84 Open source projects that are alternatives of or similar to CVE-2020-36179

JAVA 漏洞靶场 (Vulnerability Environment For Java)

ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)

Another web vulnerabilities scanner, this extension works on Chrome and Opera

Roundcube 1.0.0 <= 1.2.2 Remote Code Execution exploit and vulnerable container

ecshop rce getshell

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

Miscellaneous exploit code

Remote command execution vulnerability scanner for Log4j.

bluekeep exploit

Some exploits, which I’ve created during my OSCE preparation.

Top disclosed reports from HackerOne

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

Getting started with java code auditing 代码审计入门的小项目

This tool generates gopher link for exploiting SSRF and gaining RCE in various servers

😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!

🛠 Tools and scripts to manipulate Android APKs

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

Java web common vulnerabilities and security code which is base on springboot and spring security

No description or website provided.

An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability

NodeJS Red-Team Cheat Sheet

Notes about attacking Jenkins servers

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1

Some personal exploits/pocs

A framework for Backdoor development!

An All-In-One Pure Python PoC for CVE-2021-44228

Remote Command Execution as SYSTEM on Windows IoT Core (releases available for Python2.7 & Python3)

A social experiment

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

SambaCry exploit and vulnerable container (CVE-2017-7494)

XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities

CVE-2018-19276 - OpenMRS Insecure Object Deserialization RCE

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

thinkphp5 rce getshell

BugBounty Tool

CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.

Hi! Agentgo is a tool for making remote command executions from server to client with golang, protocol buffers (protobuf) and grpc.

Run executables from memory, over the network, on Windows, Linux, OpenVMS... routers... spaceships... toasters etc.

Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts

Python bind shell single line code for both Unix and Windows, used to find and exploit RCE (ImageMagick, Ghostscript, ...)

Windows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc

exploit code for F5-Big-IP (CVE-2020-5902)

DDoor - cross platform backdoor using dns txt records

ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container

for mass exploiting

spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Distributed, workflow-driven integration environment

Redis(<=5.0.5) RCE

Redis 4.x/5.x RCE

CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule

Weblogic coherence.jar RCE

Hacking tools