This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

Based on https://github.com/igrr/esp32-cam-demo extended with an ILI9341 display, with a Telnet interface to change OV7670 settings on the fly. Streams BMP files from RGB565 and YUV422 (encoded to RGB565) picture formats. Compile with latest esp-idf. Check out new telnet command "video 1" to auto capture to LCD as fast as possible for videocam mode, "video 0" to stop or "video Z" where Z is delay in ms between each capture / LCD refresh.

Proofs-of-concept

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Miscellaneous exploit code

RouterOS Security Research Tooling and Proof of Concepts

A social experiment

Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Exploit Discord's cache system to remote upload payloads on Discord users machines

Blueborne CVE-2017-0785 Android information leak vulnerability

Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)

Focus on cybersecurity | collection of PoC and Exploits

Blueborne CVE-2017-0781 Android heap overflow vulnerability