1061 Open source projects that are alternatives of or similar to Gitlab_rce

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

A social experiment

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

GitLab CE/EE Preauth RCE using ExifTool

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Very simple script(s) to hasten binary exploit creation

Hourly updated database of exploit and exploitation reports

DoS PoC's for SAP products

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability

Exploiting challenges in Linux and Windows

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

The best tool for finding one gadget RCE in libc.so.6

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

A hyper plugin to provide a flexible GDB GUI with the help of GEF, pwndbg or peda

Repository to train/learn memory corruption on the ARM platform.

CVE-2018-8120 Windows LPE exploit

Notes about attacking Jenkins servers

Extraction of iMessage Data via XSS

CTF竞赛权威指南

Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam

some experience in CTFs

kernel-pwn and writeup collection

Penelope Shell Handler

A collection of hacking / penetration testing resources to make you better!

ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container

CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.

Extensible framework for analyzing publicly available information about vulnerabilities

Some personal exploits/pocs

CTF中Pwn的快速利用模板（包含awd pwn）

Framework for rapid development and reusable of security tools

No description or website provided.

Web wrapper of niklasb/libc-database

😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!

SambaCry exploit and vulnerable container (CVE-2017-7494)

CTF framework and exploit development library

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢

Remote Command Execution as SYSTEM on Windows IoT Core (releases available for Python2.7 & Python3)

🌸 Interactive shellcoding environment to easily craft shellcodes

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

Vulnerability Labs for security analysis

Writeup of CVE-2020-15906

📚 VoidHack CTF write-ups

Roundcube 1.0.0 <= 1.2.2 Remote Code Execution exploit and vulnerable container

Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity

📢 🔒 Exploit farm for attack-defense CTF competitions

log4j2 remote code execution or IP leakage exploit (with examples)

Exploiting Edge's read:// urlhandler

Some of my CTF solutions

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)