163 Open source projects that are alternatives of or similar to Poc S

Vagrant As Automation Script

Documentation, configuration, reference material and other information around an Asterisk-based VNF

🔮🔬Front-End testing tool which can be used to create a side by side visual comparison between your live site and local site.

Blueborne CVE-2017-1000251 PoC for linux machines

A Python obfuscator using HTTP Requests and Hastebin.

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

A tool for fuzzing for ports that allow outgoing connections

IOTA Proof of Concept, store MQTT messages on the tangle.

A number of scripts POC's and problems solved as pentests move along.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)

Writing Spyware Made Easy - POC spyware Chrome Extension/Server

Some personal exploits/pocs

🦄🔒 Awesome list of secrets in environment variables 🖥️

GZip HTTP Bombing in Python for everyone

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

WiFi Penetration Testing Guide

Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform bulk vulnerability verification for multiple targets.

CVE-2020-11651: Proof of Concept

Creates a Simulation of Fake Web Events

We're working with community non-profits who have a Host Home or empty bedrooms initiative to develop a workflow management tool to make the process scalable (across all providers), reduce institutional bias, and effectively capture data.

ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit

PoC; terraform + kubeadm

Contact Tracing BLE sniffer PoC

Hamster是基于mitmproxy开发的异步被动扫描框架，基于http代理进行被动扫描，主要功能为重写数据包、签名、漏洞扫描、敏感参数收集等功能（开发中）。

PoC ActiveX SVG Document Execution

Contained is all my reference material for my OSCP preparation. Designed to be a one stop shop for code, guides, command syntax, and high level strategy. One simple clone and you have access to some of the most popular tools used for pentesting.

CVE-2020-8597 pppd buffer overflow poc

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

A Proof-of-Concept tool utilizing open DNS resolvers to produce an amplification attack against web servers. Using Shodan APIs and native Linux commands, this tool is in development to cripple web servers using spoofed DNS recursive queries.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

CVE-2020-0796 Pre-Auth POC

PoC for triggering buffer overflow via CVE-2020-0796

wifi attacks suite

Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers

POC de uma aplicação de domínio financeiro.

DeepfakeHTTP is a web server that uses HTTP dumps as a source for responses.

Pools organized for Epitech's students in 2021.

Exploits for YARA 3.7.1 & 3.8.1

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

A PoC on passing data through UNIX file privilege bits (RWX Triplets)

Scan for and exploit Consul agents

Task Hijacking in Android (somebody call it also StrandHogg vulnerability)

Misc. Public Reports of Penetration Testing and Security Audits.

Focus on cybersecurity | collection of PoC and Exploits

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

Formal verification of Elastic-Agent and more using BDD

an RCE (remote command execution) approach of CVE-2018-7750

Fileless attack with persistence

集漏洞验证和任务运行的一个框架

GitLab CE/EE Preauth RCE using ExifTool

A complete Grabber, sending data to a TCP server that you have to host and stocking all in a database.

Juniper Junos Space (CVE-2020-1611) (PoC)

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

No description or website provided.

A scavenger / conqueror wrapper for collision free multi mining of PoC coins