Gtfobins.github.ioGTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Stars: ✭ 6,030 (+200.3%)
RootMyTV.github.ioRootMyTV is a user-friendly exploit for rooting/jailbreaking LG webOS smart TVs.
Stars: ✭ 745 (-62.9%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-94.77%)
ReverseShellDllC++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked
Stars: ✭ 69 (-96.56%)
ByepgDefeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI
Stars: ✭ 467 (-76.74%)
CVE-2019-10149CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
Stars: ✭ 15 (-99.25%)
Scripts-SploitsA number of scripts POC's and problems solved as pentests move along.
Stars: ✭ 37 (-98.16%)
ChimeraChimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (-76.94%)
apple-knowledgeA collection of reverse engineered Apple things, as well as a machine-readable database of Apple hardware
Stars: ✭ 338 (-83.17%)
NoprotoFlexible, Fast & Compact Serialization with RPC
Stars: ✭ 138 (-93.13%)
arduino-ble-gadgetCreate your own Do-It-Yourself BLE enabled sensor gadget on the ESP32 platform.
Stars: ✭ 31 (-98.46%)
Drupalgeddon2Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)
Stars: ✭ 464 (-76.89%)
Chimay RedMikrotik RouterOS (6.x < 6.38.5) exploit kit. Reverse engineered from the "Vault 7" WikiLeaks publication.
Stars: ✭ 63 (-96.86%)
Jackson Module KotlinModule that adds support for serialization/deserialization of Kotlin (http://kotlinlang.org) classes and data classes.
Stars: ✭ 830 (-58.67%)
destiny-macrosA collection of Destiny 2 macros built with AutoHotKey
Stars: ✭ 24 (-98.8%)
pygobSmall Python library that can decode the Go gob format
Stars: ✭ 28 (-98.61%)
Cve 2018 8120CVE-2018-8120 Windows LPE exploit
Stars: ✭ 447 (-77.74%)
CamOverCamOver is a camera exploitation tool that allows to disclosure network camera admin password.
Stars: ✭ 217 (-89.19%)
Gitlab rceRCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
Stars: ✭ 104 (-94.82%)
BCA-PhantomA multi-platform HTTP(S) Reverse Shell Server and Client in Python 3
Stars: ✭ 80 (-96.02%)
HvmiHypervisor Memory Introspection Core Library
Stars: ✭ 438 (-78.19%)
ProxyLogonProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)
Stars: ✭ 112 (-94.42%)
TinkerershellA simple python reverse shell written just for fun.
Stars: ✭ 62 (-96.91%)
shakeitoffWindows MSI Installer LPE (CVE-2021-43883)
Stars: ✭ 68 (-96.61%)
CovertutilsA framework for Backdoor development!
Stars: ✭ 424 (-78.88%)
Search LibcWeb wrapper of niklasb/libc-database
Stars: ✭ 124 (-93.82%)
PythonPython Powered Repository
Stars: ✭ 17 (-99.15%)
php-reverse-shellPHP shells that work on Linux OS, macOS, and Windows OS.
Stars: ✭ 274 (-86.35%)
UnlockdownDisabling kernel lockdown on Ubuntu without physical access
Stars: ✭ 62 (-96.91%)
kafka-protobuf-serdeSerializer/Deserializer for Kafka to serialize/deserialize Protocol Buffers messages
Stars: ✭ 52 (-97.41%)
ToratToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
Stars: ✭ 415 (-79.33%)
exploit-CVE-2015-3306ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container
Stars: ✭ 97 (-95.17%)
ColanderA serialization/deserialization/validation library for strings, mappings and lists.
Stars: ✭ 408 (-79.68%)
expdevVulnerable software and exploits used for OSCP/OSCE preparation
Stars: ✭ 24 (-98.8%)
Sap exploitHere you can get full exploit for SAP NetWeaver AS JAVA
Stars: ✭ 60 (-97.01%)
CodableWrapper@codec("encoder", "decoder") var cool: Bool = true
Stars: ✭ 143 (-92.88%)
Firmware slapDiscovering vulnerabilities in firmware through concolic analysis and function clustering.
Stars: ✭ 407 (-79.73%)
go-gtfogtfo, now with the speed of golang
Stars: ✭ 59 (-97.06%)
Pyjson tricksExtra features for Python's JSON: comments, order, numpy, pandas, datetimes, and many more! Simple but customizable.
Stars: ✭ 131 (-93.48%)
Mappableflexible JSON to Model converter, specially optimized for immutable properties
Stars: ✭ 27 (-98.66%)
GodSpeedFast and intuitive manager for multiple reverse shells
Stars: ✭ 75 (-96.26%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (-46.26%)
lazyjsonmapperAdvanced, intelligent & automatic object-oriented JSON containers for PHP.
Stars: ✭ 48 (-97.61%)
trolotrolo - an easy to use script for generating Payloads that bypasses antivirus
Stars: ✭ 45 (-97.76%)
Hisilicon Dvr TelnetPoC materials for article https://habr.com/en/post/486856/
Stars: ✭ 101 (-94.97%)
AvroConvertApache Avro serializer for .NET
Stars: ✭ 44 (-97.81%)
Shellen🌸 Interactive shellcoding environment to easily craft shellcodes
Stars: ✭ 799 (-60.21%)
log4j2-rce-exploitlog4j2 remote code execution or IP leakage exploit (with examples)
Stars: ✭ 62 (-96.91%)
Struts PwnAn exploit for Apache Struts CVE-2017-5638
Stars: ✭ 391 (-80.53%)
Serde Xml Rsxml-rs based deserializer for Serde (compatible with 1.0+)
Stars: ✭ 141 (-92.98%)
FlatsharpFast, idiomatic C# implementation of Flatbuffers
Stars: ✭ 133 (-93.38%)
PhonesploitA tool for remote ADB exploitation in Python3 for all Machines.
Stars: ✭ 122 (-93.92%)