Home / rapid7 / metasploit-framework
Repository Analysis

rapid7/metasploit-framework

Metasploit Framework

4.9 Likely human-written View on GitHub
4.9
Adjusted Score
4.9
Raw Score
100%
Time Factor
2026-05-29
Last Push
38,271
Stars
Ruby
Language
2,007,565
Lines of Code
12201
Files
5689
Pattern Hits
2026-05-31
Scan Date

Score History

Severity Breakdown

CRITICAL 125HIGH 17MEDIUM 1354LOW 4193

Pattern Findings

5689 matches across 16 categories. Click a row to expand file-level details.

Self-Referential Comments890 hits · 2712 pts
SeverityFileLineSnippet
MEDIUMtools/password/md5_lookup.rb132 # This class is basically an auxiliary module without relying on msfconsole
MEDIUMtools/password/vxmaster.rb112# Create the master password list output file
MEDIUMtools/exploit/metasm_shell.rb15# This file is part of Metasm, the Ruby assembly manipulation suite
MEDIUMtools/dev/hash_cracker_validator.rb347# Create a john pot tempfile used by the pot-mode tests
MEDIUMtools/dev/detect_dead_reference_links.rb298 # Create the final list of URLs and paths
MEDIUMtools/dev/msftidy.rb372 if @source =~ /^# This file is part of the Metasploit Framework and may be subject to/
MEDIUMtools/modules/payload_lengths.rb50 # Create the payload instance
MEDIUMtest/functional/framework/msfconsole_spec.rb33 ## Create a framework object
MEDIUMtest/functional/framework/msfconsole_spec.rb113 ## Create the rspec Test Case
MEDIUMtest/functional/meterpreter/meterpreter_java_spec.rb65 # Initialize the exploit instance
MEDIUMtest/functional/meterpreter/java_meterpreter_specs.rb3 ## This file is intended to be used in conjunction with a harness,
MEDIUM…st/functional/meterpreter/windows_meterpreter_specs.rb3 ## This file is intended to be used in conjunction with a harness,
MEDIUMtest/functional/meterpreter/meterpreter_php_spec.rb56 # Initialize the exploit instance
MEDIUMtest/functional/meterpreter/meterpreter_spec_helper.rb47 # Create a new file and write to it
MEDIUMtest/functional/meterpreter/meterpreter_win32_spec.rb75 # Initialize the exploit instance
MEDIUMplugins/ffautoregen.rb11 # This class implements a single edit command.
MEDIUMplugins/ffautoregen.rb34 # This method handles the command.
MEDIUMplugins/wiki.rb24 # This class implements a command dispatcher that provides commands to
MEDIUMplugins/wiki.rb84 # Create a table options hash
MEDIUMplugins/wiki.rb483 # The following methods are added here to keep the initialize method
MEDIUMplugins/sample.rb14 # This class implements a sample console command dispatcher.
MEDIUMplugins/sample.rb37 # This method handles the sample command.
MEDIUMplugins/fzuse.rb80 # This method handles the fzuse command.
MEDIUMplugins/nexpose.rb495 # Create a temporary site
MEDIUMplugins/msgrpc.rb15 # This class implements the msfd plugin interface.
MEDIUMplugins/pcap_log.rb2# This file is part of the Metasploit Framework and may be subject to
MEDIUMplugins/db_tracker.rb13 # This class implements a socket communication tracker
MEDIUMplugins/ips_filter.rb14 # This class implements a socket communication logger
MEDIUMplugins/socket_logger.rb12 # This class implements a socket communication logger
MEDIUMplugins/msfd.rb12 # This class implements the msfd plugin interface.
MEDIUMspec/lib/msf/core/mcp/tools/tool_helper_spec.rb6 # Create a test class that includes the helper inside class << self,
MEDIUMdocs/build.rb541 # Create a new branch based on the commits from https://github.com/rapid7/metasploit-framework/wiki to move
MEDIUMdocs/build.rb549 # Create a new folder and branch in the old metasploit wiki for where we'd like it to be inside of the metasploi
MEDIUMdocs/build.rb556 # Create a new folder to move the wiki contents into
MEDIUMdocs/build.rb560 # Create a new branch + commit
MEDIUMdocs/build.rb567 # Create a new branch that can be used to create a pull request
MEDIUMscripts/meterpreter/event_manager.rb58 # Create a hash to store the log info in (and throw default info in)
MEDIUMscripts/meterpreter/event_manager.rb223# Create a directory for any local logging if the user desires
MEDIUMscripts/meterpreter/packetrecorder.rb61 # Create a directory for the logs
MEDIUMscripts/meterpreter/packetrecorder.rb68 # Create the log directory
MEDIUMscripts/meterpreter/netenum.rb32# Create a directory for the logs
MEDIUMscripts/meterpreter/netenum.rb35# Create the log directory
MEDIUMscripts/meterpreter/vnc.rb94# Create the raw payload
MEDIUMscripts/meterpreter/vnc.rb144 # Create a host process
MEDIUMscripts/meterpreter/process_memdump.rb93 # Create a directory for the logs
MEDIUMscripts/meterpreter/process_memdump.rb95 # Create the log directory
MEDIUMscripts/meterpreter/winbf.rb135 # Create a directory for the logs
MEDIUMscripts/meterpreter/winbf.rb138 # Create the log directory
MEDIUMscripts/meterpreter/virtualbox_sysenter_dos.rb50# Create a new thread on the shellcode pointer
MEDIUMscripts/meterpreter/remotewinenum.rb29# Create a directory for the logs
MEDIUMscripts/meterpreter/remotewinenum.rb32# Create the log directory
MEDIUMscripts/meterpreter/metsvc.rb63 # Create the persistent VBS
MEDIUMscripts/meterpreter/winenum.rb49# Create a directory for the logs
MEDIUMscripts/meterpreter/winenum.rb52# Create the log directory
MEDIUMscripts/meterpreter/enum_firefox.rb19# Create a directory for the logs
MEDIUMscripts/meterpreter/enum_firefox.rb35 # Create the log
MEDIUMscripts/meterpreter/get_filezilla_creds.rb42# Create a directory for the logs
MEDIUMscripts/meterpreter/get_filezilla_creds.rb44# Create the log directory
MEDIUMscripts/meterpreter/gettelnet.rb16# Create a directory for the logs
MEDIUMscripts/meterpreter/gettelnet.rb19# Create the log directory
830 more matches not shown…
Over-Commented Block2659 hits · 2593 pts
SeverityFileLineSnippet
LOW…ules/exploit/linux/http/skyvern_ssti_cve_2025_49619.md61 # - BROWSER_REMOTE_DEBUGGING_URL=http://host.docker.internal:9222/
LOW…ules/exploit/linux/http/skyvern_ssti_cve_2025_49619.md81 # If you'd like to use Microsoft Azure OpenAI as your managed LLM service integration with Skyvern, use the environm
LOW…ules/exploit/linux/http/skyvern_ssti_cve_2025_49619.md101 # 4. In the Amazon Bedrock console, go to "Model Access"
LOW…ules/exploit/linux/http/skyvern_ssti_cve_2025_49619.md121 # - ENABLE_GROQ=true
LOW…ules/exploit/linux/http/skyvern_ssti_cve_2025_49619.md161 environment: {}
LOW…ther/gladinet_storage_path_traversal_cve_2025_11371.md181filepath => Windows\System32\drivers\etc\hosts
LOW…dules/auxiliary/gather/osticket_arbitrary_file_read.md981
LOW…dules/auxiliary/gather/osticket_arbitrary_file_read.md1001# define('DBSSLKEY','/path/to/client.key');
LOW…xiliary/gather/gladinet_storage_access_ticket_forge.md301[*] Running automatic check ("set AutoCheck false" to disable)
LOW…ation/modules/auxiliary/scanner/misc/clamav_control.md21# Default: no
LOW…ation/modules/auxiliary/scanner/misc/clamav_control.md41# Default: 10M
LOWtools/password/cpassword_decrypt.rb1#!/usr/bin/env ruby
LOWtools/password/cpassword_decrypt.rb21# mubix (domain/dc enumeration code)
LOWtools/password/md5_lookup.rb1#!/usr/bin/env ruby
LOWtools/password/halflm_second.rb1#!/usr/bin/env ruby
LOWtools/password/hmac_sha1_crack.rb1#!/usr/bin/env ruby
LOWtools/password/vxmaster.rb1#!/usr/bin/env ruby
LOWtools/hardware/elm327_relay.rb1#!/usr/bin/env ruby
LOWtools/hardware/elm327_relay.rb361
LOWtools/exploit/metasm_shell.rb1#!/usr/bin/env ruby
LOWtools/exploit/virustotal.rb1#!/usr/bin/env ruby
LOWtools/dev/find_and_replace_dead_reference_links.rb1##
LOWtools/dev/pre-commit-hook.rb1#!/usr/bin/env ruby
LOWtools/dev/msftidy_docs.rb61 # are usually style issues that may be okay for people who aren't core
LOWtools/dev/hash_cracker_validator.rb221 creds_command << ' creds add user:mysql_probe hash:445ff82636a7ba59 jtr:mysql;'
LOWtools/dev/generate_mitre_attack_technique_constants.rb1#!/usr/bin/env ruby
LOWtools/modules/missing_payload_tests.rb1#!/usr/bin/env ruby
LOWtools/modules/module_commits.rb1#!/usr/bin/env ruby
LOWtools/modules/verify_datastore.rb1#!/usr/bin/env ruby
LOWtools/modules/file_pull_requests.rb1#!/usr/bin/env ruby
LOWtools/modules/committer_count.rb1#!/usr/bin/env ruby
LOWtools/recon/makeiplist.rb1#!/usr/bin/env ruby
LOWapp/concerns/mdm/workspace/boundary_range.rb1module Mdm::Workspace::BoundaryRange
LOWtest/kubernetes/lucee/Chart.yaml1apiVersion: v2
LOWtest/kubernetes/lucee/values.yaml41# allowPrivilegeEscalation: false
LOWtest/kubernetes/lucee/values.yaml81 # - secretName: chart-example-tls
LOWtest/kubernetes/secrets/Chart.yaml1apiVersion: v2
