342 Open source projects that are alternatives of or similar to Cloak-And-Dagger

Self defense post module for metasploit

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Kubernetes security and vulnerability tools and utilities.

Vulnerable software and exploits used for OSCP/OSCE preparation

Some of my public exploits

A collection of reverse engineered Apple things, as well as a machine-readable database of Apple hardware

Basic tool to automate backdooring PE files

Blazing fast, advanced Padding Oracle exploit

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

Windows MSI Installer LPE (CVE-2021-43883)

ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container

Framework for exploiting local vulnerabilities

A number of scripts POC's and problems solved as pentests move along.

gtfo, now with the speed of golang

CTF中Pwn的快速利用模板（包含awd pwn）

The first tool to download any Guitar Pro file, including 'Official' from Ultimate Guitar

Extensible framework for analyzing publicly available information about vulnerabilities

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Port of windbglib to x64dbgpy, in an effort to support mona.py in x64dbg.

Proxy token to allow mitigating EOSIO Ram exploit

ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)

A collection of JavaScript Codes I've made to enhance the User Experience of Discord and some other Discord related stuff

RootMyTV is a user-friendly exploit for rooting/jailbreaking LG webOS smart TVs.

Focus on cybersecurity | collection of PoC and Exploits

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit

Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

Python script to decrypt passwords stored by mRemoteNG

A Collection of Various Discord Bugs, Exploits, Un-Documented Parts of the Discord API, and Other Discord Related Miscellaneous Stuff.

GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations

⛷ A collection of hacker scripts.

Simple script that utilities discord's flaw in detecting who blocked who.

Network based protocol fuzzer

CRAX: software CRash analysis for Automatic eXploit generation

CTF binary exploit code

A minimalist re-implementation of the Fusée Gelée exploit (http://memecpy.com), designed to run on embedded Linux devices. (Zero dependencies)

An IDA_Wrapper for linux, shipped with an Function Identifier. It works well with Driller on static linked binaries.

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

CamOver is a camera exploitation tool that allows to disclosure network camera admin password.

A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques

Authentication bypass for outdated WoW emulation authentication servers

POC code to crash Windows Event Logger Service

Guest to host VM escape exploit for Parallels Desktop

Unsigned code loader for Exynos BootROM

Framework for rapid development and reusable of security tools

kernel-pwn and writeup collection

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

OpenSSH remote DOS exploit and vulnerable container

CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials.

Simple and fast discord token cracker

Unrestricted Lua Execution

A remote administration tool for Windows, written in C#

Collection of different exploits

Python Powered Repository

Rage allows you to execute any file in a Microsoft Office document.

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

Collection of bash scripts I wrote to make my life easier or test myself that you may find useful.

CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Exploiting challenges in Linux and Windows