CVEs Security Tools

Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a malicious RTF/PPSX file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.

Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft .NET Framework RCE. It could generate a malicious RTF file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.

Proof-of-Concept exploits for CVEs found by the team at Rhino Security Labs

CVE-2025-2563 PoC

CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overflow exploit.

This script performs safe, authorized testing for the vulnerability CVE-2025-0133, a reflected Cross-Site Scripting (XSS) issue in the GlobalProtect portal and gateway login pages of Palo Alto Networks' PAN-OS software.

A lightweight Python tool to detect stored Cross-Site Scripting (XSS) vulnerabilities in SAP NetWeaver Application Server Java, specifically targeting CVE-2025-0054.