187 Open source projects that are alternatives of or similar to Exploits

Some personal exploits/pocs

🌴Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file

A collection of curated Java Deserialization Exploits

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

The Correlated CVE Vulnerability And Threat Intelligence Database API

PatrowlHears - Vulnerability Intelligence Center / Exploits

Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.

Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity

Collection of things made during my preparation to take on OSEE

A collection of electronic hacker magazines carefully curated over the years from multiple sources

RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1

A simple Java command-line utility to mirror the CVE JSON data from NIST.

Miscellaneous exploit code

PoC materials for article https://habr.com/en/post/486856/

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Collection of resources for my preparation to take the OSEE certification.

Micro-framework for rapid development of reusable security tools

IVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.

🔥 An Exploit framework for Web Vulnerabilities written in Python

Vulnerability Labs for security analysis

A list of resources in different fields of Computer Science (multiple languages)

Writeup of CVE-2020-15906

Exploitation on different architectures (x86, x64, arm, mips, avr)

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

Find exploits in local and online databases instantly

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

This custom Fail2Ban filter and jail will deal with all scans for common Wordpress, Joomla and other Web Exploits being scanned for by automated bots and those seeking to find exploitable web sites.

Repository for information about 0-days exploited in-the-wild.

The PHP Security Checker

Exploitation Framework for Embedded Devices

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Exploiting Edge's read:// urlhandler

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.

Shodan API client

A Ruby framework designed to aid in the penetration testing of WordPress systems.

Unofficial api for cve.mitre.org

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428

cve-search - a tool to perform local searches for known vulnerabilities

Poc Collected for study and develop

OSINT tool - gets data from services like shodan, censys etc. in one app

The clever vulnerability dependency finder

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

This repo records all the vulnerabilities of linux software I have reproduced in my local workspace

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

A social experiment

Find exploit tool

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.

Exploit Pack -The next generation exploit framework

collection of verified Linux kernel exploits

The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments