754 Open source projects that are alternatives of or similar to CVE-2019-8449

A collection of JavaScript engine CVEs with PoCs

Proof of concept of VMSA-2017-0012

Vulnerability (CVE) scanner for Nix/NixOS.

Exploits developed by me.

This repo records all the vulnerabilities of linux software I have reproduced in my local workspace

PatrowlHears - Vulnerability Intelligence Center / Exploits

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

🔥 An Exploit framework for Web Vulnerabilities written in Python

🌴Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

List of real-world threats against endpoint protection software

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1

Collection of different exploits

CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

rsGen is a Reverse Shell Payload Generator for hacking.

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

Fast and customizable vulnerability scanner For JIRA written in Python

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

A semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities

HatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.

ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit

SQL Injection Payload List

Experiments on C/C++ Exploits

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

Apache Shiro 反序列化漏洞检测与利用工具

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

IoT 固件漏洞复现环境

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam

iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

A collection of Discord bugs and exploits

A command-line tool for exploiting stack-based buffer overflow vulnerabilities.

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

Asynchronous Python implementation of SlowLoris DoS attack

Here you can get full exploit for SAP NetWeaver AS JAVA

A social experiment

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

Connect Grafana to Jira cloud to retrieve metrics on your Jira issues.

PoC materials for article https://habr.com/en/post/486856/

Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.

Safari local file reader

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

汽车/安卓/固件/代码安全测试工具集

Advanced vulnerability scanning with Nmap NSE

collection of verified Linux kernel exploits

Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb

PoC exploit for CVE-2016-4622

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

A collection of android Exploits and Hacks

Reverse Shell as a Service

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs