271 Open source projects that are alternatives of or similar to Gopoc

Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）

RouterOS Security Research Tooling and Proof of Concepts

A powerful dynamic crawler for web vulnerability scanners

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

CMS渗透测试框架-A CMS Exploit Framework

The Definitive Guide to Dark Mode and Bootstrap 4 - A proof of concept

Where ideas & concepts are born & incubated

Brandis: End-to-end encryption for everyone

红队综合渗透框架

PROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK

SpectreExploit POC

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

PoC for triggering buffer overflow via CVE-2020-0796

Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)

Exploit Discord's cache system to remote upload payloads on Discord users machines

Blueborne CVE-2017-0785 Android information leak vulnerability

Blueborne CVE-2017-0781 Android heap overflow vulnerability

hacker, ready for more of our story ! 🚀

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

This repository contains several applications, demonstrating the Meltdown bug.

PERIODs and SYSTEM VERSIONING for PostgreSQL

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

poc or exp of android vulnerability

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).

android proxy setting tool

CVE-2020-0796 Remote Code Execution POC

Working Python test and PoC for CVE-2018-11776, includes Docker lab

iOS 8.3 Mail.app inject kit

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

Miscellaneous exploit code

SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

POC for my Medium article

Fast and customizable vulnerability scanner based on simple YAML based DSL.

Optimized implementation for color-icon-matrix barcodes

Awesome .NET Security Resources

CVE-2020-10199、CVE-2020-10204漏洞一键检测工具，图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.

🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield

PoC of injecting code into a running Linux process

CMS auto detect and exploit.

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

AWVS12 最新版本12.0.190902105_x64

Very simplified shop sales system made in a microservices architecture using quarkus

secureCodeBox (SCB) - continuous secure delivery out of the box

An example rootkit that gives a userland process root permissions

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

NERVE Continuous Vulnerability Scanner

A social experiment

PHP Security Check List [ EN ] 🌋 ☣️

Use Trivy as a plug-in vulnerability scanner in the Harbor registry

Hacking Charles Web Debugging Proxy

CORS Misconfiguration Scanner

🆕 The Multi-Tool Web Vulnerability Scanner.