Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

Pub

Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb

✭ 217

python exploit vulnerability poc

Cve 2020 0796 Lpe Poc

CVE-2020-0796 Local Privilege Escalation POC

✭ 215

python poc privilege-escalation

Peiqi Wiki Poc

鹿不在侧，鲸不予游🐋

✭ 179

html gitbook poc cve

Poc Collection

poc-collection 是对 github 上公开的 PoC 进行收集的一个项目。

✭ 210

poc

Ladon

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

✭ 2,911

C#security hacking security-tools tools scanner exploit pentest password poc security-scanner brute-force portscan exp ladon ipscanner getshell netscan

Poodle Poc

🐩 Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566 🐩

✭ 198

python cryptography poc

Mysql Unsha1

Authenticate against a MySQL server without knowing the cleartext password

✭ 191

c mysql authentication password poc bypass sniffer sha1

Cve 2020 1472

Exploit Code for CVE-2020-1472 aka Zerologon

✭ 183

python exploit poc

Airdos

💣 Remotely render any nearby iPhone or iPad unusable

✭ 182

python ios exploit poc

Cry

Cross platform PoC ransomware written in Go

✭ 179

go golang web crypto file poc money aes rsa ransomware

Cod Exploits

☠️ Call of Duty - Vulnerabilities and proof-of-concepts

✭ 178

cpp assembly hack exploit poc ida security-vulnerability

Isf

ISF(Industrial Security Exploitation Framework) is a exploitation framework based on Python.

✭ 161

python poc

Exploits

Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity

✭ 154

python ctf poc cve exploits

Proof Of Concepts

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

✭ 148

html security infosec bugbounty poc proof-of-concept

Mtpwn

PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)

✭ 143

c android exploit usb poc recovery samsung

Awesome Csirt

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

✭ 132

c security awesome awesome-list reverse-engineering pentesting malware-analysis poc threat-intelligence cve exploits

Cve 2020 1206 Poc

CVE-2020-1206 Uninitialized Kernel Memory Read POC

✭ 133

poc

Pocsuite poc collect

collection poc use pocsuite framework 收集一些 poc with pocsuite框架

✭ 127

python poc

Gopoc

用cel-go重现了长亭xray的poc检测功能的轮子

✭ 124

go poc security-testing vulnerability-scanner proof-of-concept

Cve 2018 11776 Python Poc

Working Python test and PoC for CVE-2018-11776, includes Docker lab

✭ 118

python java exploit poc

Spectreexploit

SpectreExploit POC

✭ 115

poc spectre

Poc Exploits

Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.

✭ 111

python vulnerabilities poc exploits

Middleware Vulnerability Detection

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

✭ 1,378

python poc cve

Hisilicon Dvr Telnet

PoC materials for article https://habr.com/en/post/486856/

✭ 101

c shell camera exploit poc exploits telnet

Cazador unr

Hacking tools

✭ 95

http automation hacking dns tcp bugbounty fuzzing xss poc owasp rce csrf sqli

Cve 2019 0708 Tool

A social experiment

✭ 87

python cpp hack windows hacking tool exploit poc cve rce stars

Krack Poc

Krack POC

✭ 86

python wifi poc

Angelsword

Python3编写的CMS漏洞检测框架

✭ 1,223

python cms vulnerability-scanners poc

Cve 2017 0781

Blueborne CVE-2017-0781 Android heap overflow vulnerability

✭ 74

python exploit bluetooth poc

Ciscoexploit

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

✭ 73

python exploit poc rce

Clickjacking Tester

A python script designed to check if the website if vulnerable of clickjacking and create a poc

✭ 72

python poc python-script bug-bounty bug

Exploits

Miscellaneous exploit code

✭ 1,157

python security windows hacking poc exploits bypass rce

Poc Bank

Focus on cybersecurity | collection of PoC and Exploits

✭ 68

python exploit poc

Bitp0wn

Algorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.

✭ 59

python hack bitcoin algorithm vulnerability poc bruteforce brute-force ecdsa

Cve 2020 0796

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

✭ 1,102

c exploit poc

Exploit Discord Cache System Poc

Exploit Discord's cache system to remote upload payloads on Discord users machines

✭ 51

python discord cache exploit poc payload embed

Angularjs Github Info

prove of concept using angularjs (1.x) accessing github api

✭ 50

javascript github angularjs poc

Powerladon

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

✭ 39

powershell security hacking exploit pentest pentest-tool poc subdomain-scanner

Poccollect

Poc Collected for study and develop

✭ 15

html vulnerability poc cve

Structvsclassperformance

POC for my Medium article

✭ 11

swift performance poc class struct

Cve 2020 10199 cve 2020 10204

CVE-2020-10199、CVE-2020-10204漏洞一键检测工具，图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.

✭ 20

vulnerability poc

Procjack

PoC of injecting code into a running Linux process

✭ 17

c shellcode linux poc injection ptrace

Quarkus Microservices Poc

Very simplified shop sales system made in a microservices architecture using quarkus

✭ 16

java docker kubernetes angular kafka microservice architecture prometheus cloud-native poc observability elk kong

Poc

Proof of Concepts

✭ 809

python poc

Medusa

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

✭ 796

javascript rails spring nginx jenkins apache xss kibana poc payload cve thinkphp fastjson

1earn

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

✭ 776

security pentest pentest-tool collection redteam poc study blueteam

Charles Hacking

Hacking Charles Web Debugging Proxy

✭ 775

poc

K8cscan

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

✭ 693