393 Open source projects that are alternatives of or similar to CRAX

Code for my blog post on using S2E for malware analysis

An IDA_Wrapper for linux, shipped with an Function Identifier. It works well with Driller on static linked binaries.

Yet another implementation of AEG (Automated Exploit Generation) using symbolic execution engine Triton.

PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM

Proof of concept of VMSA-2017-0012

A remote administration tool for Windows, written in C#

Unsigned code loader for Exynos BootROM

Final project for the M.Sc. in Engineering in Computer Science at Università degli Studi di Roma "La Sapienza" (A.Y. 2016/2017).

Exploit PollDaddy polls

ARM rop chain gadget searcher

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs

Simple and fast discord token cracker

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

POC code to crash Windows Event Logger Service

Brahma - Privilege elevation exploit for Nintendo 3DS

Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…

Drupal < 7.58 - Drupalgeddon 3 Authenticated Remote Code Execution (Metasploit)

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

free exploit framework written use python language version 3.3

radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability

kernel-pwn and writeup collection

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

Metasploit framework with steroids

POC script for the ManageEngine Multiple Products Authenticated File Upload Exploit

Tool to help exploit XXE vulnerabilities

A command-line tool for exploiting stack-based buffer overflow vulnerabilities.

Some of my public exploits

DoS PoC's for SAP products

Staged Abstract Interpreters

Webshell Jumping Edition

Focus on cybersecurity | collection of PoC and Exploits

🛠️ Tool to bypass my school's security system to get sudo privileges on MacOS

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

rsGen is a Reverse Shell Payload Generator for hacking.

Framework for exploiting local vulnerabilities

A simple (unfinished) SMT solver for QF_ABV.

Proxy token to allow mitigating EOSIO Ram exploit

Purelove is a lightweight penetration testing framework, in order to better security testers testing holes with use.

AliGuard PHP WAF

Tool that generates unit test by C/C++ source code, trying to reach all branches and maximize code coverage

A minimalist re-implementation of the Fusée Gelée exploit (http://memecpy.com), designed to run on embedded Linux devices. (Zero dependencies)

Hourly updated database of exploit and exploitation reports

CRETE under development

Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

XSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.

Extraction of iMessage Data via XSS

A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques

python3批量poc检测工具

Red-team tool to hook libc read syscall with a buffer overflow vulnerability.

A collection of JavaScript Codes I've made to enhance the User Experience of Discord and some other Discord related stuff

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

Hack The Printer

Proof of concept code for the Spectre CPU exploit.

share some useful archives about vm and qemu escape exploit.

GitLab CE/EE Preauth RCE using ExifTool

The first tool to download any Guitar Pro file, including 'Official' from Ultimate Guitar

Basic tool to automate backdooring PE files