YsoserialA proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Stars: ✭ 4,808 (+1231.86%)
Bitp0wnAlgorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.
Stars: ✭ 59 (-83.66%)
JexbossJexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
Stars: ✭ 2,008 (+456.23%)
PubVulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb
Stars: ✭ 217 (-39.89%)
dheaterD(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Stars: ✭ 142 (-60.66%)
rsGenrsGen is a Reverse Shell Payload Generator for hacking.
Stars: ✭ 71 (-80.33%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (-33.24%)
Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (+34.63%)
Reverse ShellReverse Shell as a Service
Stars: ✭ 1,281 (+254.85%)
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+1622.44%)
ExphubExphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
Stars: ✭ 3,056 (+746.54%)
Cve 2020 10199 cve 2020 10204CVE-2020-10199、CVE-2020-10204漏洞一键检测工具,图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.
Stars: ✭ 20 (-94.46%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-75.9%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-93.35%)
PocProofs-of-concept
Stars: ✭ 467 (+29.36%)
PoccollectPoc Collected for study and develop
Stars: ✭ 15 (-95.84%)
Hackinghacker, ready for more of our story ! 🚀
Stars: ✭ 413 (+14.4%)
CVE-2020-1611Juniper Junos Space (CVE-2020-1611) (PoC)
Stars: ✭ 25 (-93.07%)
CVE-2021-33766ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit
Stars: ✭ 37 (-89.75%)
NSE-scriptsNSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (-70.91%)
LiffyLocal file inclusion exploitation tool
Stars: ✭ 290 (-19.67%)
Java Multi Thread Programming🏆 《Java多线程编程核心技术》📚(高洪严 著 机械工业出版社) 源码 https://loveincode.github.io/java-multi-thread-programming/
Stars: ✭ 325 (-9.97%)
Meinsa personal and smart journal
Stars: ✭ 288 (-20.22%)
Os kernel labOS kernel labs based on Rust/C Lang & RISC-V 64/X86-32
Stars: ✭ 3,332 (+822.99%)
KomputationKomputation is a neural network framework for the Java Virtual Machine written in Kotlin and CUDA C.
Stars: ✭ 295 (-18.28%)
Iblessingiblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.
Stars: ✭ 326 (-9.7%)
Poccollecta plenty of poc based on python
Stars: ✭ 289 (-19.94%)
JvmJVM written in Rust
Stars: ✭ 346 (-4.16%)
CattrsComplex custom class converters for attrs.
Stars: ✭ 286 (-20.78%)
Dotenv Kotlin🗝️ Dotenv is a module that loads environment variables from a .env file
Stars: ✭ 326 (-9.7%)
JrubyJRuby is an implementation of the Ruby language
using the JVM.
Stars: ✭ 3,576 (+890.58%)
Poc SPOC-T强化版本 POC-S , 用于红蓝对抗中快速验证Web应用漏洞, 对功能进行强化以及脚本进行分类添加,自带dnslog等, 平台补充来自vulhub靶机及其他开源项目的高可用POC
Stars: ✭ 285 (-21.05%)
RbndrSimple DNS Rebinding Service
Stars: ✭ 343 (-4.99%)
Jvm.goA toy JVM written in Go
Stars: ✭ 3,374 (+834.63%)
RevsslA script that automates generation of OpenSSL reverse shells
Stars: ✭ 284 (-21.33%)
Vulnerable NodeA very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools
Stars: ✭ 282 (-21.88%)
FidlA sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 319 (-11.63%)
JikesrvmJikes RVM (Research Virtual Machine)
Stars: ✭ 281 (-22.16%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+785.87%)
Gosu LangThe Gosu programming language
Stars: ✭ 338 (-6.37%)
Idris JvmJVM bytecode back end for Idris
Stars: ✭ 317 (-12.19%)
SerialkillerLook-Ahead Java Deserialization Library
Stars: ✭ 277 (-23.27%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+968.7%)
Arquillian CoreArquillian provides a component model for integration tests, which includes dependency injection and container life cycle management. Instead of managing a runtime in your test, Arquillian brings your test to the runtime.
Stars: ✭ 315 (-12.74%)
TalosTalos Particle Engine
Stars: ✭ 275 (-23.82%)
Maxine VmMaxine VM: A meta-circular research VM
Stars: ✭ 274 (-24.1%)
Cve 2019 07083389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)
Stars: ✭ 350 (-3.05%)
HexagonHexagon is a microservices toolkit written in Kotlin. Its purpose is to ease the building of services (Web applications, APIs or queue consumers) that run inside a cloud platform.
Stars: ✭ 336 (-6.93%)
FerrugoFerrugo is a JVM implementation written in Rust
Stars: ✭ 272 (-24.65%)
Cve 2019 1003000 Jenkins Rce PocJenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
Stars: ✭ 270 (-25.21%)
ApiVulners Python API wrapper
Stars: ✭ 313 (-13.3%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-26.04%)
Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (-26.04%)
Cve 2020 0796 PocPoC for triggering buffer overflow via CVE-2020-0796
Stars: ✭ 266 (-26.32%)