LOWtest/kubernetes/thinkphp/Chart.yaml1apiVersion: v2
LOWtest/kubernetes/thinkphp/values.yaml21serviceAccount:
LOWtest/kubernetes/thinkphp/values.yaml41# capabilities:
LOWtest/kubernetes/thinkphp/values.yaml81 # - chart-example.local
LOWplugins/ffautoregen.rb1module Msf
LOWplugins/wiki.rb1##
LOWplugins/wiki.rb21
LOWplugins/wiki.rb61 # arguments to the wiki method with a wiki_type of 'mediawiki'
LOWplugins/wiki.rb421 end
LOWplugins/lab.rb541 #
LOWplugins/sample.rb1module Msf
LOWplugins/sample.rb61
LOWplugins/msgrpc.rb1#
LOWplugins/wmap.rb1#
LOWplugins/wmap.rb21 # @!attribute njobs
LOWplugins/token_adduser.rb1#
LOWplugins/request.rb201 # @option opts [String] :auth_username An optional username to use with
LOWplugins/request.rb221 # @param opt_parser [Rex::Parser::Arguments] the argument parser for the
LOWplugins/request.rb241 # @option opts [String] :method The HTTP method to use in the request.
LOWplugins/db_tracker.rb1module Msf
LOWplugins/alias.rb221 # Validate a proposed alias with the +name+ and having the value +value+
LOWplugins/alias.rb301 ## Register the commands above
LOWplugins/thread.rb81
2599 more matches not shown…
Hallucination Indicators125 hits · 1235 pts
SeverityFileLineSnippet
CRITICAL…xploit/linux/http/lucee_admin_imgprocess_file_write.md86 at lucee.runtime.type.util.StructSupport.invalidKey(StructSupport.java:67)
CRITICAL…xploit/linux/http/lucee_admin_imgprocess_file_write.md125 at lucee.runtime.type.util.StructSupport.invalidKey(StructSupport.java:67)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md105 at com.vmware.vsan.client.services.ProxygenController.invokeService(ProxygenController.java:130)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md106 at com.vmware.vsan.client.services.ProxygenController.invokeServiceWithJson(ProxygenController.java:64)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md111 at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md112 at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md113 at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocable
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md114 at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappin
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md115 at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHand
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md116 at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md117 at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md118 at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md119 at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md120 at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md122 at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md125 at org.eclipse.equinox.http.servlet.internal.registration.EndpointRegistration.service(EndpointRegistration.java:153)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md126 at org.eclipse.equinox.http.servlet.internal.servlet.FilterChainImpl.doFilter(FilterChainImpl.java:50)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md127 at com.vmware.o6jia.context.web.filter.WelcomeFileFilter.doFilter(WelcomeFileFilter.java:48)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md129 at org.eclipse.equinox.http.servlet.internal.registration.FilterRegistration.doFilter(FilterRegistration.java:121)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md130 at org.eclipse.equinox.http.servlet.internal.servlet.FilterChainImpl.doFilter(FilterChainImpl.java:45)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md131 at com.vmware.o6jia.context.web.filter.ContextPathAwareDelegatingFilter.doFilter(ContextPathAwareDelegatingFilter.java:
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md133 at org.eclipse.equinox.http.servlet.internal.registration.FilterRegistration.doFilter(FilterRegistration.java:121)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md134 at org.eclipse.equinox.http.servlet.internal.servlet.FilterChainImpl.doFilter(FilterChainImpl.java:45)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md135 at com.vmware.o6jia.context.web.filter.ContextPathAwareDelegatingFilter.doFilter(ContextPathAwareDelegatingFilter.java:
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md137 at org.eclipse.equinox.http.servlet.internal.registration.FilterRegistration.doFilter(FilterRegistration.java:121)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md138 at org.eclipse.equinox.http.servlet.internal.servlet.FilterChainImpl.doFilter(FilterChainImpl.java:45)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md139 at com.vmware.o6jia.context.web.filter.ContextPathAwareDelegatingFilter.doFilter(ContextPathAwareDelegatingFilter.java:
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md141 at org.eclipse.equinox.http.servlet.internal.registration.FilterRegistration.doFilter(FilterRegistration.java:121)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md142 at org.eclipse.equinox.http.servlet.internal.servlet.FilterChainImpl.doFilter(FilterChainImpl.java:45)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md143 at com.vmware.o6jia.context.web.filter.ContextPathAwareDelegatingFilter.doFilter(ContextPathAwareDelegatingFilter.java:
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md145 at org.eclipse.equinox.http.servlet.internal.registration.FilterRegistration.doFilter(FilterRegistration.java:121)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md146 at org.eclipse.equinox.http.servlet.internal.servlet.FilterChainImpl.doFilter(FilterChainImpl.java:45)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md147 at com.vmware.o6jia.context.web.filter.ContextPathAwareDelegatingFilter.doFilter(ContextPathAwareDelegatingFilter.java:
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md149 at org.eclipse.equinox.http.servlet.internal.registration.FilterRegistration.doFilter(FilterRegistration.java:121)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md150 at org.eclipse.equinox.http.servlet.internal.servlet.FilterChainImpl.doFilter(FilterChainImpl.java:45)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md151 at com.vmware.o6jia.context.web.filter.ContextPathAwareDelegatingFilter.doFilter(ContextPathAwareDelegatingFilter.java:
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md153 at org.eclipse.equinox.http.servlet.internal.registration.FilterRegistration.doFilter(FilterRegistration.java:121)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md154 at org.eclipse.equinox.http.servlet.internal.servlet.FilterChainImpl.doFilter(FilterChainImpl.java:45)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md155 at com.vmware.o6jia.context.web.filter.ContextPathAwareDelegatingFilter.doFilter(ContextPathAwareDelegatingFilter.java:
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md157 at org.eclipse.equinox.http.servlet.internal.registration.FilterRegistration.doFilter(FilterRegistration.java:121)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md158 at org.eclipse.equinox.http.servlet.internal.servlet.FilterChainImpl.doFilter(FilterChainImpl.java:45)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md159 at com.vmware.o6jia.context.web.filter.ContextPathAwareDelegatingFilter.doFilter(ContextPathAwareDelegatingFilter.java:
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md161 at org.eclipse.equinox.http.servlet.internal.registration.FilterRegistration.doFilter(FilterRegistration.java:121)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md162 at org.eclipse.equinox.http.servlet.internal.servlet.FilterChainImpl.doFilter(FilterChainImpl.java:45)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md163 at com.vmware.o6jia.context.web.filter.ContextPathAwareDelegatingFilter.doFilter(ContextPathAwareDelegatingFilter.java:
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md165 at org.eclipse.equinox.http.servlet.internal.registration.FilterRegistration.doFilter(FilterRegistration.java:121)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md166 at org.eclipse.equinox.http.servlet.internal.servlet.FilterChainImpl.doFilter(FilterChainImpl.java:45)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md167 at com.vmware.o6jia.context.web.filter.ContextPathAwareDelegatingFilter.doFilter(ContextPathAwareDelegatingFilter.java:
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md169 at org.eclipse.equinox.http.servlet.internal.registration.FilterRegistration.doFilter(FilterRegistration.java:121)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md170 at org.eclipse.equinox.http.servlet.internal.servlet.FilterChainImpl.doFilter(FilterChainImpl.java:45)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md171 at com.vmware.vise.security.SessionManagementFilter.doFilter(SessionManagementFilter.java:219)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md172 at com.vmware.o6jia.context.web.filter.ContextPathAwareDelegatingFilter.doFilter(ContextPathAwareDelegatingFilter.java:
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md174 at org.eclipse.equinox.http.servlet.internal.registration.FilterRegistration.doFilter(FilterRegistration.java:121)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md175 at org.eclipse.equinox.http.servlet.internal.servlet.FilterChainImpl.doFilter(FilterChainImpl.java:45)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md176 at com.vmware.o6jia.context.web.filter.ContextPathAwareDelegatingFilter.doFilter(ContextPathAwareDelegatingFilter.java:
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md178 at org.eclipse.equinox.http.servlet.internal.registration.FilterRegistration.doFilter(FilterRegistration.java:121)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md179 at org.eclipse.equinox.http.servlet.internal.servlet.FilterChainImpl.doFilter(FilterChainImpl.java:45)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md180 at com.vmware.o6jia.context.web.filter.ContextPathAwareDelegatingFilter.doFilter(ContextPathAwareDelegatingFilter.java:
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md182 at org.eclipse.equinox.http.servlet.internal.registration.FilterRegistration.doFilter(FilterRegistration.java:121)
CRITICAL…s/exploit/linux/http/vmware_vcenter_vsan_health_rce.md183 at org.eclipse.equinox.http.servlet.internal.servlet.FilterChainImpl.doFilter(FilterChainImpl.java:45)
65 more matches not shown…
Decorative Section Separators351 hits · 1086 pts
SeverityFileLineSnippet
MEDIUM…ules/exploit/linux/http/skyvern_ssti_cve_2025_49619.md62 # =========================
MEDIUM…ules/exploit/linux/http/skyvern_ssti_cve_2025_49619.md64 # =========================
MEDIUM…t/linux/http/invoiceshelf_unauth_rce_cve_2024_55556.md25 #-------------------------------------------
MEDIUM…t/linux/http/invoiceshelf_unauth_rce_cve_2024_55556.md28 #-------------------------------------------
MEDIUM…dules/auxiliary/gather/osticket_arbitrary_file_read.md965# ====================================================
MEDIUM…dules/auxiliary/gather/osticket_arbitrary_file_read.md984# ---------------------------------------------------
MEDIUM…dules/auxiliary/gather/osticket_arbitrary_file_read.md1005# ===================================================
MEDIUMplugins/openvas.rb210 #--------------------------
MEDIUMplugins/openvas.rb212 #--------------------------
MEDIUMplugins/openvas.rb123 #--------------------------
MEDIUMplugins/openvas.rb125 #--------------------------
MEDIUMplugins/openvas.rb153 #--------------------------
MEDIUMplugins/openvas.rb155 #--------------------------
MEDIUMplugins/openvas.rb268 #--------------------------
MEDIUMplugins/openvas.rb270 #--------------------------
MEDIUMplugins/openvas.rb407 #--------------------------
MEDIUMplugins/openvas.rb409 #--------------------------
MEDIUMplugins/openvas.rb430 #--------------------------
MEDIUMplugins/openvas.rb432 #--------------------------
MEDIUMplugins/openvas.rb452 #--------------------------
MEDIUMplugins/openvas.rb454 #--------------------------
MEDIUMplugins/openvas.rb539 #--------------------------
MEDIUMplugins/openvas.rb541 #--------------------------
MEDIUMplugins/openvas.rb564 #------------------------------
MEDIUMplugins/openvas.rb566 #------------------------------
MEDIUMplugins/besecure.rb75 #--------------------------
MEDIUMplugins/besecure.rb77 #--------------------------
MEDIUMplugins/besecure.rb163 #--------------------------
MEDIUMplugins/besecure.rb165 #--------------------------
MEDIUMplugins/besecure.rb321 #------------------------------
MEDIUMplugins/besecure.rb323 #------------------------------
MEDIUMspec/lib/msf/core/vuln_attempt_registration_spec.rb47 # ---------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/vuln_attempt_registration_spec.rb49 # ---------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/vuln_attempt_registration_spec.rb347 # ---------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/vuln_attempt_registration_spec.rb349 # ---------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/vuln_attempt_registration_spec.rb467 # ---------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/vuln_attempt_registration_spec.rb469 # ---------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/vuln_attempt_registration_spec.rb560 # ---------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/vuln_attempt_registration_spec.rb566 # ---------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/vuln_attempt_registration_spec.rb748 # ---------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/vuln_attempt_registration_spec.rb750 # ---------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/vuln_attempt_registration_spec.rb914 # ---------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/vuln_attempt_registration_spec.rb916 # ---------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/vuln_attempt_registration_spec.rb1023 # ---------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/vuln_attempt_registration_spec.rb1025 # ---------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/exploit/remote/ms_icpr_spec.rb60 # -------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/exploit/remote/ms_icpr_spec.rb77 # -------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/exploit/remote/ms_icpr_spec.rb108 # -------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/exploit/remote/ms_icpr_spec.rb132 # -------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/exploit/remote/ms_icpr_spec.rb156 # -------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/exploit/remote/ms_icpr_spec.rb189 # -------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/exploit/remote/ms_icpr_spec.rb229 # -------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/exploit/remote/ms_icpr_spec.rb281 # -------------------------------------------------------------------------
MEDIUMspec/lib/msf/core/exploit/remote/ms_icpr_spec.rb356 # -------------------------------------------------------------------------
MEDIUM…ib/msf/core/exploit/remote/http/web_enrollment_spec.rb52 # -------------------------------------------------------------------------
MEDIUM…ib/msf/core/exploit/remote/http/web_enrollment_spec.rb83 # -------------------------------------------------------------------------
MEDIUM…ib/msf/core/exploit/remote/http/web_enrollment_spec.rb110 # -------------------------------------------------------------------------
MEDIUM…ib/msf/core/exploit/remote/http/web_enrollment_spec.rb174 # -------------------------------------------------------------------------
MEDIUM…ib/msf/core/exploit/remote/http/web_enrollment_spec.rb208 # -------------------------------------------------------------------------
MEDIUMscripts/meterpreter/event_manager.rb10#-------------------------------------------------------------------------------
291 more matches not shown…
Hyper-Verbose Identifiers854 hits · 879 pts
SeverityFileLineSnippet
LOWtools/password/vxmaster.rb49def vxworks_pass_from_sum_refine(sum, bsum, pass)
LOWtools/dev/find_release_notes.rb67 def update_release_notes_entry(n)
LOWtools/dev/find_release_notes.rb103 def get_release_notes_from_module_name(n, input)
LOWtools/dev/find_release_notes.rb111 def get_release_notes_from_pr(n, pr)
LOWtools/modules/file_pull_requests.rb90 def get_pull_requests_from_commits(commits)
LOWtools/modules/file_pull_requests.rb109 def get_pull_request_from_commit(commit)
LOWtest/lib/regexr.rb30 def find_strings_that_dont_exist_in_data(data, regexes = [])
LOWtest/lib/regexr.rb65 def find_strings_that_exist_in_data_except(data, regexes = [], exceptions = [])
LOWtest/lib/msf_matchers.rb88 def contain_no_failures_except(failures = [], exceptions = [])
LOWtest/functional/framework/msfconsole_spec.rb187 def generate_java_meterpreter_session(input, output)
LOWtest/functional/framework/msfconsole_spec.rb191 def generate_php_meterpreter_session(input, output)
LOWtest/functional/meterpreter/meterpreter_spec_helper.rb13 def hlp_run_command_check_output(name, command, success_strings = [], fail_strings = [], fail_exception_strings
