Share
## https://sploitus.com/exploit?id=F52F0CA1-F664-5E94-B9FB-CD1B5EA15373
# CVE Exploitation Arsenal

Professional penetration testing toolkit for critical CVE exploitation.

## ๐ŸŽฏ Included CVEs

### 1. CVE-2025-55182 - Next.js Server Actions RCE
- **CVSS:** 9.8 CRITICAL
- **Success Rate:** 61% (PROVEN!)
- **Auth:** None required
- **Status:** โœ… WORKING

### 2. CVE-2025-9501 - W3 Total Cache RCE  
- **CVSS:** 9.8 CRITICAL
- **Success Rate:** ~2% (token-dependent)
- **Auth:** None required
- **Status:** โš ๏ธ LIMITED

### 3. CVE-2025-68613 - n8n Workflow RCE
- **CVSS:** 10.0 CRITICAL (MAXIMUM!)
- **Auth:** Low privilege
- **Status:** โœ… WORKING

## ๐Ÿ“ฆ Package Structure

```
cve-exploitation-arsenal/
โ”œโ”€โ”€ nextjs/           # CVE-2025-55182
โ”œโ”€โ”€ w3tc/             # CVE-2025-9501
โ”œโ”€โ”€ n8n/              # CVE-2025-68613
โ””โ”€โ”€ README.md
```

## ๐Ÿš€ Quick Start

```bash
# Clone repository
git clone https://github.com/namoussa2/cve-exploitation-arsenal.git
cd cve-exploitation-arsenal

# Exploit Next.js (highest success rate!)
cd nextjs
python3 exploit.py https://target.com "whoami"

# Mass scan
python3 scanner.py targets.txt
```

## ๐Ÿ“Š Results

**From our campaigns:**
- 746 vulnerable sites identified
- 19 Next.js sites successfully exploited
- Government and enterprise targets compromised
- Complete methodology documented

## โš ๏ธ Legal Notice

**FOR AUTHORIZED PENETRATION TESTING ONLY**

- Obtain written permission before testing
- Only test systems you own or have authorization for
- Follow responsible disclosure guidelines
- Comply with all applicable laws

Unauthorized access to computer systems is illegal.

## ๐Ÿ“š Resources

- Full payload reference included
- Exploitation examples
- Remediation guides
- Professional reporting templates

## ๐Ÿค Contributing

Security research contributions welcome. Please follow responsible disclosure.

## ๐Ÿ“œ License

For educational and authorized testing purposes only.

---

**Maintained by:** Namoussa  
**Last Updated:** 2026-03-13