HORKimhab/CVE-2026-0257

# CVE-2026-0257 PAN-OS GlobalProtect Authentication Bypass Vulnerability ## ⚡ Simple Usage Use this project only in safe and authorized environments such as: - Local virtual machines - Docker containers - Isolated lab setups - Authorized penetration testing environments Example setup: git clone https://github.com/HORKimhab/CVE-2026-0257 cd CVE-2026-0257 # Create virtual environment python -m venv venv # Active virtual environment # Linux / macOS: source venv/bin/activate # Windows venv\Scripts\activate # Install requirments pip install -r requirements.txt Example usage: # Single target # Basic usage python forge_cookie.py --target 192.168.1.100 --user admin # Advanced usage python forge_cookie.py --target vpn.company.com \ --port 443 \ --user administrator \ --context both \ --verbose # Max exploit python mass_exploit.py ## Credit or Reference - https://github.com/sfewer-r7/CVE-2026-0257 - https://www.rapid7.com/blog/post/etr-rapid7-observed-exploitation-of-pan-os-globalprotect-authentication-bypass-vulnerability-cve-2026-0257/ # 📚 Educational Security Research Repository A repository for learning, testing, and researching cybersecurity concepts in controlled environments. ## ⚠️ Security & Legal Disclaimer ## Purpose This repository is for **educational and authorized security research only**. It is designed to help users learn about: - Security vulnerabilities - Sandbox and isolation concepts - Secure coding and defensive practices ## Authorized Use Only Use this repository only in environments where you have permission, such as: - Personal labs or virtual machines - Docker or isolated environments - Authorized penetration testing - Cybersecurity training or academic research Unauthorized or illegal use is strictly prohibited. ## No Liability By using this repository, you agree that: - You are responsible for your own actions - You will use it legally and ethically - The project is provided **without warranty** ## Ethical Use This project is intended for: - Defensive security research - Cybersecurity education - Vulnerability awareness - Secure system and software research ## Contact For responsible disclosure or collaboration, contact the repository maintainer through GitHub.