953 Open source projects that are alternatives of or similar to Cve 2019 1003000 Jenkins Rce Poc

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

A social experiment

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

No description or website provided.

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

Some personal exploits/pocs

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!

Notes about attacking Jenkins servers

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

Asynchronous Python implementation of SlowLoris DoS attack

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

Focus on cybersecurity | collection of PoC and Exploits

🦄🔒 Awesome list of secrets in environment variables 🖥️

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

PoC materials for article https://habr.com/en/post/486856/

💣 Remotely render any nearby iPhone or iPad unusable

Exploit Code for CVE-2020-1472 aka Zerologon

Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb

Exploit Discord's cache system to remote upload payloads on Discord users machines

CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.

Vulnerability Labs for security analysis

Blueborne CVE-2017-0781 Android heap overflow vulnerability

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

Writeup of CVE-2020-15906

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

Hourly updated database of exploit and exploitation reports

ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)

☠️ Call of Duty - Vulnerabilities and proof-of-concepts

PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Working Python test and PoC for CVE-2018-11776, includes Docker lab

Extraction of iMessage Data via XSS

Proof of concept code for the Spectre CPU exploit.

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

Focus on cybersecurity | collection of PoC and Exploits

an RCE (remote command execution) approach of CVE-2018-7750

radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container

Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam

Extensible framework for analyzing publicly available information about vulnerabilities

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

SambaCry exploit and vulnerable container (CVE-2017-7494)

CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers

ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit

Exploiting Edge's read:// urlhandler

Roundcube 1.0.0 <= 1.2.2 Remote Code Execution exploit and vulnerable container

DoS PoC's for SAP products