361 Open source projects that are alternatives of or similar to MSF-Self-Defence

AliGuard PHP WAF

Framework for exploiting local vulnerabilities

Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.

Purelove is a lightweight penetration testing framework, in order to better security testers testing holes with use.

A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs

Some of my public exploits

PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM

POC code to crash Windows Event Logger Service

radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability

Hourly updated database of exploit and exploitation reports

All Day DevOps - Automated Infrastructure Security Monitoring and Defence (ELK + AWS Lambda)

Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam

A collection of JavaScript Codes I've made to enhance the User Experience of Discord and some other Discord related stuff

Proof of concept of VMSA-2017-0012

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

Focus on cybersecurity | collection of PoC and Exploits

Group satellites into constellations such that their average observation coverage is maximized

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

An application to catch, search and analyze HTTP secure headers.

ARM rop chain gadget searcher

Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.

Unsigned code loader for Exynos BootROM

Metasploit framework with steroids

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Extraction of iMessage Data via XSS

GitLab CE/EE Preauth RCE using ExifTool

kernel-pwn and writeup collection

A command-line tool for exploiting stack-based buffer overflow vulnerabilities.

A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques

DoS PoC's for SAP products

OpenSSH remote DOS exploit and vulnerable container

Webshell Jumping Edition

Basic tool to automate backdooring PE files

Implementation of the KDD 2020 paper "Graph Structure Learning for Robust Graph Neural Networks"

Simple and fast discord token cracker

🛠️ Tool to bypass my school's security system to get sudo privileges on MacOS

Lightweight utility to fool port scanners

rsGen is a Reverse Shell Payload Generator for hacking.

A remote administration tool for Windows, written in C#

Brahma - Privilege elevation exploit for Nintendo 3DS

The first tool to download any Guitar Pro file, including 'Official' from Ultimate Guitar

Drupal < 7.58 - Drupalgeddon 3 Authenticated Remote Code Execution (Metasploit)

Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…

Proxy token to allow mitigating EOSIO Ram exploit

POC script for the ManageEngine Multiple Products Authenticated File Upload Exploit

free exploit framework written use python language version 3.3

Exploit PollDaddy polls

EAD: Elastic-Net Attacks to Deep Neural Networks via Adversarial Examples

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

XSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

Red-team tool to hook libc read syscall with a buffer overflow vulnerability.

CRAX: software CRash analysis for Automatic eXploit generation

A minimalist re-implementation of the Fusée Gelée exploit (http://memecpy.com), designed to run on embedded Linux devices. (Zero dependencies)

一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.

SHIELD: Fast, Practical Defense and Vaccination for Deep Learning using JPEG Compression

Hack The Printer