Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+13203.45%)
exprologProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)
Stars: ✭ 131 (+351.72%)
Exploit Cve 2016 9920Roundcube 1.0.0 <= 1.2.2 Remote Code Execution exploit and vulnerable container
Stars: ✭ 34 (+17.24%)
log4jpwnlog4j rce test environment and poc
Stars: ✭ 306 (+955.17%)
ExploitsMiscellaneous exploit code
Stars: ✭ 1,157 (+3889.66%)
exploitsSome personal exploits/pocs
Stars: ✭ 52 (+79.31%)
Cve 2020 16898CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule
Stars: ✭ 207 (+613.79%)
Apk Utilities🛠 Tools and scripts to manipulate Android APKs
Stars: ✭ 134 (+362.07%)
CVE-2019-7609RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer
Stars: ✭ 47 (+62.07%)
Gitlab rceRCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
Stars: ✭ 104 (+258.62%)
GopherusThis tool generates gopher link for exploiting SSRF and gaining RCE in various servers
Stars: ✭ 1,258 (+4237.93%)
PrintNightmare-CVE-2021-34527PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits
Stars: ✭ 73 (+151.72%)
Java Sec CodeJava web common vulnerabilities and security code which is base on springboot and spring security
Stars: ✭ 1,033 (+3462.07%)
RCE-python-oneliner-payloadPython bind shell single line code for both Unix and Windows, used to find and exploit RCE (ImageMagick, Ghostscript, ...)
Stars: ✭ 23 (-20.69%)
Pwn jenkinsNotes about attacking Jenkins servers
Stars: ✭ 841 (+2800%)
CovertutilsA framework for Backdoor development!
Stars: ✭ 424 (+1362.07%)
python-log4rceAn All-In-One Pure Python PoC for CVE-2021-44228
Stars: ✭ 179 (+517.24%)
GodnslogAn exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Stars: ✭ 172 (+493.1%)
JavacodeauditGetting started with java code auditing 代码审计入门的小项目
Stars: ✭ 289 (+896.55%)
Cve 2019 1003000 Jenkins Rce PocJenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
Stars: ✭ 270 (+831.03%)
cloudrasp-log4j2一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.
Stars: ✭ 105 (+262.07%)
weeshopECShop 微信小程序商城非官方版,基于3.6版本 appserver 接口。
Stars: ✭ 90 (+210.34%)
Cve 2019 7609exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts
Stars: ✭ 108 (+272.41%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (+6.9%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (+255.17%)
OSCESome exploits, which I’ve created during my OSCE preparation.
Stars: ✭ 74 (+155.17%)
penelopePenelope Shell Handler
Stars: ✭ 291 (+903.45%)
CiscoexploitCisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)
Stars: ✭ 73 (+151.72%)
exploit-CVE-2015-3306ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container
Stars: ✭ 97 (+234.48%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+3620.69%)
Cve 2018 18852CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.
Stars: ✭ 42 (+44.83%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+2958.62%)
CVE-2020-36179CVE-2020-36179~82 Jackson-databind SSRF&RCE
Stars: ✭ 77 (+165.52%)
HiddenWindows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc
Stars: ✭ 768 (+2548.28%)
Mecfor mass exploiting
Stars: ✭ 448 (+1444.83%)
NetelfRun executables from memory, over the network, on Windows, Linux, OpenVMS... routers... spaceships... toasters etc.
Stars: ✭ 220 (+658.62%)
PwnX.py🏴☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit
Stars: ✭ 30 (+3.45%)
SirepratRemote Command Execution as SYSTEM on Windows IoT Core (releases available for Python2.7 & Python3)
Stars: ✭ 326 (+1024.14%)
XrcrossXRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
Stars: ✭ 175 (+503.45%)
Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (+820.69%)
rceDistributed, workflow-driven integration environment
Stars: ✭ 42 (+44.83%)
DdoorDDoor - cross platform backdoor using dns txt records
Stars: ✭ 168 (+479.31%)
CVE-2022-21907-http.sysProof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers
Stars: ✭ 67 (+131.03%)
Umbraco-RCEUmbraco CMS 7.12.4 - (Authenticated) Remote Code Execution
Stars: ✭ 61 (+110.34%)
CVE-2020-5902exploit code for F5-Big-IP (CVE-2020-5902)
Stars: ✭ 37 (+27.59%)
vbulletin5-rceCVE-2019-16759 vbulletin 5.0.0 till 5.5.4 pre-auth rce
Stars: ✭ 21 (-27.59%)