227 Open source projects that are alternatives of or similar to Awesome Cve Poc

Exploit Discord's cache system to remote upload payloads on Discord users machines

CVE-2020-1206 Uninitialized Kernel Memory Read POC

IVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.

Cross platform PoC ransomware written in Go

Vulnerability Labs for security analysis

cve-search - a tool to perform local searches for known vulnerabilities

Writeup of CVE-2020-15906

poc-collection 是对 github 上公开的 PoC 进行收集的一个项目。

patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428

OSINT tool - gets data from services like shodan, censys etc. in one app

Original Automated CVE Checking Tool

CVE-2020-10199、CVE-2020-10204漏洞一键检测工具，图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.

SpectreExploit POC

Very simplified shop sales system made in a microservices architecture using quarkus

Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Vulnerability (CVE) scanner for Nix/NixOS.

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

Resources for Windows exploit development

CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule

ES File Explorer Open Port Vulnerability - CVE-2019-6447

Hacking tools

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

Containing Self Made Perl Reproducers / PoC Codes

Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.

PatrowlHears - Vulnerability Intelligence Center / Exploits

红队综合渗透框架

Security-related PHP7 OPcache abuse tools and demo

vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...

WebMap-Nmap Web Dashboard and Reporting

Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)

Focus on cybersecurity | collection of PoC and Exploits

💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002

Python3编写的CMS漏洞检测框架

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Authenticate against a MySQL server without knowing the cleartext password

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Blueborne CVE-2017-0781 Android heap overflow vulnerability

CVE Alerting Platform

PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)

poc or exp of android vulnerability

A python script designed to check if the website if vulnerable of clickjacking and create a poc

Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).

This tool scans for a number of common, vulnerable components (openssl, libpng, libxml2, expat and a few others) to let you know if your system includes common libraries with known vulnerabilities.

Tracking CVEs for the linux Kernel

Miscellaneous exploit code

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

pigat ( Passive Intelligence Gathering Aggregation Tool ) 被动信息收集聚合工具

Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

快速搭建各种漏洞环境(Various vulnerability environment)

BootStomp: a bootloader vulnerability finder

Exploit Code for CVE-2020-1472 aka Zerologon

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

Algorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.

a plenty of poc based on python

POC-T强化版本 POC-S , 用于红蓝对抗中快速验证Web应用漏洞， 对功能进行强化以及脚本进行分类添加，自带dnslog等, 平台补充来自vulhub靶机及其他开源项目的高可用POC

A simple Java command-line utility to mirror the CVE JSON data from NIST.