Top 93 exploits open source projects

This repo has been migrated to https://github.com/github/security-lab/tree/master/SecurityExploits

Linux privilege escalation auditing tool

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

List of real-world threats against endpoint protection software

Collection of things made during my preparation to take on OSCE

A collection of Discord bugs and exploits

Containing Self Made Perl Reproducers / PoC Codes

collection of verified Linux kernel exploits

Shodan API client

Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity

Repository for information about 0-days exploited in-the-wild.

🔥 An Exploit framework for Web Vulnerabilities written in Python

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.

PoC materials for article https://habr.com/en/post/486856/

Exploitation Framework for Embedded Devices

Collection of resources for my preparation to take the OSEE certification.

Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.

A list of resources in different fields of Computer Science (multiple languages)

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

PatrowlHears - Vulnerability Intelligence Center / Exploits

CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.

The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments

An advanced graphical search engine for Exploit-DB

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Collection of things made during my preparation to take on OSEE

Find exploits in local and online databases instantly

Miscellaneous exploit code

This custom Fail2Ban filter and jail will deal with all scans for common Wordpress, Joomla and other Web Exploits being scanned for by automated bots and those seeking to find exploitable web sites.

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

Micro-framework for rapid development of reusable security tools

🌴Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file

Exploitation on different architectures (x86, x64, arm, mips, avr)

A Ruby framework designed to aid in the penetration testing of WordPress systems.

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

The Correlated CVE Vulnerability And Threat Intelligence Database API

Find exploit tool

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Exploit Pack -The next generation exploit framework

ISF(Industrial Control System Exploitation Framework)，a exploitation framework based on Python

kernel privilege escalation enumeration and exploitation framework

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

RouterOS Security Research Tooling and Proof of Concepts

A collection of curated Java Deserialization Exploits

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

for mass exploiting

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

EternalRocks worm

Decrypted content of eqgrp-auction-file.tar.xz

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Advisories, proof of concept files and exploits that have been made public by @pedrib.

A handy collection of my public exploits, all in one place.

Vulners Python API wrapper

A collection of android Exploits and Hacks

Exploits and Security Tools Framework 2.0.1

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Challenges and vulnerabilities exploitation.