LOWplugins/session_notifier.rb48 def cmd_set_session_smtp_address(*args)
LOWplugins/session_notifier.rb52 def cmd_set_session_smtp_port(*args)
LOWplugins/session_notifier.rb61 def cmd_set_session_smtp_username(*args)
LOWplugins/session_notifier.rb65 def cmd_set_session_smtp_password(*args)
LOWplugins/session_notifier.rb69 def cmd_set_session_smtp_from(*args)
LOWplugins/session_notifier.rb73 def cmd_set_session_mobile_number(*args)
LOWplugins/session_notifier.rb82 def cmd_set_session_mobile_carrier(*args)
LOWplugins/session_notifier.rb86 def cmd_set_session_minimum_ip(*args)
LOWplugins/session_notifier.rb97 def cmd_set_session_maximum_ip(*args)
LOWplugins/session_notifier.rb108 def cmd_set_session_gotify_address(*args)
LOWplugins/session_notifier.rb120 def cmd_set_session_gotify_sslcert_path(*args)
LOWplugins/session_notifier.rb131 def cmd_set_session_dingtalk_webhook(*args)
LOWplugins/session_notifier.rb142 def cmd_set_session_serverjang_webhook(*args)
LOWplugins/session_notifier.rb153 def cmd_save_session_notifier_settings(*_args)
LOWplugins/session_notifier.rb158 def cmd_start_session_notifier(*_args)
LOWplugins/session_notifier.rb192 def cmd_stop_session_notifier(*_args)
LOWplugins/session_notifier.rb197 def cmd_restart_session_notifier(*args)
LOWplugins/nessus.rb425 def cmd_nessus_server_properties(*args)
LOWplugins/nessus.rb709 def cmd_nessus_report_host_details(*args)
LOWplugins/nessus.rb776 def cmd_nessus_report_download(*args)
LOWplugins/nessus.rb808 def cmd_nessus_report_host_ports(*args)
LOWplugins/nessus.rb1106 def cmd_nessus_db_scan_workspace(*args)
LOWplugins/nessus.rb1231 def cmd_nessus_scan_pause_all(*args)
LOWplugins/nessus.rb1347 def cmd_nessus_scan_resume_all(*args)
LOWplugins/nessus.rb1518 def cmd_nessus_scan_export_status(*args)
LOWplugins/nessus.rb1625 def cmd_nessus_plugin_details(*args)
LOWplugins/payloads_manager.rb468 def archived_payload_source_path(payload_path, context: nil, require_exists: true)
LOWplugins/payloads_manager.rb485 def fetch_to_archive_with_redirects(uri, requested_name = nil, limit = 5, max_size = MAX_FETCH_SIZE)
LOWplugins/nexpose.rb240 def cmd_nexpose_report_templates(*_args)
LOWplugins/openvas.rb213 def cmd_openvas_target_create(*args)
LOWplugins/openvas.rb230 def cmd_openvas_target_delete(*args)
LOWplugins/openvas.rb392 def cmd_openvas_task_resume_or_start(*args)
LOWplugins/openvas.rb482 def cmd_openvas_report_delete(*args)
LOWplugins/openvas.rb498 def cmd_openvas_report_download(*args)
LOWplugins/openvas.rb520 def cmd_openvas_report_import(*args)
LOWplugins/aggregator.rb268 def cmd_aggregator_cable_remove(*args)
LOWplugins/aggregator.rb282 def cmd_aggregator_session_park(*args)
LOWplugins/aggregator.rb305 def cmd_aggregator_default_forward(*_args)
LOWplugins/aggregator.rb311 def cmd_aggregator_session_forward(*args)
LOWplugins/aggregator.rb333 def cmd_aggregator_disconnect(*_args)
LOWplugins/besecure.rb228 def cmd_besecure_report_download(*args)
LOWplugins/besecure.rb295 def cmd_besecure_report_import(*args)
LOWspec/acceptance/meterpreter_spec.rb166 def get_file_attachment_contents(path)
LOWspec/acceptance/command_shell_spec.rb168 def get_file_attachment_contents(path)
LOW…hared/contexts/msf/simple/framework/modules/loading.rb47 def derive_ancestor_reference_names(options={})
LOW…hared/contexts/msf/simple/framework/modules/loading.rb84 def expect_to_load_module_ancestor(options={})
LOW…hared/contexts/msf/simple/framework/modules/loading.rb106 def expect_to_load_module_ancestors(options={})
LOWspec/support/matchers/match_table.rb22 def with_whitespace_highlighted(string)
794 more matches not shown…
AI Slop Vocabulary213 hits · 468 pts
SeverityFileLineSnippet
LOWtest/modules/exploits/test/egghunter.rb76 # just return otherwise
MEDIUMtest/functional/meterpreter/java_meterpreter_specs.rb3 ## This file is intended to be used in conjunction with a harness,
MEDIUMtest/functional/meterpreter/java_meterpreter_specs.rb3 ## This file is intended to be used in conjunction with a harness,
MEDIUM…st/functional/meterpreter/windows_meterpreter_specs.rb3 ## This file is intended to be used in conjunction with a harness,
MEDIUM…st/functional/meterpreter/windows_meterpreter_specs.rb3 ## This file is intended to be used in conjunction with a harness,
LOWplugins/lab.rb103 # then you are probably specifying a full path so let's just use normal file completion
LOWplugins/alias.rb233 # don't mess around, just return false in this case, prevents wasted processing
LOWplugins/alias.rb245 # don't mess around, just return false if we match
MEDIUMspec/acceptance/mssql_spec.rb149 # Run the given block in a 'test harness' which will handle all of the boilerplate for asserting module results, clean
MEDIUMspec/acceptance/mysql_spec.rb125 # Run the given block in a 'test harness' which will handle all of the boilerplate for asserting module results, clean
MEDIUMspec/acceptance/postgres_spec.rb133 # Run the given block in a 'test harness' which will handle all of the boilerplate for asserting module results, clean
MEDIUMspec/acceptance/ldap_spec.rb150 # Run the given block in a 'test harness' which will handle all of the boilerplate for asserting module results, clean
MEDIUMspec/acceptance/smb_spec.rb133 # Run the given block in a 'test harness' which will handle all of the boilerplate for asserting module results, clean
MEDIUMspec/support/acceptance/countdown.rb3 # A utility class which can be used in conjunction with Timeout mechanisms
MEDIUMspec/support/matchers/query_the_database.rb9 # * <tt>with</tt> - Used in conjunction with <tt>when_calling</tt> to pass parameters to the method to examine.
LOWspec/lib/msf/core/rhosts_walker_spec.rb33 # Slice the datastore options that we care about, ignoring other values that just add noise such as VERBOSE/WORKSP
MEDIUMscripts/meterpreter/scraper.rb33# Some of this script was developed in conjunction with _MAX_ (max[at]remote-exploit.org)
MEDIUMlib/msf/ui/console/module_action_commands.rb11# A mixin to enable the ModuleCommandDispatcher to leverage module ACTIONs as commands.
MEDIUMlib/msf/ui/console/command_dispatcher/modules.rb1794 # copying module names in conjunction with the `use <paste-buffer>` command
LOWlib/msf/ui/console/command_dispatcher/common.rb102 # For short lists, just set it directly
LOWlib/msf/ui/console/command_dispatcher/session.rb238 # then you are probably specifying a full path so let's just use normal file completion
LOWlib/msf/ui/console/command_dispatcher/resource.rb92 # then you are probably specifying a full path so let's just use normal file completion
LOWlib/msf/ui/console/command_dispatcher/dns.rb95 # Hard to auto-complete a rule with any meaningful value; just return
LOWlib/msf/ui/console/command_dispatcher/db.rb324 # help methods, just use it's "-h" so we don't have to recreating
MEDIUMlib/msf/core/exploit.rb307 # Allow all exploits to leverage context keyed encoding
LOWlib/msf/core/payload_set.rb298 # the payload set we simply create an instance of the class and do some
MEDIUMlib/msf/core/exploit_event.rb4# notifications about events pertaining to exploitation.
MEDIUMlib/msf/core/exploit/seh.rb9# robust fashion using the Rex::Exploitation::Seh class.
LOWlib/msf/core/exploit/remote/tincd_exploit_client.rb246 # modified decrypt routine, simply use the cipher as is.
LOWlib/msf/core/exploit/remote/browser_autopwn2.rb76 # again, it will just return whatever's been stored in the @browser_profile_prefix instance variable.
LOWlib/msf/core/exploit/remote/socket_server.rb140 # payload. In that case, just use the address of the interface
MEDIUMlib/msf/core/exploit/remote/jndi_injection.rb4# This is a mixin containing methods to facilitate exploiting JNDI injection flaws (such as Log4Shell) by using a
LOWlib/msf/core/exploit/remote/unirpc.rb50 # so just use secure mode to cover all bases
LOWlib/msf/core/exploit/remote/http_client.rb840 # Otherwise just return the signature string for compatibility
LOWlib/msf/core/exploit/remote/http_client.rb970 # Otherwise just return the signature string for compatibility
MEDIUMlib/msf/core/exploit/remote/telnet.rb82 # This hash is defined in order help facilitate easy debug printing
LOWlib/msf/core/exploit/remote/http/exchange.rb15 # If we already built the exchange builds array, then just return it.
LOWlib/msf/core/exploit/remote/http/exchange.rb147 # If we reach here we couldn't find the Exchange Server version, so just return nil to indicate this.
