415 Open source projects that are alternatives of or similar to Lpe

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Collection of things made during my OSCP journey

The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

Nailgun attack on ARM devices.

Example of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)

📖 [译] SploitFun Linux x86 Exploit 开发系列教程

kernel privilege escalation enumeration and exploitation framework

CVE-2020-0688_EXP Auto trigger payload & encrypt method

Scan and Export RouterOS Password

windows-kernel-exploits Windows平台提权漏洞集合

Reference: http://www.secgeek.net/bookfresh-vulnerability/

Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.

Exploitation and Mitigation Slides

Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.

🔥 An Exploit framework for Web Vulnerabilities written in Python

hack tools

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

Notes about attacking Jenkins servers

Metasploit Cheat Sheet 💣

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Allows you to crash any Windows user

PegaSwitch is an exploit toolkit for the Nintendo Switch

Proofs-of-concept

My proof-of-concept exploits for the Linux kernel

Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)

Check if your VPN leaks your IP address via the WebRTC technology

for mass exploiting

Collection of things made during my preparation to take on OSEE

Hypervisor Memory Introspection Core Library

my oscp prep collection

My first Android app: Launch Fusée Gelée payloads from stock Android (CVE-2018-6242)

Miscellaneous exploit code

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

generate and search pattern string for exploit development

Detect deauthentication frames using an ESP8266

Focus on cybersecurity | collection of PoC and Exploits

EternalRocks worm

Public repository of static GDB and GDBServer

linux-kernel-exploits Linux平台提权漏洞集合

Mikrotik RouterOS (6.x < 6.38.5) exploit kit. Reverse engineered from the "Vault 7" WikiLeaks publication.

Kindle 5.6.5 exploitation tools.

pwninit - automate starting binary exploit challenges

An exploit for Apache Struts CVE-2017-5638

Disabling kernel lockdown on Ubuntu without physical access

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

😎 Curated list about cryptocurrency security (reverse / exploit / fuzz..)

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Here you can get full exploit for SAP NetWeaver AS JAVA

PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

PHPMailer < 5.2.18 Remote Code Execution exploit and vulnerable container

CVE-2019-1458 Windows LPE Exploit

Discover duplication glitches, abusive staff giving items, x-ray or simply poor server economy.

Hide your payload into .jpg file

Yet another implementation of AEG (Automated Exploit Generation) using symbolic execution engine Triton.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Safari local file reader

CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.