520 Open source projects that are alternatives of or similar to Jscpwn

Reverse Shell as a Service

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Apache Shiro 反序列化漏洞检测与利用工具

Advanced vulnerability scanning with Nmap NSE

A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs

A command-line tool for exploiting stack-based buffer overflow vulnerabilities.

ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit

Real world and CTFs exploiting web/binary POCs.

IoT 固件漏洞复现环境

hack tools

Vulnerability Labs for security analysis

Here you can get full exploit for SAP NetWeaver AS JAVA

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

rsGen is a Reverse Shell Payload Generator for hacking.

Proof of concept of VMSA-2017-0012

Asynchronous Python implementation of SlowLoris DoS attack

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

A collection of electronic hacker magazines carefully curated over the years from multiple sources

项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。

Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing

Misc. Public Reports of Penetration Testing and Security Audits.

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Proofs-of-concept

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Kubernetes security and vulnerability tools and utilities.

iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

Xbox One Symbolic Link Exploit: Access restricted/encrypted volumes using the Xbox File Explorer.

A semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities

Safari local file reader

Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb

SQL Injection Payload List

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

Extraction of iMessage Data via XSS

DoS PoC's for SAP products

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

Unsigned code loader for Exynos BootROM

Some of my public exploits

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

This is a minified exploit for mikrotik routers. It does not require any aditional modules to run.

My exploitDB.

Advanced Web Browser Fingerprinting

Powerful dork searcher and vulnerability scanner for windows platform

Extensible framework for analyzing publicly available information about vulnerabilities

Guest to host VM escape exploit for Parallels Desktop

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Exploiting Edge's read:// urlhandler

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

CryptoLocker is open source files encrypt-er. Crypto is developed in Visual C++. It has features encrypt all file, lock down the system and send keys back to the server. Multi-threaded functionality helps to this tool make encryption faster.

Mikrotik RouterOS (6.x < 6.38.5) exploit kit. Reverse engineered from the "Vault 7" WikiLeaks publication.

NSA Hacking Tool Recreation UnitedRake

Hide your payload into .jpg file

Scan and Export RouterOS Password

Disabling kernel lockdown on Ubuntu without physical access

A local privilege escalation chain from user to kernel for MacOS < 10.15.5. CVE-2020–9854

Plaintext Password harvesting from Azure Windows VMs

Penetration Testing Platform