LOWlib/msf/core/post/file.rb910 # just use append to finish the rest
LOWlib/msf/core/post/windows/cli_parse.rb146 if ma = /^error:.*/i.match(results) # if line starts with Error: just pass to regular parser
MEDIUMlib/msf/core/post/windows/task_scheduler.rb97 # elevate privileges if the session is not already running under
MEDIUMlib/msf/core/post/windows/task_scheduler.rb138 # elevate privileges if the session is not already running under
MEDIUMlib/msf/core/post/windows/task_scheduler.rb214 # will also try to elevate privileges if the session is not already
MEDIUMlib/msf/core/module/platform.rb269 # utilize this as a catch-all.
MEDIUMlib/msf/core/payload/php.rb25 # Canonicalize the list of disabled functions to facilitate choosing a
MEDIUMlib/msf/core/payload/single.rb22 # used in conjunction with a stager. When a stager is used, generate will
LOWlib/msf/core/payload/linux/reverse_tcp_x86.rb102 # If the lower byte will be the same, just set the upper byte
LOWlib/msf/core/payload/windows/prepend_migrate.rb178 # and so we can just set ebx to the size of the payload
LOWlib/msf/core/payload/windows/prepend_migrate.rb352 # and so we can just set r8 to the size of the payload
LOWlib/msf/core/exe/segment_injector.rb196 # if there is no entry point, just return after we bail or spawn shellcode
LOWlib/msf/core/rpc/json/v1_0/rpc_command.rb112 # modified; otherwise, the object will simply pass-through.
LOWlib/msf/core/modules/loader/base.rb134 # read_module_content is responsible for calling {#load_error}, so just return here.
MEDIUMlib/msf/util/document_generator/document_normalizer.rb279 !mod.kind_of?(Msf::Exploit::FILEFORMAT) && # Definitely not a file format
LOWlib/msf/base/sessions/meterpreter.rb654 # otherwise just use the base for the session type tied to this handler.
LOWlib/msf/base/sessions/meterpreter.rb668 # otherwise just use the base for the session type tied to this handler.
LOWlib/rex/transformer.rb49 # If the src instance's class is supported, just add it to the dst
LOW…ex/post/hwbridge/ui/console/command_dispatcher/core.rb417 [ # We can just use Meterpreters script path
LOWlib/rex/post/meterpreter/client_core.rb117 # binaries, we end up with a case where this fails. So here we just return the
LOW…post/meterpreter/ui/console/command_dispatcher/kiwi.rb618 # Otherwise, just add a blank value
MEDIUM…erpreter/ui/console/command_dispatcher/priv/elevate.rb77 # Attempt to elevate the meterpreter to that of local system.
153 more matches not shown…
Redundant / Tautological Comments274 hits · 411 pts
SeverityFileLineSnippet
LOWtools/dev/detect_dead_reference_links.rb101 # Check if the URL is valid
LOWtest/ldap/samba-ad-setup.sh11# Check if samba is setup
LOWplugins/nessus.rb309 # Check if config file exists and load it
LOWplugins/wmap.rb784 # Check if an exclusion regex has been defined
LOWscripts/meterpreter/process_memdump.rb111 # Check if Allocated
LOWscripts/meterpreter/virusscan_bypass.rb201 # Set registry to run executable at startup
LOWscripts/meterpreter/service_manager.rb60# Check if sufficient privileges are present for certain actions
LOWscripts/meterpreter/hashdump.rb154 #Check if hashes exist (if 20, then we've got a hash)
LOWscripts/meterpreter/hostsedit.rb40#Set path to the hosts file
LOWlib/msf/ui/console/driver.rb75 # Check if files have been modified and force immediate loading if so
LOWlib/msf/ui/console/driver.rb664 # Check if we want to write the log to file
LOWlib/msf/ui/console/driver.rb672 # Check if we want to write the log file to a directory
LOWlib/msf/ui/console/driver.rb680 # Check if the subdirectory exists
LOWlib/msf/ui/console/command_dispatcher.rb111 # Check if the item is negative, as this will not always be a range
LOWlib/msf/ui/console/command_dispatcher/auxiliary.rb64 # Check if this is a scanner module or doesn't target remote hosts
LOWlib/msf/ui/console/command_dispatcher/core.rb2237 # Check if we need to append the default filename if user provided an output directory
LOWlib/msf/ui/console/command_dispatcher/db.rb2302 # Check if the stderr text includes 'root', this only happens if the scan requires root privileges
LOWlib/msf/core/plugin_manager.rb77 # Add it to the list of plugins
LOWlib/msf/core/opt_meterpreter_debug_logging.rb48 # Check if we log to rpath
LOWlib/msf/core/exploit/laravel_crypto_killer.rb16 # Check if cipher is valid
LOWlib/msf/core/exploit/file_dropper.rb123 # Check if file_rm method is available (local exploit, mixin support, module support)
LOWlib/msf/core/exploit/file_dropper.rb135 # Check if dir_rm method is available (local exploit, mixin support, module support)
LOWlib/msf/core/exploit/file_dropper.rb278 # Check if the path being removed is the same as the working directory
LOWlib/msf/core/exploit/java.rb154 # Check if the keystore exists from previous run. If it does, delete it.
LOWlib/msf/core/exploit/remote/tincd_exploit_client.rb264 # Check if we already received a newline, meaning we got an
LOWlib/msf/core/exploit/remote/browser_autopwn2.rb689 # Check if target is on our whitelist
LOW…f/core/exploit/remote/http/gitlab/form/authenticate.rb32 # Check if a valid gitlab cookie is returned
LOWlib/msf/core/exploit/remote/http/wordpress/login.rb19 # Check if a valid wordpress cookie is returned
LOW…/remote/http/manage_engine_adaudit_plus/target_info.rb248 # Check if the GPOWatcherData endpoint is available
LOW…xploit/remote/http/manage_engine_adaudit_plus/login.rb49 # Check if we have an initial adapcsrf cookie with the expected format
LOW…xploit/remote/http/manage_engine_adaudit_plus/login.rb117 # Check if we are actually logged in by visiting the home page.
LOWlib/msf/core/exploit/remote/http/nagios_xi/login.rb124 # Check if we are perhaps dealing with a Nagios XI app that hasn't been fully installed yet
LOWlib/msf/core/exploit/remote/http/nagios_xi/login.rb236 # Check if we need to sign the license agreement
LOWlib/msf/core/post/hardware/zigbee/utils.rb53 # Verify if a device has been specified.
LOWlib/msf/core/post/hardware/zigbee/utils.rb156 # Check if we are dealing with a beacon frame
LOWlib/msf/core/post/windows/packrat.rb219 # Check if the applications's base folder exists in user's directory on the remote computer.
LOWlib/msf/core/post/windows/accounts.rb69 # Check if host is an Active Directory domain controller
LOWlib/msf/core/post/windows/services.rb288 # Check if the specified Windows service exists.
LOWlib/msf/core/module/failure.rb86 # Check if RHOST is a valid IP address to avoid ActiveRecord issues on validation
LOWlib/msf/core/module_manager/reloading.rb41 # Check if the namespace module has a loader
LOWlib/msf/core/payload/android.rb97 # Set not_after to a random time 2~ years before the first bad date.
LOWlib/msf/core/payload/windows/reverse_tcp.rb152 # Check if a bind port was specified
LOWlib/msf/core/payload/windows/prepend_migrate.rb105 # Check if we can find block_api in the payload
LOWlib/msf/core/payload/windows/prepend_migrate.rb282 # Check if we can find block_api in the payload
LOWlib/msf/core/mcp/rpc_manager.rb274 # Check if the managed child process is still alive.
LOWlib/msf/core/mcp/security/rate_limiter.rb20 # Check if request is allowed, consume token if yes
LOWlib/msf/core/db_manager/host.rb79 # Set host_id to the ID of the host entry in the database that was found.
LOW…eb_services/authentication/strategies/user_password.rb18 # Check if request contains valid data and should be authenticated.
LOW…re/web_services/authentication/strategies/api_token.rb8 # Check if request contains valid data and should be authenticated.
