249 Open source projects that are alternatives of or similar to CVE-2022-21907-http.sys

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

Miscellaneous exploit code

CVE-2020-0796 Remote Code Execution POC

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

No description or website provided.

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

A social experiment

Hacking tools

Some personal exploits/pocs

WTSafeGuard can effectively prevent the IOS system application crash

A scavenger / conqueror wrapper for collision free multi mining of PoC coins

An All-In-One Pure Python PoC for CVE-2021-44228

POC de uma aplicação de domínio financeiro.

IOS崩溃异常的处理，防止数组越界，字典空值处理

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

Pools organized for Epitech's students in 2021.

CVE-2019-16759 vbulletin 5.0.0 till 5.5.4 pre-auth rce

Hamster是基于mitmproxy开发的异步被动扫描框架，基于http代理进行被动扫描，主要功能为重写数据包、签名、漏洞扫描、敏感参数收集等功能（开发中）。

RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

解析iOS crash 工具

A number of scripts POC's and problems solved as pentests move along.

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

CVE-2020-11651: Proof of Concept

Vagrant As Automation Script

A Kotlin multiplatform example app that targets Android, ReactJS, iOS, JavaFx, and Spring Boot

spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧

Creates a Simulation of Fake Web Events

GZip HTTP Bombing in Python for everyone

Python bind shell single line code for both Unix and Windows, used to find and exploit RCE (ImageMagick, Ghostscript, ...)

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

Exploits for YARA 3.7.1 & 3.8.1

Distributed, workflow-driven integration environment

exploit code for F5-Big-IP (CVE-2020-5902)

一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

Documentation, configuration, reference material and other information around an Asterisk-based VNF

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

A PoC on passing data through UNIX file privilege bits (RWX Triplets)

POC code to crash Windows Event Logger Service

Small HTML DoS exploit kit aimed at mobile browsers that allows rapid deployment and testing

Task Hijacking in Android (somebody call it also StrandHogg vulnerability)

Easy integration and deployment of Django projects into Windows Environments

集漏洞验证和任务运行的一个框架

CVE-2020-8597 pppd buffer overflow poc

IOTA Proof of Concept, store MQTT messages on the tangle.

log4j rce test environment and poc

Blueborne CVE-2017-1000251 PoC for linux machines

一个简易的日志打印框架（支持打印策略自定义，默认提供2种策略：logcat打印和磁盘打印）

A website for interacting with kahoot games.

🔮🔬Front-End testing tool which can be used to create a side by side visual comparison between your live site and local site.

Some exploits, which I’ve created during my OSCE preparation.

A Proof-of-Concept tool utilizing open DNS resolvers to produce an amplification attack against web servers. Using Shodan APIs and native Linux commands, this tool is in development to cripple web servers using spoofed DNS recursive queries.

Focus on cybersecurity | collection of PoC and Exploits

We're working with community non-profits who have a Host Home or empty bedrooms initiative to develop a workflow management tool to make the process scalable (across all providers), reduce institutional bias, and effectively capture data.

Set of React Native components that allow reporting of the crashes in RN applications.