207 Open source projects that are alternatives of or similar to exprolog

A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).

ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

Hacking tools

A social experiment

Miscellaneous exploit code

Some personal exploits/pocs

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

No description or website provided.

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

JAVA 漏洞靶场 (Vulnerability Environment For Java)

CVE-2020-36179~82 Jackson-databind SSRF&RCE

Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

CVE-2020-0796 Remote Code Execution POC

collection poc use pocsuite framework 收集一些 poc with pocsuite框架

CVE-2020-0796 Local Privilege Escalation POC

Working Python test and PoC for CVE-2018-11776, includes Docker lab

Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

poc-collection 是对 github 上公开的 PoC 进行收集的一个项目。

PoC materials for article https://habr.com/en/post/486856/

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

🐩 Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566 🐩

Python3编写的CMS漏洞检测框架

CVE-2020-1206 Uninitialized Kernel Memory Read POC

Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb

用cel-go重现了长亭xray的poc检测功能的轮子

A Proof of Capacity proxy which supports solo and pool mining upstreams

SpectreExploit POC

鹿不在侧，鲸不予游🐋

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5…

Blueborne CVE-2017-0781 Android heap overflow vulnerability

Krack POC

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

Authenticate against a MySQL server without knowing the cleartext password

Nuclei Templates to reproduce Cracking the lens's Research

Proof of concept code for the Spectre CPU exploit.

Exploit Code for CVE-2020-1472 aka Zerologon

A python script designed to check if the website if vulnerable of clickjacking and create a poc

Various proofs of concept examples using Github Actions 🤖

Focus on cybersecurity | collection of PoC and Exploits

💣 Remotely render any nearby iPhone or iPad unusable

Algorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

✍️ A curated list of CVE PoCs.

Cross platform PoC ransomware written in Go

Exploit Discord's cache system to remote upload payloads on Discord users machines

prove of concept using angularjs (1.x) accessing github api

☠️ Call of Duty - Vulnerabilities and proof-of-concepts

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

Poc Collected for study and develop

用于漏洞排查的pocsuite3验证POC代码

ISF(Industrial Security Exploitation Framework) is a exploitation framework based on Python.

POC for my Medium article

CVE-2020-10199、CVE-2020-10204漏洞一键检测工具，图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.

Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity