malware-s2eCode for my blog post on using S2E for malware analysis
Stars: ✭ 21 (-52.27%)
IDA WrapperAn IDA_Wrapper for linux, shipped with an Function Identifier. It works well with Driller on static linked binaries.
Stars: ✭ 14 (-68.18%)
Wasabi AegYet another implementation of AEG (Automated Exploit Generation) using symbolic execution engine Triton.
Stars: ✭ 23 (-47.73%)
CVE-2018-2380PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM
Stars: ✭ 55 (+25%)
LightCosmosRatA remote administration tool for Windows, written in C#
Stars: ✭ 31 (-29.55%)
exynos-usbdlUnsigned code loader for Exynos BootROM
Stars: ✭ 57 (+29.55%)
angr-antievasionFinal project for the M.Sc. in Engineering in Computer Science at Università degli Studi di Roma "La Sapienza" (A.Y. 2016/2017).
Stars: ✭ 35 (-20.45%)
armroperARM rop chain gadget searcher
Stars: ✭ 36 (-18.18%)
dheaterD(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Stars: ✭ 142 (+222.73%)
break-fast-serialA proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
Stars: ✭ 53 (+20.45%)
GhostGhost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.
Stars: ✭ 1,934 (+4295.45%)
LogServiceCrashPOC code to crash Windows Event Logger Service
Stars: ✭ 23 (-47.73%)
BrahmaBrahma - Privilege elevation exploit for Nintendo 3DS
Stars: ✭ 34 (-22.73%)
ADMMutateClassic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…
Stars: ✭ 69 (+56.82%)
Drupalgeddon3Drupal < 7.58 - Drupalgeddon 3 Authenticated Remote Code Execution (Metasploit)
Stars: ✭ 18 (-59.09%)
CVE-2019-8449CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (+50%)
pysploit-frameworkfree exploit framework written use python language version 3.3
Stars: ✭ 33 (-25%)
dirtycowradare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability
Stars: ✭ 93 (+111.36%)
kernelpwnkernel-pwn and writeup collection
Stars: ✭ 348 (+690.91%)
reosploitA Tool that Finds, Enumerates, and Exploits Reolink Cameras.
Stars: ✭ 89 (+102.27%)
XxexploiterTool to help exploit XXE vulnerabilities
Stars: ✭ 243 (+452.27%)
overflowA command-line tool for exploiting stack-based buffer overflow vulnerabilities.
Stars: ✭ 66 (+50%)
exploitsSome of my public exploits
Stars: ✭ 50 (+13.64%)
saiStaged Abstract Interpreters
Stars: ✭ 58 (+31.82%)
shu-shellWebshell Jumping Edition
Stars: ✭ 23 (-47.73%)
PoC-BankFocus on cybersecurity | collection of PoC and Exploits
Stars: ✭ 83 (+88.64%)
getroot🛠️ Tool to bypass my school's security system to get sudo privileges on MacOS
Stars: ✭ 34 (-22.73%)
PocOrExp in Github聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
Stars: ✭ 544 (+1136.36%)
rsGenrsGen is a Reverse Shell Payload Generator for hacking.
Stars: ✭ 71 (+61.36%)
BoomERFramework for exploiting local vulnerabilities
Stars: ✭ 84 (+90.91%)
steviaA simple (unfinished) SMT solver for QF_ABV.
Stars: ✭ 30 (-31.82%)
EOS-Proxy-TokenProxy token to allow mitigating EOSIO Ram exploit
Stars: ✭ 22 (-50%)
purelovePurelove is a lightweight penetration testing framework, in order to better security testers testing holes with use.
Stars: ✭ 52 (+18.18%)
UTBotCppTool that generates unit test by C/C++ source code, trying to reach all branches and maximize code coverage
Stars: ✭ 59 (+34.09%)
fusee-nanoA minimalist re-implementation of the Fusée Gelée exploit (http://memecpy.com), designed to run on embedded Linux devices. (Zero dependencies)
Stars: ✭ 49 (+11.36%)
inthewilddbHourly updated database of exploit and exploitation reports
Stars: ✭ 127 (+188.64%)
crete-devCRETE under development
Stars: ✭ 56 (+27.27%)
IAT APIAssembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.
Stars: ✭ 63 (+43.18%)
PatrowlHearsDataOpen-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds
Stars: ✭ 66 (+50%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (+218.18%)
xss-http-injectorXSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.
Stars: ✭ 22 (-50%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (+18.18%)
DoubleStarA personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques
Stars: ✭ 140 (+218.18%)
readhookRed-team tool to hook libc read syscall with a buffer overflow vulnerability.
Stars: ✭ 31 (-29.55%)
Discord-Console-hacksA collection of JavaScript Codes I've made to enhance the User Experience of Discord and some other Discord related stuff
Stars: ✭ 353 (+702.27%)
Icg AutoexploiterbotWordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥
Stars: ✭ 242 (+450%)
HTPHack The Printer
Stars: ✭ 31 (-29.55%)
SpectrepocProof of concept code for the Spectre CPU exploit.
Stars: ✭ 239 (+443.18%)
Awesome Vm Exploit share some useful archives about vm and qemu escape exploit.
Stars: ✭ 239 (+443.18%)
CVE-2021-22205GitLab CE/EE Preauth RCE using ExifTool
Stars: ✭ 165 (+275%)
Ultimate-Guitar-HackThe first tool to download any Guitar Pro file, including 'Official' from Ultimate Guitar
Stars: ✭ 61 (+38.64%)
SubRosaBasic tool to automate backdooring PE files
Stars: ✭ 48 (+9.09%)