LOWlib/msf/core/auxiliary/auth_brute.rb298 # Set noconn to indicate that in this case, each_user_pass
LOWlib/msf/core/auxiliary/gladinet.rb34 # Check if content contains a machineKey
LOWlib/msf/core/auxiliary/gladinet.rb75 # Check if target is a Gladinet CentreStack/Triofox installation
LOWlib/msf/core/auxiliary/cnpilot.rb43 # Check if App is Cambium cnPilot
LOWlib/msf/core/auxiliary/epmp.rb43 # Check if App is Cambium ePMP 1000
LOWlib/msf/util/exe/common.rb65 # Check if it exists now
LOWlib/msf/base/sessions/command_shell.rb421 # Check if src exists
LOWlib/msf/base/sessions/command_shell.rb431 # Write file to local machine
LOW…ex/post/hwbridge/ui/console/command_dispatcher/core.rb570 # Insert the module into the list of extensions
LOWlib/rex/post/meterpreter/packet.rb751 # Insert it into the list of TLVs
LOW…post/meterpreter/ui/console/command_dispatcher/core.rb1680 # Insert the module into the list of extensions
214 more matches not shown…
Fake / Example Data123 hits · 118 pts
SeverityFileLineSnippet
LOW…tion/modules/exploit/multi/http/wp_acf_extended_rce.md74 --admin_email='admin@example.com' \
LOW…loit/multi/http/wp_king_addons_privilege_escalation.md85wp core install --path='/var/www/html' --url='http://localhost:5556' --title='Exploit Market' --admin_user='admin' --adm
LOW…ion/modules/exploit/multi/http/wp_ai_engine_mcp_rce.md94docker exec wp-ai-engine-lab wp core install --path='/var/www/html' --url='http://localhost:5555' --title='Exploit Marke
LOW…t/smb/shares/readonly/my_directory/accessible_file.txt1Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliq
LOW…t/smb/shares/readonly/my_directory/accessible_file.txt1Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliq
LOW…t/smb/shares/modifiable/recursive/admin_root/readme.md1Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliq
LOW…t/smb/shares/modifiable/recursive/admin_root/readme.md1Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliq
LOWtest/kubernetes/secrets/templates/dockerconfigjson.yaml8 '{"auths":{"https://index.docker.io/v1/":{"username":"username","password":"password","email":"admin@example.com","a
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb19 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb19 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb58 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb58 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb81 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb81 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb104 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb104 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb130 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb130 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb156 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb156 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb182 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb182 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb207 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb207 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb232 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/lint/module_enforce_notes_spec.rb232 'Description' => 'Lorem ipsum dolor sit amet',
LOW…ubocop/cop/lint/module_disclosure_date_present_spec.rb19 'Description' => 'Lorem ipsum dolor sit amet',
LOW…ubocop/cop/lint/module_disclosure_date_present_spec.rb19 'Description' => 'Lorem ipsum dolor sit amet',
LOW…ubocop/cop/lint/module_disclosure_date_present_spec.rb40 'Description' => 'Lorem ipsum dolor sit amet',
LOW…ubocop/cop/lint/module_disclosure_date_present_spec.rb40 'Description' => 'Lorem ipsum dolor sit amet',
LOW…rubocop/cop/lint/module_disclosure_date_format_spec.rb27 'Description' => 'Lorem ipsum dolor sit amet',
LOW…rubocop/cop/lint/module_disclosure_date_format_spec.rb27 'Description' => 'Lorem ipsum dolor sit amet',
LOW…rubocop/cop/lint/module_disclosure_date_format_spec.rb48 'Description' => 'Lorem ipsum dolor sit amet',
LOW…rubocop/cop/lint/module_disclosure_date_format_spec.rb48 'Description' => 'Lorem ipsum dolor sit amet',
LOW…rubocop/cop/lint/module_disclosure_date_format_spec.rb68 'Description' => 'Lorem ipsum dolor sit amet',
LOW…rubocop/cop/lint/module_disclosure_date_format_spec.rb68 'Description' => 'Lorem ipsum dolor sit amet',
LOW…rubocop/cop/lint/module_disclosure_date_format_spec.rb92 'Description' => 'Lorem ipsum dolor sit amet',
LOW…rubocop/cop/lint/module_disclosure_date_format_spec.rb92 'Description' => 'Lorem ipsum dolor sit amet',
LOW…rubocop/cop/lint/module_disclosure_date_format_spec.rb112 'Description' => 'Lorem ipsum dolor sit amet',
LOW…rubocop/cop/lint/module_disclosure_date_format_spec.rb112 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb23 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb23 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb43 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb43 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb63 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb63 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb84 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb84 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb103 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb103 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb124 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb124 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb143 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb143 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb164 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb164 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb183 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb183 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb204 'Description' => 'Lorem ipsum dolor sit amet',
LOWspec/rubocop/cop/layout/module_hash_on_new_line_spec.rb204 'Description' => 'Lorem ipsum dolor sit amet',
63 more matches not shown…
Verbosity Indicators61 hits · 107 pts
SeverityFileLineSnippet
LOWlib/msf/core/exploit/remote/http_client.rb856 # This section handles a few simple cases of pattern matching and service
LOWmodules/exploits/multi/misc/ibm_tm1_unauth_rce.rb409 # Step 1: fetch the available applications / servers from the Admin server
LOWmodules/exploits/multi/misc/ibm_tm1_unauth_rce.rb509 # Step 2: get the current app server configuration variables, such as the current auth method used
LOWmodules/exploits/multi/misc/ibm_tm1_unauth_rce.rb519 # Step 3: start the fake CAM server / exploit server
LOWmodules/exploits/multi/misc/ibm_tm1_unauth_rce.rb539 # Step 4: send the server config update packet, and ignore what it sends back
LOWmodules/exploits/multi/misc/ibm_tm1_unauth_rce.rb546 # Step 5: send the CAM auth request and obtain the authentication object
LOWmodules/exploits/multi/misc/ibm_tm1_unauth_rce.rb594 # Step 6: create a Process object
LOWmodules/exploits/multi/misc/ibm_tm1_unauth_rce.rb628 # Step 7: add the commands into the process object
LOWmodules/exploits/multi/misc/ibm_tm1_unauth_rce.rb635 # Step 8: register the Process object with a random name
LOWmodules/exploits/multi/misc/ibm_tm1_unauth_rce.rb640 # Step 9: execute the Process!
LOWmodules/exploits/multi/misc/ibm_tm1_unauth_rce.rb645 # Step 10: restore the auth method and enjoy the shell!
LOW…les/exploits/multi/browser/firefox_webidl_injection.rb116 // Step 2: load the chrome-level window up with a data URI, which
LOW…xploits/multi/http/opmanager_sumpdu_deserialization.rb146 # Step 1: Establish a valid HTTP session
LOW…xploits/multi/http/opmanager_sumpdu_deserialization.rb174 # Step 2: Add the requestHandler to the HTTP session
LOW…xploits/multi/http/opmanager_sumpdu_deserialization.rb192 # Step 3: Exploit the deserialization vulnerability to run commands
LOW…ts/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb180 # Step 1 : Start HTTP server for XSL file serving
LOW…ts/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb194 # Step 2: Get CSRF token
LOW…ts/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb202 # Step 3: Smuggle payload
LOW…ts/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb208 # Step 4: Send exploit request
LOW…ts/multi/http/oracle_ebs_cve_2025_61882_exploit_rce.rb212 # Step 5: Wait for XSLT file download
LOW…dules/exploits/multi/http/clinic_pms_fileupload_rce.rb59 # Step 1: Retrieve PHPSESSID
LOW…dules/exploits/multi/http/clinic_pms_fileupload_rce.rb80 # Step 2: Attempt File Upload
LOW…dules/exploits/multi/http/clinic_pms_fileupload_rce.rb106 # Step 3: Verify File in Directory Listing
LOW…dules/exploits/multi/http/clinic_pms_fileupload_rce.rb129 # Step 1: Detect the OS
LOW…dules/exploits/multi/http/clinic_pms_fileupload_rce.rb154 # Step 2: Retrieve the actual uploaded filename
LOW…dules/exploits/multi/http/clinic_pms_fileupload_rce.rb171 # Step 3: Execute the detection script
LOW…dules/exploits/multi/http/clinic_pms_fileupload_rce.rb183 # Step 4: Choose payload based on OS
LOW…dules/exploits/multi/http/clinic_pms_fileupload_rce.rb192 # Step 5: Upload the payload
LOW…ploits/linux/http/magento_xxe_to_glibc_buf_overflow.rb531 # Step 0: Setup heap
LOW…ploits/linux/http/magento_xxe_to_glibc_buf_overflow.rb534 # Step 1: Reverse FL order
LOW…ploits/linux/http/magento_xxe_to_glibc_buf_overflow.rb537 # Step 2: Put fake pointer and make FL order back to normal
LOW…ploits/linux/http/magento_xxe_to_glibc_buf_overflow.rb540 # Step 3: Trigger overflow
LOW…ploits/linux/http/magento_xxe_to_glibc_buf_overflow.rb543 # Step 4: Allocate at arbitrary address and change zend_mm_heap
LOW…s/linux/http/optergy_bms_backdoor_rce_cve_2019_7276.rb87 # Step 1: get the challenge and compute the response answer for the backdoor execution
LOW…s/linux/http/optergy_bms_backdoor_rce_cve_2019_7276.rb109 # Step 2: execute payload (RCE) using the backdoor and challenge response obtained from step 1.
