CiscoexploitCisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)
Stars: ✭ 73 (-79.67%)
exploitsSome personal exploits/pocs
Stars: ✭ 52 (-85.52%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+974.65%)
Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (-25.63%)
CVE-2022-21907-http.sysProof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers
Stars: ✭ 67 (-81.34%)
Cve 2019 1003000 Jenkins Rce PocJenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
Stars: ✭ 270 (-24.79%)
Umbraco-RCEUmbraco CMS 7.12.4 - (Authenticated) Remote Code Execution
Stars: ✭ 61 (-83.01%)
Exploit-DevelopmentExploit Development - Weaponized Exploit and Proof of Concepts (PoC)
Stars: ✭ 84 (-76.6%)
ExploitsMiscellaneous exploit code
Stars: ✭ 1,157 (+222.28%)
exprologProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)
Stars: ✭ 131 (-63.51%)
PhirauteeA proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.
Stars: ✭ 96 (-73.26%)
CVE-2018-19276CVE-2018-19276 - OpenMRS Insecure Object Deserialization RCE
Stars: ✭ 17 (-95.26%)
swisscheeseExploits for YARA 3.7.1 & 3.8.1
Stars: ✭ 26 (-92.76%)
front-end-visual-comparison-tool🔮🔬Front-End testing tool which can be used to create a side by side visual comparison between your live site and local site.
Stars: ✭ 16 (-95.54%)
Log4j-RCE-ScannerRemote command execution vulnerability scanner for Log4j.
Stars: ✭ 200 (-44.29%)
fake-web-eventsCreates a Simulation of Fake Web Events
Stars: ✭ 48 (-86.63%)
Scripts-SploitsA number of scripts POC's and problems solved as pentests move along.
Stars: ✭ 37 (-89.69%)
OSCESome exploits, which I’ve created during my OSCE preparation.
Stars: ✭ 74 (-79.39%)
CVE-2020-1611Juniper Junos Space (CVE-2020-1611) (PoC)
Stars: ✭ 25 (-93.04%)
JavacodeauditGetting started with java code auditing 代码审计入门的小项目
Stars: ✭ 289 (-19.5%)
Jenkins Rce😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!
Stars: ✭ 262 (-27.02%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-93.31%)
RCE-python-oneliner-payloadPython bind shell single line code for both Unix and Windows, used to find and exploit RCE (ImageMagick, Ghostscript, ...)
Stars: ✭ 23 (-93.59%)
CVE-2018-7750an RCE (remote command execution) approach of CVE-2018-7750
Stars: ✭ 18 (-94.99%)
CVE-2020-5902exploit code for F5-Big-IP (CVE-2020-5902)
Stars: ✭ 37 (-89.69%)
SecExampleJAVA 漏洞靶场 (Vulnerability Environment For Java)
Stars: ✭ 228 (-36.49%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+934.82%)
ExploitsA personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.
Stars: ✭ 75 (-79.11%)
NSE-scriptsNSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (-70.75%)
ARL-NPoC集漏洞验证和任务运行的一个框架
Stars: ✭ 73 (-79.67%)
CVE-2020-8597CVE-2020-8597 pppd buffer overflow poc
Stars: ✭ 48 (-86.63%)
DeepfakeHTTPDeepfakeHTTP is a web server that uses HTTP dumps as a source for responses.
Stars: ✭ 373 (+3.9%)
foxy-minerA scavenger / conqueror wrapper for collision free multi mining of PoC coins
Stars: ✭ 17 (-95.26%)
Cve 2018 7600💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002
Stars: ✭ 330 (-8.08%)
PwnX.py🏴☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit
Stars: ✭ 30 (-91.64%)
CVE-2021-33766ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit
Stars: ✭ 37 (-89.69%)
HamsterHamster是基于mitmproxy开发的异步被动扫描框架,基于http代理进行被动扫描,主要功能为重写数据包、签名、漏洞扫描、敏感参数收集等功能(开发中)。
Stars: ✭ 27 (-92.48%)
CerberusA complete Grabber, sending data to a TCP server that you have to host and stocking all in a database.
Stars: ✭ 32 (-91.09%)
Poccollecta plenty of poc based on python
Stars: ✭ 289 (-19.5%)
Cve 2020 0796 PocPoC for triggering buffer overflow via CVE-2020-0796
Stars: ✭ 266 (-25.91%)
DomainkerBugBounty Tool
Stars: ✭ 40 (-88.86%)
DNS-FenderA Proof-of-Concept tool utilizing open DNS resolvers to produce an amplification attack against web servers. Using Shodan APIs and native Linux commands, this tool is in development to cripple web servers using spoofed DNS recursive queries.
Stars: ✭ 47 (-86.91%)
exploit-CVE-2015-3306ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container
Stars: ✭ 97 (-72.98%)
TentacleTentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform bulk vulnerability verification for multiple targets.
Stars: ✭ 258 (-28.13%)
chrome-spywareWriting Spyware Made Easy - POC spyware Chrome Extension/Server
Stars: ✭ 25 (-93.04%)
agentgoHi! Agentgo is a tool for making remote command executions from server to client with golang, protocol buffers (protobuf) and grpc.
Stars: ✭ 15 (-95.82%)