581 Open source projects that are alternatives of or similar to prl_guest_to_host

Real world and CTFs exploiting web/binary POCs.

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

hack tools

项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。

Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb

This is a minified exploit for mikrotik routers. It does not require any aditional modules to run.

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Unsigned code loader for Exynos BootROM

A semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities

A Collection of Various Discord Bugs, Exploits, Un-Documented Parts of the Discord API, and Other Discord Related Miscellaneous Stuff.

Some of my public exploits

Advanced Web Browser Fingerprinting

SQL Injection Payload List

Powerful dork searcher and vulnerability scanner for windows platform

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

Proofs-of-concept

Xbox One Symbolic Link Exploit: Access restricted/encrypted volumes using the Xbox File Explorer.

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

Safari local file reader

PoC exploit for CVE-2016-4622

rsGen is a Reverse Shell Payload Generator for hacking.

Proof of concept of VMSA-2017-0012

Extensible framework for analyzing publicly available information about vulnerabilities

A command-line tool for exploiting stack-based buffer overflow vulnerabilities.

Kubernetes security and vulnerability tools and utilities.

My exploitDB.

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

Misc. Public Reports of Penetration Testing and Security Audits.

ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit

Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing

DoS PoC's for SAP products

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

Apache Shiro 反序列化漏洞检测与利用工具

IoT 固件漏洞复现环境

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

Hypervisor Memory Introspection Core Library

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Extraction of iMessage Data via XSS

Here you can get full exploit for SAP NetWeaver AS JAVA

Asynchronous Python implementation of SlowLoris DoS attack

Reverse Shell as a Service

Vulnerability Labs for security analysis

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Advanced vulnerability scanning with Nmap NSE

Exploiting Edge's read:// urlhandler

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs

ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)

iOS 15 0-day exploit (still works in 15.0.2)

Exploiting challenges in Linux and Windows

Self defense post module for metasploit

CRAX: software CRash analysis for Automatic eXploit generation

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images