903 Open source projects that are alternatives of or similar to Exphub

Algorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.

Security-related PHP7 OPcache abuse tools and demo

Exploit Discord's cache system to remote upload payloads on Discord users machines

Proof of concept code for the Spectre CPU exploit.

Here you can get full exploit for SAP NetWeaver AS JAVA

rsGen is a Reverse Shell Payload Generator for hacking.

Use shell to build weblogic debug environment for CVE-2020-2551

WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.

Drupal < 7.58 - Drupalgeddon 3 Authenticated Remote Code Execution (Metasploit)

Focus on cybersecurity | collection of PoC and Exploits

A command-line tool for exploiting stack-based buffer overflow vulnerabilities.

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

Focus on cybersecurity | collection of PoC and Exploits

exploit

Kubernetes security and vulnerability tools and utilities.

Guest to host VM escape exploit for Parallels Desktop

A number of scripts POC's and problems solved as pentests move along.

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Advanced Web Browser Fingerprinting

A social experiment

This is a minified exploit for mikrotik routers. It does not require any aditional modules to run.

SQL Injection Payload List

PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

PoC exploit for CVE-2016-4622

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Xbox One Symbolic Link Exploit: Access restricted/encrypted volumes using the Xbox File Explorer.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

PoC materials for article https://habr.com/en/post/486856/

Advanced vulnerability scanning with Nmap NSE

Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.

hack tools

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...

CVE-2020-10199、CVE-2020-10204漏洞一键检测工具，图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

Vulnerability Labs for security analysis

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Working Python test and PoC for CVE-2018-11776, includes Docker lab

Safari local file reader

Open Source DevOps Framework

ISF(Industrial Security Exploitation Framework) is a exploitation framework based on Python.

一款基于webshell命令执行功能实现的GUI webshell管理工具，支持流量加密

Exploit for CVE-2019-9810 Firefox on Windows 64-bit.

The Bolt Design System provides robust Twig and Web Component-powered UI components, reusable visual styles, and powerful tooling to help developers, designers, and content authors build, maintain, and scale best of class digital experiences.

全栈工程师学习笔记；Spring登录、shiro登录、CAS单点登录和Spring boot oauth2单点登录；Spring data cache 缓存，支持Redis和EHcahce; web安全，常见web安全漏洞以及解决思路；常规组件，比如redis、mq等；quartz定时任务，支持持久化数据库，动态维护启动暂停关闭；docker基本用法，常用image镜像使用，Docker-MySQL、docker-Postgres、Docker-nginx、Docker-nexus、Docker-Redis、Docker-RabbitMQ、Docker-zookeeper、Docker-es、Docker-zipkin、Docker-ELK等；mybatis实践、spring实践、spring boot实践等常用集成；基于redis的分布式锁；基于shared-jdbc的分库分表，支持原生jdbc和Spring Boot Mybatis

web scanner - exploitation - information gathering

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

collection of verified Linux kernel exploits

Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.

鹿不在侧，鲸不予游🐋

Windows Exploit Suggester - Next Generation

A code generator for Drupal.