PwnX.py🏴☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit
Stars: ✭ 30 (-69.07%)
Cve 2018 18852CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.
Stars: ✭ 42 (-56.7%)
Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (+175.26%)
SirepratRemote Command Execution as SYSTEM on Windows IoT Core (releases available for Python2.7 & Python3)
Stars: ✭ 326 (+236.08%)
Cve 2019 1003000 Jenkins Rce PocJenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
Stars: ✭ 270 (+178.35%)
Exploit-DevelopmentExploit Development - Weaponized Exploit and Proof of Concepts (PoC)
Stars: ✭ 84 (-13.4%)
Pwn jenkinsNotes about attacking Jenkins servers
Stars: ✭ 841 (+767.01%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+1012.37%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+3877.32%)
Umbraco-RCEUmbraco CMS 7.12.4 - (Authenticated) Remote Code Execution
Stars: ✭ 61 (-37.11%)
Exploit Cve 2016 9920Roundcube 1.0.0 <= 1.2.2 Remote Code Execution exploit and vulnerable container
Stars: ✭ 34 (-64.95%)
Jenkins Rce😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!
Stars: ✭ 262 (+170.1%)
CiscoexploitCisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)
Stars: ✭ 73 (-24.74%)
Gitlab rceRCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
Stars: ✭ 104 (+7.22%)
CVE-2019-8449CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (-31.96%)
LightCosmosRatA remote administration tool for Windows, written in C#
Stars: ✭ 31 (-68.04%)
BoomERFramework for exploiting local vulnerabilities
Stars: ✭ 84 (-13.4%)
cloudrasp-log4j2一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.
Stars: ✭ 105 (+8.25%)
dirtycowradare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability
Stars: ✭ 93 (-4.12%)
log4jpwnlog4j rce test environment and poc
Stars: ✭ 306 (+215.46%)
rceDistributed, workflow-driven integration environment
Stars: ✭ 42 (-56.7%)
PoC-BankFocus on cybersecurity | collection of PoC and Exploits
Stars: ✭ 83 (-14.43%)
penelopePenelope Shell Handler
Stars: ✭ 291 (+200%)
vbulletin5-rceCVE-2019-16759 vbulletin 5.0.0 till 5.5.4 pre-auth rce
Stars: ✭ 21 (-78.35%)
ADMMutateClassic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…
Stars: ✭ 69 (-28.87%)
CVE-2019-7609RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer
Stars: ✭ 47 (-51.55%)
python-log4rceAn All-In-One Pure Python PoC for CVE-2021-44228
Stars: ✭ 179 (+84.54%)
xss-http-injectorXSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.
Stars: ✭ 22 (-77.32%)
DoubleStarA personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques
Stars: ✭ 140 (+44.33%)
PrintNightmare-CVE-2021-34527PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits
Stars: ✭ 73 (-24.74%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (+29.9%)
readhookRed-team tool to hook libc read syscall with a buffer overflow vulnerability.
Stars: ✭ 31 (-68.04%)
HTPHack The Printer
Stars: ✭ 31 (-68.04%)
mRemoteNG-DecryptPython script to decrypt passwords stored by mRemoteNG
Stars: ✭ 96 (-1.03%)
batchqlGraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
Stars: ✭ 251 (+158.76%)
CRAXCRAX: software CRash analysis for Automatic eXploit generation
Stars: ✭ 44 (-54.64%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-68.04%)
CVE-2021-22205GitLab CE/EE Preauth RCE using ExifTool
Stars: ✭ 165 (+70.1%)
LogServiceCrashPOC code to crash Windows Event Logger Service
Stars: ✭ 23 (-76.29%)
overflowA command-line tool for exploiting stack-based buffer overflow vulnerabilities.
Stars: ✭ 66 (-31.96%)
Ultimate-Guitar-HackThe first tool to download any Guitar Pro file, including 'Official' from Ultimate Guitar
Stars: ✭ 61 (-37.11%)
EOS-Proxy-TokenProxy token to allow mitigating EOSIO Ram exploit
Stars: ✭ 22 (-77.32%)
break-fast-serialA proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
Stars: ✭ 53 (-45.36%)
exprologProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)
Stars: ✭ 131 (+35.05%)
exynos-usbdlUnsigned code loader for Exynos BootROM
Stars: ✭ 57 (-41.24%)
shu-shellWebshell Jumping Edition
Stars: ✭ 23 (-76.29%)
go-gtfogtfo, now with the speed of golang
Stars: ✭ 59 (-39.18%)