510 Open source projects that are alternatives of or similar to PoC-CVE-2021-41773

Some personal exploits/pocs

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

A social experiment

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

Poc Collected for study and develop

RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1

CVE-2020-0796 Remote Code Execution POC

鹿不在侧，鲸不予游🐋

Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity

Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

Hacking tools

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

Miscellaneous exploit code

ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)

✍️ A curated list of CVE PoCs.

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Advisories and Proofs of Concept by BlackArrow

A number of scripts POC's and problems solved as pentests move along.

集漏洞验证和任务运行的一个框架

ecshop rce getshell

Public Disclosures

Apache NLPCraft - API to convert natural language into actions.

Web interface for managing Haproxy, Nginx, Apache and Keepalived servers

Some exploits, which I’ve created during my OSCE preparation.

漏洞研究

Hi! Agentgo is a tool for making remote command executions from server to client with golang, protocol buffers (protobuf) and grpc.

Easy secure (single instance) Elastic Beanstalk apps

Exploits for YARA 3.7.1 & 3.8.1

Contact Tracing BLE sniffer PoC

Apache OpenWhisk Runtime Python supports Apache OpenWhisk functions written in Python

windows下apache，php，mysql集成环境

MonitoFi: Health & Performance Monitor for your Apache NiFi

GeoStat, Python script for parsing Nginx and Apache logs files and getting GEO data from incoming IP's.

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.

A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

A simple framework for sending test payloads for known web CVEs.

The open-source IATI datastore for IATI data with RESTful web API providing XML, JSON, CSV output. It extracts and parses IATI XML files referenced in the IATI Registry and powered by Apache Solr.

🔮🔬Front-End testing tool which can be used to create a side by side visual comparison between your live site and local site.

Apache Open Source Software Chat BOT

Red Hat Dependency Analytics extension

Export Airflow metrics (from mysql) in prometheus format

Powerful dork searcher and vulnerability scanner for windows platform

Website sources for the Apache Community Development Website

NVD/CVE as JSON files

Juniper Junos Space (CVE-2020-1611) (PoC)

Extensible framework for analyzing publicly available information about vulnerabilities

FastCGI.com mod_fastcgi apache 2 module fork from http://repo.or.cz/mod_fastcgi.git + last SNAP-0910052141 snapshot

Modified Nuclei Templates Version to FUZZ Host Header

⚡A supercharged, interactive Kafka shell built on top of the existing Kafka CLI tools.