This repository contains information, exploits, malware samples, and scripts from Datadog Security Labs.
This repository aims at providing proof of concept exploits, malware samples and technical demos to help the community respond to threats. Code from this repository might be used to:
- Improve Detections
- Continue additional research on Tactics, Techniques and Procedures (TTPs)
- Discover additional exploits
- Dirty Pipe Container Breakout
- Exploitation and Sample Vulnerable Application of the JWT Null Signature Vulnerability (CVE-2022-21449)
- Spring Core RCE aka Spring4shell (CVE-2022-22965)
- Confluence CVE-2022-26134 OGNL Vulnerability
- OpenSSL punycode Vulnerability (CVE-2022-3602)
- OverlayFS privilege escalation vulnerability CVE-2023-0386
- Confluence CVE-2023-22515 vulnerability
We'll create a new GitHub release for every new proof of concept in this repository. To make sure you don't miss it, watch new releases!
