137 Open source projects that are alternatives of or similar to Poc Collection

PoC of injecting code into a running Linux process

RouterOS Security Research Tooling and Proof of Concepts

A social experiment

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)

Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

红队综合渗透框架

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

Exploit Discord's cache system to remote upload payloads on Discord users machines

hacker, ready for more of our story ! 🚀

Working Python test and PoC for CVE-2018-11776, includes Docker lab

POC for my Medium article

image processing codes to understand algorithm

Proof of Concepts

PoC materials for article https://habr.com/en/post/486856/

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

💣 Remotely render any nearby iPhone or iPad unusable

CMS渗透测试框架-A CMS Exploit Framework

Python3编写的CMS漏洞检测框架

vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

Blueborne CVE-2017-0785 Android information leak vulnerability

Miscellaneous exploit code

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

用cel-go重现了长亭xray的poc检测功能的轮子

prove of concept using angularjs (1.x) accessing github api

ISF(Industrial Security Exploitation Framework) is a exploitation framework based on Python.

Poc Collected for study and develop

SpectreExploit POC

CVE-2020-10199、CVE-2020-10204漏洞一键检测工具，图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.

Exploit Code for CVE-2020-1472 aka Zerologon

Very simplified shop sales system made in a microservices architecture using quarkus

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity

Hacking Charles Web Debugging Proxy

Hacking tools

Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）

🐩 Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566 🐩

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

Krack POC

Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.

PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)

白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目

Blueborne CVE-2017-0781 Android heap overflow vulnerability

Proofs-of-concept

Cross platform PoC ransomware written in Go

A python script designed to check if the website if vulnerable of clickjacking and create a poc

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

CVE-2020-1206 Uninitialized Kernel Memory Read POC

Focus on cybersecurity | collection of PoC and Exploits

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Authenticate against a MySQL server without knowing the cleartext password

☠️ Call of Duty - Vulnerabilities and proof-of-concepts

collection poc use pocsuite framework 收集一些 poc with pocsuite框架

Algorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.