685 Open source projects that are alternatives of or similar to Isoalloc

This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

CTF framework and exploit development library

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢

PHPMailer < 5.2.18 Remote Code Execution exploit and vulnerable container

📢 🔒 Exploit farm for attack-defense CTF competitions

RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1

A social experiment

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

The Memory Pool System

Remote Command Execution as SYSTEM on Windows IoT Core (releases available for Python2.7 & Python3)

PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)

Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield

A memory allocator that automatically reduces the memory footprint of C/C++ applications.

Android Kernel Exploitation

Roundcube 1.0.0 <= 1.2.2 Remote Code Execution exploit and vulnerable container

MS17-010: Python and Meterpreter

Various local exploits

Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits

C++ GUI for TegraRcmSmash (Fusée Gelée exploit for Nintendo Switch)

CMS auto detect and exploit.

Responsive Command and Control System

A Laravel Nova tool for Spatie's laravel-permission library

📓 Our cool, secure, and offline-first Markdown editor.

How to prepare for OSCP complete guide

Broadcom and Cypress firmware emulation for fuzzing and further full-stack debugging

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum.

Web torrent downloader and cloud storage.

Kubernetes cluster provisioning using Terraform.

Simple Golang HTTPS/TLS Examples

My implementation of 85+ popular data structures and algorithms and interview questions in Python 3 and C++

Embedded systems memory management library. Implementations for malloc(), free(), and other useful memory management functions

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

CryptoLocker is open source files encrypt-er. Crypto is developed in Visual C++. It has features encrypt all file, lock down the system and send keys back to the server. Multi-threaded functionality helps to this tool make encryption faster.

😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!

Notes about attacking Jenkins servers

Remot3d: is a simple tool created for large pentesters as well as just for the pleasure of defacers to control server by backdoors

Bluetooth scanner for local devices that may be vulnerable to Blueborne exploit

Reducing memory allocations from 7.5GB to 32KB

Memory allocators

Cone Programming Language

A local privilege escalation chain from user to kernel for MacOS < 10.15.5. CVE-2020–9854

Patch for Waterfall to improve performance during attacks and fix memory issues.

PegaSwitch is an exploit toolkit for the Nintendo Switch

An agile, small, productive and robust MVC framework for PHP with high-quality JS extensions and integrated AJAX support.

PoC materials for article https://habr.com/en/post/486856/

Secure drive wipe

Yet another implementation of AEG (Automated Exploit Generation) using symbolic execution engine Triton.

Quickly watch real-time memory stats of your nuxt app

Kissme: Kotlin Secure Storage Multiplatform

Secure chat software for your computer.

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

Allows you to crash any Windows user

CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.

IoT 固件漏洞复现环境

Some common patterns of memory leaks in Android development and how to fix/avoid them

Vulnerability Labs for security analysis

漏洞利用框架模块分享仓库