1605 Open source projects that are alternatives of or similar to Penetration_testing_poc

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Hacking tools

A social experiment

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

Some personal exploits/pocs

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Top disclosed reports from HackerOne

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

Miscellaneous exploit code

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

No description or website provided.

RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

SambaCry exploit and vulnerable container (CVE-2017-7494)

CMS渗透测试框架-A CMS Exploit Framework

Web Application Security Scanner Framework

基于thinkphp的内容管理系统，可快速搭建个人博客、公司学校官网、新闻类站点。

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

Extraction of iMessage Data via XSS

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.

Advanced vulnerability scanning with Nmap NSE

Python3编写的CMS漏洞检测框架

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

Hourly updated database of exploit and exploitation reports

Multi source CVE/exploit parser.

DoS PoC's for SAP products

Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam

Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…

ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)

radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability

Focus on cybersecurity | collection of PoC and Exploits

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Audit tool to find common vulnerabilities in PHP source code

🛠️ Tool to bypass my school's security system to get sudo privileges on MacOS

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

an RCE (remote command execution) approach of CVE-2018-7750

Some exploits, which I’ve created during my OSCE preparation.

A number of scripts POC's and problems solved as pentests move along.

Extensible framework for analyzing publicly available information about vulnerabilities

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Authentication bypass for outdated WoW emulation authentication servers

基于thinkphp5.1 的内容管理系统，可快速搭建博客、企业站；并且增加了实时聊天室

CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers

Misc. Public Reports of Penetration Testing and Security Audits.