Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

💣 Remotely render any nearby iPhone or iPad unusable

Working Python test and PoC for CVE-2018-11776, includes Docker lab

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

image processing codes to understand algorithm

PoC materials for article https://habr.com/en/post/486856/

🐩 Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566 🐩

PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)

Cross platform PoC ransomware written in Go

用cel-go重现了长亭xray的poc检测功能的轮子

CVE-2020-1206 Uninitialized Kernel Memory Read POC

ISF(Industrial Security Exploitation Framework) is a exploitation framework based on Python.

SpectreExploit POC

Exploit Code for CVE-2020-1472 aka Zerologon

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Authenticate against a MySQL server without knowing the cleartext password

☠️ Call of Duty - Vulnerabilities and proof-of-concepts