442 Open source projects that are alternatives of or similar to Mec

exploit code for F5-Big-IP (CVE-2020-5902)

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

Linux privilege escalation auditing tool

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

Some personal exploits/pocs

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

BugBounty Tool

Miscellaneous exploit code

Some exploits, which I’ve created during my OSCE preparation.

Botnet targeting Windows machines written entirely in Python & open source security project.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Quack Toolkit is a set of tools to provide denial of service attacks. Quack Toolkit includes SMS attack tool, HTTP attack tool and many other attack tools.

Advisories, proof of concept files and exploits that have been made public by @pedrib.

Track any ip address with IP-Tracer. IP-Tracer is developed for Linux and Termux. you can retrieve any ip address information using IP-Tracer.

A collection of android Exploits and Hacks

Patch iOS Apps, The Easy Way, Without Jailbreak.

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Exploits and Security Tools Framework 2.0.1

Log any method call of object in Objective-C

[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

ParadoxiaRat : Native Windows Remote access Tool.

CVE-2020-0796 Remote Code Execution POC

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

EternalRocks worm

Track Location With Live Address And Accuracy In Termux

Give a Mask to Phishing URL like a PRO.. A MUST have tool for Phishing.

Getting started with java code auditing 代码审计入门的小项目

linux post-exploitation framework made by linux user

Complete Listing and Usage of Tools used for Ethical Hacking

Chromepass - Hacking Chrome Saved Passwords

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Redis(<=5.0.5) RCE

the free firefox extions of hackbar v2.1.3 v2.2.9 v2.3.1,hackbar 插件未收费的免费版本。适用于chrome浏览器的HackBar-v2.2.6.zip,HackBar-v2.3.1.zip

Web application vulnerability scanner

Tool to generate smart and powerful wordlists

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

A Python Tool For google Hacking

Undetectable & Xor encrypting with custom KEY (FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,... & Automatically Add ICON and MANIFEST to excitable

SambaCry exploit and vulnerable container (CVE-2017-7494)

swiss army knife for hackers

Another web vulnerabilities scanner, this extension works on Chrome and Opera

Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.

A handy collection of my public exploits, all in one place.

Trojan 🐍 (keylogger, take screenshots, open your webcam) 🔓

Script to facilitate different functions and checks

hacker, ready for more of our story ! 🚀

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

Remote Command Execution as SYSTEM on Windows IoT Core (releases available for Python2.7 & Python3)

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

CVE-2018-19276 - OpenMRS Insecure Object Deserialization RCE

Software rendering engine with PBR. Built from scratch on C++.

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

Challenges and vulnerabilities exploitation.