WangYihang / Exploit Framework
Licence: gpl-3.0
🔥 An Exploit framework for Web Vulnerabilities written in Python
Stars: ✭ 144
Programming Languages
python
139335 projects - #7 most used programming language
Labels
Projects that are alternatives of or similar to Exploit Framework
raptor infiltrate20
#INFILTRATE20 raptor's party pack
Stars: ✭ 24 (-83.33%)
Mutual labels: exploits, vulnerability
Avpwn
List of real-world threats against endpoint protection software
Stars: ✭ 179 (+24.31%)
Mutual labels: vulnerability, exploits
Springbootvulexploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
Stars: ✭ 3,196 (+2119.44%)
Mutual labels: exploits, vulnerability
Hacker ezines
A collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-50%)
Mutual labels: vulnerability, exploits
CVE-2019-8449
CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (-54.17%)
Mutual labels: exploits, vulnerability
Herpaderping
Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
Stars: ✭ 614 (+326.39%)
Mutual labels: vulnerability, exploits
Arissploit
Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-20.83%)
Mutual labels: vulnerability, exploits
Vfeed
The Correlated CVE Vulnerability And Threat Intelligence Database API
Stars: ✭ 826 (+473.61%)
Mutual labels: vulnerability, exploits
H4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+7157.64%)
Mutual labels: vulnerability, exploits
Spectre Meltdown Poc
A semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities
Stars: ✭ 127 (-11.81%)
Mutual labels: vulnerability
Ansvif
A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.
Stars: ✭ 107 (-25.69%)
Mutual labels: vulnerability
Not Your Average Web Crawler
A web crawler (for bug hunting) that gathers more than you can imagine.
Stars: ✭ 107 (-25.69%)
Mutual labels: vulnerability
Nonce Disrespect
Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS
Stars: ✭ 103 (-28.47%)
Mutual labels: vulnerability
Fortiscan
A high performance FortiGate SSL-VPN vulnerability scanning and exploitation tool.
Stars: ✭ 120 (-16.67%)
Mutual labels: vulnerability
Hisilicon Dvr Telnet
PoC materials for article https://habr.com/en/post/486856/
Stars: ✭ 101 (-29.86%)
Mutual labels: exploits
Routersploit
Exploitation Framework for Embedded Devices
Stars: ✭ 9,866 (+6751.39%)
Mutual labels: exploits
Exploit-Framework
Exploits:
Vendor | Vulnerability | Effected Version | Description | Author |
---|---|---|---|---|
zblog | NOT_CVE | <=1.5.1 | Zblog Authenticated LFI | @Shutdown_r |
OpenSNS | NOT_CVE | <=3.31 | OpenSNS UnAuthenticated GetShell | @90sec |
Joomla | CVE-2015-8562 | 1.5<3.45 | Joomla Header Unauthenticated RCE | @Andrew McNicol |
Codiad | CVE-2017-11366 | <=2.8.3 | Codiad Authenticated RCE | @WangYihang |
Codiad | CVE-2014-9581 | <=2.4.3 | Codiad Authenticated LFI | @TaurusOmar |
SeaCMS | CVE-2017-17561 | <=6.56 | SeaCMS Authenticated GetShell | @WangYihang |
SeaCMS | NOT_CVE | <=6.28 | SeaCMS UnAuthenticated RCE | @没穿底裤 |
phpMoAdmin | CVE-2015-2208 | <=1.1.2 | phpMoAdmin UnAuthenticated RCE | Unknown |
WordPress | CVE-2017-5487 | <4.7.1 | WordPress Username Enumeration | @Dctor |
DedeCMS | NOT_CVE | <=5.6 | DedeCms recommend.php SQL injection | @没穿底裤 |
Kernel | CVE-2016-5195 | 2.6.22<3.9 | DirtyC0w Privilege Escalation | @nowsecure |
Video:
WIKI:
Contribution:
TODO:
- [ ] 解析字符串
- [ ] 深层模块化
- [ ] 上下文栈维护
- [ ] 日志
- [ ] 自动补全
- [ ] Exploit 搜索
- [ ] Wiki
- [ ] Exploit 规范
- [ ] 维护 Reverse Shell (结合 Reverse-Shell-Manager)
- [ ] Payload 模块
- [ ] 免杀模块
- [ ] 维护一句话木马 (结合 Webshell-Sniper)
- [ ] 数据库
- [ ] Web 前端
Contributors
This project exists thanks to all the people who contribute.
Backers
Thank you to all our backers! 🙏 [Become a backer]
Sponsors
Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].