863 Open source projects that are alternatives of or similar to PayloadsAll

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

An Extended, Modulair, Host Discovery Framework

Unsigned code loader for Exynos BootROM

Cheat-Sheet of tools for penetration testing

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.

Weblogic coherence.jar RCE

Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.

Python bind shell single line code for both Unix and Windows, used to find and exploit RCE (ImageMagick, Ghostscript, ...)

This Python script can be used to bypass IP source restrictions using HTTP headers.

exploit code for F5-Big-IP (CVE-2020-5902)

✨ Purpose only! The dangers of Bluetooth Low Energy（BLE）implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.

Reverse Shell as a Service

ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container

Advanced Web Browser Fingerprinting

Python SDK to access the vulnerability database

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

SmartBugs: A Framework to Analyze Solidity Smart Contracts

VNC pentest tool with bruteforce and ducky script execution features

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

Distributed, workflow-driven integration environment

vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.

Toolset for detecting reflected xss in websites

🛠 Tools and scripts to manipulate Android APKs

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

An Awesome List of Log4Shell resources to help you stay informed and secure! 🔒

No description or website provided.

Inventus is a spider designed to find subdomains of a specific domain by crawling it and any subdomains it discovers.

Extensible framework for analyzing publicly available information about vulnerabilities

Android application fuzzing framework with fuzzers and crash monitor.

Generate MS Word template-based reports with HP WebInspect / Burp Suite Pro input, own custom data and knowledge base.

Python toolbox to evaluate graph vulnerability and robustness (CIKM 2021)

MrsPicky - An IDAPython decompiler script that helps auditing calls to the memcpy() and memmove() functions.

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images

PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits

Cumulus is web application weakness monitoring, it would be working by add just 3 codelines

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

A collection of my public security advisories.

Fast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques

My solutions to the 2020 NSA Codebreaker Challenge

CLI to integrate continuous fuzzing with Fuzzit

PHP - Automatically add an "index.php" in all directories recursively

Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)

一些漏洞分析

Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb

Test your Security Skills, and Clean Code Development as a Pythonist, Hacker & Warrior 🥷🏻

Adobe Experience Manager Vulnerability Scanner

Tenable.io SDK offers a scalable and safe way to integrate with the Tenable.io platform.

A Binary Ninja plugin for vulnerability research.

aquatone results for sites with bug bountys

thinkphp5 rce getshell

Huorong Internet Security vulnerabilities 火绒安全软件漏洞

使用docker快速搭建各大漏洞靶场，目前可以一键搭建17个靶场。

Traditional Mitigation in GCC to defend Memory Corruption Vulnerability

Proof of concept of VMSA-2017-0012

bluekeep exploit

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

A sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)

exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts

A collection of electronic hacker magazines carefully curated over the years from multiple sources