PocProofs-of-concept
Stars: ✭ 467 (-88.12%)
Spectre Meltdown PocA semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities
Stars: ✭ 127 (-96.77%)
NailgunNailgun attack on ARM devices.
Stars: ✭ 114 (-97.1%)
Umbraco-RCEUmbraco CMS 7.12.4 - (Authenticated) Remote Code Execution
Stars: ✭ 61 (-98.45%)
Traitor⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket
Stars: ✭ 3,473 (-11.65%)
KeyloggerKeylogger is 100% invisible keylogger not only for users, but also undetectable by antivirus software. Blackcat keylogger Monitors all keystokes, Mouse clicks. It has a seperate process which continues capture system screenshot and send to ftp server in given time.
Stars: ✭ 271 (-93.11%)
Jenkins Rce😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!
Stars: ✭ 262 (-93.34%)
GefGEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢
Stars: ✭ 4,197 (+6.77%)
Iblessingiblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.
Stars: ✭ 326 (-91.71%)
Android ExploitsA collection of android Exploits and Hacks
Stars: ✭ 290 (-92.62%)
Macos Kernel ExploitmacOS Kernel Exploit for CVE-2019-8781. Credit for the bug goes to @LinusHenze :)
Stars: ✭ 279 (-92.9%)
TrinityTrinity Exploit - Emulator Escape
Stars: ✭ 371 (-90.56%)
Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (-93.21%)
JsshellAn interactive multi-user web JS shell
Stars: ✭ 330 (-91.61%)
Remot3dRemot3d: is a simple tool created for large pentesters as well as just for the pleasure of defacers to control server by backdoors
Stars: ✭ 263 (-93.31%)
Struts PwnAn exploit for Apache Struts CVE-2017-5638
Stars: ✭ 391 (-90.05%)
FlameCordPatch for Waterfall to improve performance during attacks and fix memory issues.
Stars: ✭ 103 (-97.38%)
Exploit-DevelopmentExploit Development - Weaponized Exploit and Proof of Concepts (PoC)
Stars: ✭ 84 (-97.86%)
xsymlinkXbox One Symbolic Link Exploit: Access restricted/encrypted volumes using the Xbox File Explorer.
Stars: ✭ 18 (-99.54%)
Exploit Cve 2016 10033PHPMailer < 5.2.18 Remote Code Execution exploit and vulnerable container
Stars: ✭ 356 (-90.94%)
moonwalkCover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
Stars: ✭ 544 (-86.16%)
VbscanOWASP VBScan is a Black Box vBulletin Vulnerability Scanner
Stars: ✭ 295 (-92.5%)
Pwn2exploitall mine papers, pwn & exploit
Stars: ✭ 289 (-92.65%)
LadongoLadon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Stars: ✭ 366 (-90.69%)
Cve 2017 11882CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum.
Stars: ✭ 280 (-92.88%)
AndroratAndroRAT | Remote Administrator Tool for Android OS Hacking
Stars: ✭ 340 (-91.35%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (-1.86%)
Cve 2019 1003000 Jenkins Rce PocJenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
Stars: ✭ 270 (-93.13%)
GtfoSearch gtfobins and lolbas files from your terminal
Stars: ✭ 336 (-91.45%)
Webcgi ExploitsMulti-language web CGI interfaces exploits.
Stars: ✭ 268 (-93.18%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+6.16%)
Cve 2018 7600💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002
Stars: ✭ 330 (-91.61%)
ShellverReverse Shell Cheat Sheet TooL
Stars: ✭ 258 (-93.44%)
sicakSIde-Channel Analysis toolKit: embedded security evaluation tools
Stars: ✭ 17 (-99.57%)
SirepratRemote Command Execution as SYSTEM on Windows IoT Core (releases available for Python2.7 & Python3)
Stars: ✭ 326 (-91.71%)
CVE-2018-7750an RCE (remote command execution) approach of CVE-2018-7750
Stars: ✭ 18 (-99.54%)
EternalblueEternalblue written in CSharp. Contains version detection, vulnerability scanner and exploit of MS17-010
Stars: ✭ 150 (-96.18%)
ArmpwnRepository to train/learn memory corruption on the ARM platform.
Stars: ✭ 320 (-91.86%)
HyperpwnA hyper plugin to provide a flexible GDB GUI with the help of GEF, pwndbg or peda
Stars: ✭ 387 (-90.16%)
Pwn2own2020Compromising the macOS Kernel through Safari by Chaining Six Vulnerabilities
Stars: ✭ 314 (-92.01%)
ExploitsReal world and CTFs exploiting web/binary POCs.
Stars: ✭ 69 (-98.24%)
external-protocol-floodingScheme flooding vulnerability: how it works and why it is a threat to anonymous browsing
Stars: ✭ 603 (-84.66%)
Chimay-Red-tinyThis is a minified exploit for mikrotik routers. It does not require any aditional modules to run.
Stars: ✭ 25 (-99.36%)
Windows kernel resourcesPapers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits
Stars: ✭ 298 (-92.42%)