------------------------------------|

| 07/11/2025 | [Article](https://www.rapid7.com/blog/post/metasploit-wrap-up-07-11-2025/) |

| 05/27/2025 | [Article](https://www.rapid7.com/blog/post/metasploit-wrap-up-06-27-25/) |

| 05/22/2025 | [Article](https://www.rapid7.com/blog/post/2025/05/22/metasploit-wrap-up-157/) |

| 05/16/2025 | [Article](https://www.rapid7.com/blog/post/2025/05/16/metasploit-wrap-up-05-16-2025/) |

| 12/20/2024 | [Article](https://www.rapid7.com/blog/post/2024/12/20/metasploit-weekly-wrap-up-12-20-2024/) |

| 11/13/2024 | [Article](https://www.rapid7.com/blog/post/2024/12/13/metasploit-weekly-wrap-up-12-13-2024/) |

| 11/08/2024 | [Article](https://www.rapid7.com/blog/post/2024/11/08/metasploit-wrap-up-11-08-2024/) |

| 11/01/2024 | [Article](https://www.rapid7.com/blog/post/2024/11/01/metasploit-weekly-wrap-up-11-01-2024/) |

| 10/18/2024 | [Article](https://www.rapid7.com/blog/post/2024/10/18/metasploit-weekly-wrap-up-10-18-2024/) |

| 10/04/2024 | [Article](https://www.rapid7.com/blog/post/2024/10/04/metasploit-weekly-wrap-up-10-04-2024/) |

| 09/27/2024 | [Article](https://www.rapid7.com/blog/post/2024/09/27/metasploit-weekly-wrap-up-09-27-2024/) |

| 09/13/2024 | [Article](https://www.rapid7.com/blog/post/2024/09/13/metasploit-weekly-wrap-up-09-13-2024/) |

| 08/30/2024 | [Article](https://www.rapid7.com/blog/post/2024/08/30/metasploit-weekly-wrap-up-08-30-2024/) |

| 08/23/2024 | [Article](https://www.rapid7.com/blog/post/2024/08/23/metasploit-weekly-wrap-up-08-23-2024/) |

| 06/07/2024 | [Article](https://www.rapid7.com/blog/post/2024/06/07/metasploit-weekly-wrap-up-06-07-2024/) |

| 05/23/2024 | [Article](https://www.rapid7.com/blog/post/2024/05/23/metasploit-weekly-wrap-up-05-23-2024/) |

| 03/29/2024 | [Article](https://www.rapid7.com/blog/post/2024/03/29/metasploit-weekly-wrap-up-03-29-2024/) |

| 01/26/2024 | [Article](https://www.rapid7.com/blog/post/2024/01/26/metasploit-weekly-wrap-up-01-26-24/) |

| 12/22/2023 | [Article](https://www.rapid7.com/blog/post/2023/12/22/metasploit-weekly-wrap-up-39/) |

| 12/15/2023 | [Article](https://www.rapid7.com/blog/post/2023/12/15/metasploit-weekly-wrap-up-38/) |

| 12/01/2023 | [Article](https://www.rapid7.com/blog/post/2023/12/01/metasploit-weekly-wrap-up-37/) |