187 Open source projects that are alternatives of or similar to Exploits

Find exploit tool

Collection of bash scripts I wrote to make my life easier or test myself that you may find useful.

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

CVE-2018-8120 Windows LPE exploit

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Find exploits in local and online databases instantly

EternalRocks worm

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

Decrypted content of eqgrp-auction-file.tar.xz

This custom Fail2Ban filter and jail will deal with all scans for common Wordpress, Joomla and other Web Exploits being scanned for by automated bots and those seeking to find exploitable web sites.

Advisories, proof of concept files and exploits that have been made public by @pedrib.

Repository for information about 0-days exploited in-the-wild.

WebMap-Nmap Web Dashboard and Reporting

The PHP Security Checker

Vulners Python API wrapper

Exploitation Framework for Embedded Devices

BootStomp: a bootloader vulnerability finder

Exploits and Security Tools Framework 2.0.1

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

IVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.

Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.

A Collection of Various Discord Bugs, Exploits, Un-Documented Parts of the Discord API, and Other Discord Related Miscellaneous Stuff.

Vulnerability Labs for security analysis

CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.

Exploit Pack -The next generation exploit framework

NVD/CVE as JSON files

Shodan API client

Challenges and vulnerabilities exploitation.

Unofficial api for cve.mitre.org

Log4j Vulnerability Scanner for Windows

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

Just some exploits :P

patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428

Botnet targeting Windows machines written entirely in Python & open source security project.

cve-search - a tool to perform local searches for known vulnerabilities

Cybersecurity stuff for both the blue team and the red team, mostly red though.

Poc Collected for study and develop

异步漏洞利用框架

automation framework for kenzerdb

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

This repo records all the vulnerabilities of linux software I have reproduced in my local workspace

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

An advanced command-line search engine for Exploit-DB

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

Public Disclosures

A social experiment

A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

CTF programs and writeups

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments

Resources for Windows exploit development

ISF(Industrial Control System Exploitation Framework)，a exploitation framework based on Python

collection of verified Linux kernel exploits

kernel privilege escalation enumeration and exploitation framework

pigat ( Passive Intelligence Gathering Aggregation Tool ) 被动信息收集聚合工具

Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.