LOWmodules/exploits/linux/persistence/docker_image.rb88 # Step 1: Prepare payload
LOWmodules/exploits/linux/persistence/docker_image.rb94 # Step 2: Prepare entrypoint script (loops indefinitely)
LOWmodules/exploits/linux/persistence/docker_image.rb115 # Step 3: Pull Alpine image
LOWmodules/exploits/linux/persistence/docker_image.rb118 # Step 4: Create a temporary container (stopped) to copy files in
LOWmodules/exploits/linux/persistence/docker_image.rb137 # Step 5: Start container with internal entrypoint
LOWmodules/exploits/linux/persistence/docker_image.rb141 # Step 6: Add cleanup commands for RC
LOWmodules/exploits/linux/persistence/docker_image.rb146 # Step 7: Clean up host temp files
LOWmodules/exploits/linux/persistence/docker_image.rb150 # Step 8: Stop tmp image
LOW…indows/local/cve_2020_0787_bits_arbitrary_file_move.rb196 # Step 1: Check target environment is correct.
LOW…indows/local/cve_2020_0787_bits_arbitrary_file_move.rb206 # Step 2: Generate the malicious DLL and upload it to a temp location.
LOW…indows/local/cve_2020_0787_bits_arbitrary_file_move.rb227 # Step 3: Load the main DLL that will trigger the exploit and conduct the arbitrary file copy.
LOW…indows/local/cve_2020_0787_bits_arbitrary_file_move.rb242 # Step 4: Execute `usoclient StartInteractiveScan` to trigger the payload
LOW…/exploits/windows/local/cve_2022_26904_superprofile.rb195 # Step 1: Check target environment is correct.
LOW…/exploits/windows/local/cve_2022_26904_superprofile.rb202 # Step 2: Generate the malicious DLL and upload it to a temp location.
LOW…/exploits/windows/local/cve_2022_26904_superprofile.rb218 # Step 3: Load the main DLL that will trigger the exploit and conduct the arbitrary file copy.
LOWmodules/exploits/windows/smb/ms17_010_eternalblue.rb1180 # Step 0: pre-calculate what we can
LOWmodules/exploits/windows/smb/ms17_010_eternalblue.rb1185 # Step 1: Connect to IPC$ share
LOWmodules/exploits/windows/smb/ms17_010_eternalblue.rb1215 # Step 2: Create a large SMB1 buffer
LOWmodules/exploits/windows/smb/ms17_010_eternalblue.rb1219 # Step 3: Groom the pool with payload packets, and open/close SMB1 packets
LOWmodules/exploits/windows/smb/ms17_010_eternalblue.rb1256 # Step 4: Send the payload
LOW…dules/auxiliary/gather/osticket_arbitrary_file_read.rb123 # Step 1: Login
LOW…dules/auxiliary/gather/osticket_arbitrary_file_read.rb132 # Step 2: Locate or create ticket
LOW…dules/auxiliary/gather/osticket_arbitrary_file_read.rb150 # Step 3: Generate and submit payload
LOW…dules/auxiliary/gather/osticket_arbitrary_file_read.rb164 # Step 4: Download PDF
LOW…dules/auxiliary/gather/osticket_arbitrary_file_read.rb172 # Step 5: Extract file from PDF
1 more matches not shown…
Magic Placeholder Names12 hits · 78 pts
SeverityFileLineSnippet
HIGHdocumentation/modules/auxiliary/gather/leakix_search.md221. Do: `set LEAKIX_APIKEY <your-api-key>`
HIGH…t/meterpreter/ui/console/command_dispatcher/android.rb587 print_error("e.g. wlan_geolocate -a YOUR_API_KEY")
HIGHdata/wordlists/flask_secret_keys.txt11643ENTER-YOUR-API-KEY-HERE
HIGHdata/wordlists/flask_secret_keys.txt31031your_api_key
HIGHdata/wordlists/flask_secret_keys.txt31032yourapikey
HIGHdata/wordlists/flask_secret_keys.txt31035<YOUR_API_KEY>
HIGHdata/wordlists/flask_secret_keys.txt31035<YOUR_API_KEY>
HIGHdata/wordlists/flask_secret_keys.txt31036{{YOURAPIKEY}}
HIGHdata/wordlists/flask_secret_keys.txt31038YOUR_API_KEY
HIGHdata/wordlists/flask_secret_keys.txt31043YOUR-API-KEY-HERE
HIGHdata/wordlists/flask_secret_keys.txt31172<YOUR-SECRET-HERE>
HIGHdata/wordlists/flask_secret_keys.txt31174YOUR-SECRET-HERE
Excessive Try-Catch Wrapping39 hits · 44 pts
SeverityFileLineSnippet
LOWtools/hardware/killerbee_msfrelay.py88 except Exception as e:
LOWlib/msf/core/exploit/remote/http/splunk/helpers.rb67 except Exception as e:
LOW…re/modules/external/python/metasploit/login_scanner.py37 except Exception as e:
LOW…re/modules/external/python/metasploit/probe_scanner.py49 except Exception as e:
LOW…re/modules/external/python/metasploit/probe_scanner.py96 except Exception:
MEDIUMlib/telephony/modem.rb43 print("Error opening serial port #{@serialport} : #{e.class} #{e} #{e.backtrace}\r\n")
MEDIUMlib/telephony/modem.rb66 print("Error sending command to modem: #{e.class} #{e} #{e.backtrace}\r\n")
MEDIUMlib/telephony/modem.rb97 print("Error reading from modem: #{e.class} #{e} #{e.backtrace}\r\n")
MEDIUMlib/telephony/modem.rb118 print( "Error switching to command state: FAILED\r\n" )
MEDIUMlib/telephony/modem.rb134 print( "Error switching to data state: FAILED\r\n" )
LOWmodules/auxiliary/gather/office365userenum.py169 except Exception as e:
LOWmodules/auxiliary/gather/office365userenum.py218 except Exception as e:
LOWmodules/auxiliary/gather/mikrotik_winbox_fileread.py128 except Exception as e:
LOWmodules/auxiliary/gather/mikrotik_winbox_fileread.py140 except Exception as e:
LOWmodules/auxiliary/scanner/ssl/bleichenbacher_oracle.py100 except Exception as e:
LOWmodules/auxiliary/scanner/ssl/bleichenbacher_oracle.py156 except Exception as e:
MEDIUMmodules/auxiliary/scanner/ssl/bleichenbacher_oracle.py89def get_rsa_from_server(target, timeout=5):
MEDIUMmodules/auxiliary/scanner/ssl/bleichenbacher_oracle.py133def oracle(target, pms, cke_2nd_prefix, cipher_handshake=ch_def, messageflow=Fal
LOWmodules/auxiliary/scanner/http/rdp_web_login.py107 except Exception as exc:
MEDIUMmodules/auxiliary/scanner/http/rdp_web_login.py68def parse_ntlm_t1(message):
LOWmodules/auxiliary/scanner/http/rpyc_rce.py54 except Exception as e:
LOWmodules/auxiliary/scanner/smb/impacket/secretsdump.py147 except Exception as e:
LOWmodules/auxiliary/scanner/smb/impacket/secretsdump.py169 except Exception as e:
LOWmodules/auxiliary/scanner/smb/impacket/secretsdump.py187 except Exception as e:
LOWmodules/auxiliary/scanner/smb/impacket/secretsdump.py207 except Exception as e:
LOWmodules/auxiliary/scanner/smb/impacket/secretsdump.py256 except Exception as e:
LOWmodules/auxiliary/scanner/smb/impacket/_msf_impacket.py51 except Exception as e:
LOWmodules/auxiliary/scanner/smb/impacket/_msf_impacket.py75 except Exception as e:
LOWmodules/auxiliary/scanner/smb/impacket/_msf_impacket.py96 except Exception as e:
MEDIUMmodules/auxiliary/scanner/smb/impacket/_msf_impacket.py42def do_get(self, src_path):
MEDIUMmodules/auxiliary/scanner/smb/impacket/_msf_impacket.py56def do_put(self, s):
LOWdata/exploits/CVE-2026-31431/CVE-2026-31431.py31 except Exception:
LOWdata/exploits/CVE-2026-31431/CVE-2026-31431.py209 except Exception as e:
LOWdata/exploits/CVE-2026-31431/CVE-2026-31431.py235 except Exception as e:
LOWdata/exploits/CVE-2026-31431/CVE-2026-31431.py286except Exception as e:
LOWdata/exploits/CVE-2021-38648/cve_2021_38648.py22 except Exception:
LOW…ware_view_planner_4_6_uploadlog_rce/log_upload_wsgi.py90 except Exception as e:
MEDIUMdata/exploits/CVE-2023-4911/cve_2023_4911.py253 print("Error: %s" % error_msg)
LOWdata/exploits/CVE-2025-60787/sign_request.py82 except Exception as e:
Slop Phrases23 hits · 40 pts
SeverityFileLineSnippet
MEDIUMlib/net/dns/question.rb37 # To obtain the binary data from a question object you can use
MEDIUMlib/msf/core/exploit/laravel_crypto_killer.rb9# The tool requires a valid `APP_KEY` to be used, you can also try to bruteforce them if you think there is a potential
LOWlib/msf/core/exploit/remote/http_server/html.rb117 # writing style, so make sure you have the following before using:
MEDIUMlib/msf/core/post/linux/f5_mcp.rb19 # If you're just reading data, you can use `mcp_simple_query()` to build
MEDIUMexternal/source/exploits/CVE-2019-2215/poc.c355 // clear the TIF_SECCOMP flag and everything else :P (feel free to modify this to just clear the single flag)
LOWmodules/exploits/example_webapp.rb129 # since we will check res to see if auth was a success, make sure to capture the return
LOWmodules/exploits/osx/mdns/upnp_location.rb206 # And we make sure to put our payload in the USN header
LOWmodules/exploits/multi/vpn/tincd_bof.rb172 # Don't forget to stop firewalld for testing, as the port is still closed otherwise
LOWmodules/exploits/unix/local/netbsd_mail_local.rb276 fprintf(stderr, "[+] done! Don't forget to change atrun(1) "
LOW…dules/exploits/unix/http/contentkeeperweb_mimencode.rb119 print_status("Don't forget to clean up afterwards (chmod -s /bin/bash and restore an original copy of the OVERWRIT
LOW…exploits/linux/misc/asterisk_ami_originate_auth_rce.rb202 print_good("!!!Don't forget to clean evidence from #{datastore['CONF']}!!!")
LOWmodules/exploits/linux/local/docker_runc_escape.rb351 # shell in the docker container, make sure to restore it now.
MEDIUMmodules/exploits/linux/http/cisco_asax_sfr_rce.rb32 Finally, it's worth noting that this attack bypasses the affects of the
MEDIUM…indows/http/php_cgi_arg_injection_rce_cve_2024_4577.rb97 # To debug your payloads you can add this:
LOW…s/http/manageengine_servicedesk_plus_cve_2021_44077.rb130 print_warning("Yo, don't forget to clean up ..\\bin\\msiexec.exe")
LOW…es/auxiliary/gather/prometheus_node_exporter_gather.rb53 # since we will check res to see if auth was a success, make sure to capture the return
LOW…les/auxiliary/admin/networking/cisco_asa_extrabacon.rb185 print_warning("Don't forget to run PASS_ENABLE after logging in!")
MEDIUM…/auxiliary/server/capture/http_javascript_keylogger.rb211 <p><font color="red"><i>This form submits data to the Metasploit listener for demonstration purposes.</i></font>
LOWmodules/auxiliary/scanner/http/http_traversal.rb336 # Ah, don't forget to restore our method
LOWmodules/auxiliary/scanner/http/http_traversal.rb336 # Ah, don't forget to restore our method
LOW…/auxiliary/scanner/http/coldfusion_locale_traversal.rb149 # file probably specified by user, make sure to add in actual traversal
LOWmodules/auxiliary/scanner/mysql/mysql_writable_dirs.rb35 # make sure you handle the errors yourself
LOWmodules/auxiliary/scanner/mysql/mysql_file_enum.rb38 # make sure you handle the errors yourself
Synthetic Comment Markers5 hits · 35 pts
SeverityFileLineSnippet
HIGHmodules/post/multi/manage/screenshare.rb199// required function will instead be invoked 1 second later as requested.
HIGHmodules/exploits/multi/misc/ibm_tm1_unauth_rce.rb504 print_status("Attacking #{app[0]} on #{peer} as requested with TLS #{ssl ? 'on' : 'off'}")
HIGHmodules/exploits/linux/samba/setinfopolicy_heap.rb21 because of an error on the PIDL auto-generated code. Making a specially crafted
HIGH…ble/security_center/pull_encrypted_database_fields.php3// generated by Claude Code
HIGHdata/post/tenable/security_center/dump_crack_hashes.php3// generated by Claude Code
Unused Imports31 hits · 31 pts
SeverityFileLineSnippet
LOWtools/hardware/killerbee_msfrelay.py8
LOWtools/hardware/killerbee_msfrelay.py15
LOWtools/hardware/killerbee_msfrelay.py20
LOWlib/msf/core/modules/external/python/metasploit/cli.py1
LOWmodules/auxiliary/gather/office365userenum.py3
LOWmodules/auxiliary/gather/mikrotik_winbox_fileread.py11
LOWmodules/auxiliary/scanner/ssl/bleichenbacher_oracle.py5
LOWmodules/auxiliary/scanner/ssl/bleichenbacher_oracle.py6
LOWmodules/auxiliary/scanner/ssl/bleichenbacher_oracle.py8
LOW…ules/auxiliary/scanner/teradata/teradata_odbc_login.py6
LOWmodules/auxiliary/scanner/smb/impacket/secretsdump.py9
LOWmodules/auxiliary/scanner/smb/impacket/secretsdump.py12
LOWmodules/auxiliary/scanner/smb/impacket/secretsdump.py13
LOWmodules/auxiliary/scanner/smb/impacket/secretsdump.py16
LOWmodules/auxiliary/scanner/smb/impacket/secretsdump.py17
LOWmodules/auxiliary/scanner/smb/impacket/dcomexec.py10
LOWmodules/auxiliary/scanner/smb/impacket/dcomexec.py11
LOWmodules/auxiliary/scanner/smb/impacket/dcomexec.py12
LOWmodules/auxiliary/scanner/smb/impacket/dcomexec.py13
LOWmodules/auxiliary/scanner/smb/impacket/wmiexec.py10
LOWmodules/auxiliary/scanner/smb/impacket/wmiexec.py11
LOWmodules/auxiliary/scanner/smb/impacket/wmiexec.py12
LOW…ware_view_planner_4_6_uploadlog_rce/log_upload_wsgi.py3
LOWdata/exploits/CVE-2023-4911/cve_2023_4911.py6
LOWdata/exploits/CVE-2023-4911/cve_2023_4911.py8
LOWdata/exploits/CVE-2021-3156/userspec_generic.py48
LOWdata/exploits/CVE-2021-4034/cve_2021_4034.py1
LOWdata/exploits/CVE-2021-4034/cve_2021_4034.py3
LOWdata/exploits/CVE-2021-4034/cve_2021_4034.py4
LOWdata/meterpreter/python/met_rsa.py2
LOWdata/meterpreter/python/met_rsa.py3
Deep Nesting25 hits · 25 pts
SeverityFileLineSnippet
LOWtools/hardware/killerbee_msfrelay.py130
LOW…msf/core/modules/external/python/metasploit/version.py168
LOWexternal/source/shellcode/windows/x64/build.py81
LOWexternal/source/shellcode/windows/x86/build.py99
LOWexternal/source/shellcode/windows/x86/src/hash.py91
LOWexternal/source/shellcode/windows/x86/src/hash.py133
LOWmodules/auxiliary/gather/office365userenum.py162
LOWmodules/auxiliary/gather/office365userenum.py189
LOWmodules/auxiliary/gather/office365userenum.py252
LOWmodules/auxiliary/dos/http/slowloris.py101
LOWmodules/auxiliary/admin/http/grafana_auth_bypass.py105
LOWmodules/auxiliary/scanner/ssl/bleichenbacher_oracle.py133
LOWmodules/auxiliary/scanner/ssl/bleichenbacher_oracle.py163
LOWmodules/auxiliary/scanner/smb/impacket/secretsdump.py114
LOWmodules/auxiliary/scanner/smb/impacket/_msf_impacket.py84
LOWmodules/auxiliary/scanner/smb/impacket/dcomexec.py83
LOWmodules/auxiliary/scanner/smb/impacket/dcomexec.py103
LOWmodules/auxiliary/scanner/smb/impacket/wmiexec.py72
LOW…ware_view_planner_4_6_uploadlog_rce/log_upload_wsgi.py46
LOWdata/exploits/CVE-2023-4911/cve_2023_4911.py112
LOWdata/exploits/CVE-2021-3156/nss_generic2.py119
LOWdata/exploits/CVE-2021-3156/nss_u16.py38
LOWdata/exploits/CVE-2021-3156/nss_u14.py40
LOWdata/exploits/CVE-2021-3156/userspec_generic.py126
LOWdata/meterpreter/python/met_rsa.py55
Example Usage Blocks4 hits · 6 pts
SeverityFileLineSnippet
LOWtools/dev/generate_mitre_attack_technique_constants.rb12# Usage:
LOWtools/dev/generate_mitre_attack_technique_constants.rb95# Example usage:
LOWlib/msf/core/exploit/remote/http/wordpress/sqli.rb7 # Usage:
LOWlib/rex/parser/nmap_xml.rb24# Usage: