397 Open source projects that are alternatives of or similar to exploit-CVE-2015-3306

Distributed, workflow-driven integration environment

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

Focus on cybersecurity | collection of PoC and Exploits

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧

POC script for the ManageEngine Multiple Products Authenticated File Upload Exploit

Penelope Shell Handler

Tool to help exploit XXE vulnerabilities

CVE-2019-16759 vbulletin 5.0.0 till 5.5.4 pre-auth rce

Proof of concept code for the Spectre CPU exploit.

Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

FTP proxy support for ProFTPD

Windows 8.1 and 10 UAC bypass abusing WinSxS in "dccw.exe".

Exploit PollDaddy polls

NekoBot | Auto Exploiter With 500+ Exploit 2000+ Shell

RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer

Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb

XSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.

Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.

An All-In-One Pure Python PoC for CVE-2021-44228

A Network Enumeration and Attack Toolset for Windows Active Directory Environments.

PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Windows Exploit Suggester - Next Generation

Hack The Printer

Encrypted exploit delivery for the masses

Python script to decrypt passwords stored by mRemoteNG

Linux local root exploit for CVE-2014-0038

Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam

Exploit Code for CVE-2020-1472 aka Zerologon

POC code to crash Windows Event Logger Service

Shodanwave is a tool for exploring and obtaining information from Netwave IP Camera.

A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs

The first tool to download any Guitar Pro file, including 'Official' from Ultimate Guitar

Proof of concept of VMSA-2017-0012

A collection of Discord bugs and exploits

☠️ Call of Duty - Vulnerabilities and proof-of-concepts

ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)

JSshell - JavaScript reverse/remote shell

Unsigned code loader for Exynos BootROM

Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing.

Webshell Jumping Edition

Escalate as Administrator bypassing the UAC affecting administrator accounts only.

some experience in CTFs

gtfo, now with the speed of golang

A minimalist re-implementation of the Fusée Gelée exploit (http://memecpy.com), designed to run on embedded Linux devices. (Zero dependencies)

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

Advanced vulnerability scanning with Nmap NSE

Research on Anti-malware and other related security solutions

🛠️ Tool to bypass my school's security system to get sudo privileges on MacOS

collection of verified Linux kernel exploits

PS4 5.01 WebKit Exploit PoC

kernel-pwn and writeup collection

PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM

generate and search pattern string for exploit development

A python based tool for exploiting and managing Android devices via ADB

rsGen is a Reverse Shell Payload Generator for hacking.