823 Open source projects that are alternatives of or similar to IAT_API

🌸 Interactive shellcoding environment to easily craft shellcodes

A minimalist re-implementation of the Fusée Gelée exploit (http://memecpy.com), designed to run on embedded Linux devices. (Zero dependencies)

Exploit Netwave and GoAhead IP Camera

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

Self contained htaccess shells and attacks

A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques

📢 🔒 Exploit farm for attack-defense CTF competitions

POC code to crash Windows Event Logger Service

Example of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)

Unsigned code loader for Exynos BootROM

Golang clamd (clamav daemon) client library

kernel-pwn and writeup collection

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

Working Python test and PoC for CVE-2018-11776, includes Docker lab

Disabling kernel lockdown on Ubuntu without physical access

Open Mesh OM5P-AC v2 Unlocker (U-Boot 1.1.4 based)

Simple and fast discord token cracker

windows-kernel-exploits Windows平台提权漏洞集合

A remote administration tool for Windows, written in C#

A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side

Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…

Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.

Exploit PollDaddy polls

Reference: http://www.secgeek.net/bookfresh-vulnerability/

XSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.

Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.

Red-team tool to hook libc read syscall with a buffer overflow vulnerability.

share some useful archives about vm and qemu escape exploit.

GitLab CE/EE Preauth RCE using ExifTool

Framework to test any Anti-Cheat

A command-line tool for exploiting stack-based buffer overflow vulnerabilities.

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

DoS PoC's for SAP products

Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI

Webshell Jumping Edition

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

Automated Mass Exploiter

rsGen is a Reverse Shell Payload Generator for hacking.

RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1

Purelove is a lightweight penetration testing framework, in order to better security testers testing holes with use.

Multiplatform reverse shell generator

ARM rop chain gadget searcher

Extraction of iMessage Data via XSS

free exploit framework written use python language version 3.3

Hypervisor Memory Introspection Core Library

Python telnet honeypot for catching botnet binaries

Various local exploits

An open source script to perform malware static analysis on Portable Executable

My first Android app: Launch Fusée Gelée payloads from stock Android (CVE-2018-6242)

A simple auditing utility for macOS

A collection of Destiny 2 macros built with AutoHotKey

Unsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest

Plaintext Password harvesting from Azure Windows VMs

log4j2 remote code execution or IP leakage exploit (with examples)

Yet Another PHP Shell - The most complete PHP reverse shell

Here you can get full exploit for SAP NetWeaver AS JAVA

My documentation and tools for learn ethical hacking.

CVE-2021-3449 OpenSSL denial-of-service exploit 👨🏻‍💻

Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.