Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (+1470.59%)
Android-Task-InjectionTask Hijacking in Android (somebody call it also StrandHogg vulnerability)
Stars: ✭ 52 (+205.88%)
Process Inject在Windows环境下的进程注入方法:远程线程注入、创建进程挂起注入、反射注入、APCInject、SetWindowHookEX注入
Stars: ✭ 395 (+2223.53%)
Injdrvproof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
Stars: ✭ 541 (+3082.35%)
SandyA tiny "sandbox" to run untrusted code 🏖️
Stars: ✭ 335 (+1870.59%)
Cve 2017 0785Blueborne CVE-2017-0785 Android information leak vulnerability
Stars: ✭ 428 (+2417.65%)
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+36476.47%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+24447.06%)
NetbareNet packets capture & injection library designed for Android
Stars: ✭ 716 (+4111.76%)
GowaptGo Web Application Penetration Test
Stars: ✭ 300 (+1664.71%)
Pyflame🔥 Pyflame: A Ptracing Profiler For Python. This project is deprecated and not maintained.
Stars: ✭ 2,930 (+17135.29%)
Drupalgeddon2Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)
Stars: ✭ 464 (+2629.41%)
RouterosRouterOS Security Research Tooling and Proof of Concepts
Stars: ✭ 603 (+3447.06%)
Hackinghacker, ready for more of our story ! 🚀
Stars: ✭ 413 (+2329.41%)
MemorpyPython library using ctypes to search/edit windows / linux / macOS / SunOS programs memory
Stars: ✭ 721 (+4141.18%)
LadongoLadon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Stars: ✭ 366 (+2052.94%)
CmspocCMS渗透测试框架-A CMS Exploit Framework
Stars: ✭ 557 (+3176.47%)
PocProof of Concepts
Stars: ✭ 809 (+4658.82%)
AimtuxA large Linux csgo cheat/hack
Stars: ✭ 525 (+2988.24%)
Poccollecta plenty of poc based on python
Stars: ✭ 289 (+1600%)
AtlasQuick SQLMap Tamper Suggester
Stars: ✭ 679 (+3894.12%)
Cve 2019 1003000 Jenkins Rce PocJenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
Stars: ✭ 270 (+1488.24%)
Bylibrary白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目
Stars: ✭ 488 (+2770.59%)
PocProofs-of-concept
Stars: ✭ 467 (+2647.06%)
SqlinjectionwikiA wiki focusing on aggregating and documenting various SQL injection methods
Stars: ✭ 623 (+3564.71%)
Osprey Stars: ✭ 431 (+2435.29%)
Charles HackingHacking Charles Web Debugging Proxy
Stars: ✭ 775 (+4458.82%)
YsoserialA proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Stars: ✭ 4,808 (+28182.35%)
PixloadImage Payload Creating/Injecting tools
Stars: ✭ 586 (+3347.06%)
Aspect InjectorAOP framework for .NET (c#, vb, etc)
Stars: ✭ 398 (+2241.18%)
RappelA linux-based assembly REPL for x86, amd64, armv7, and armv8
Stars: ✭ 818 (+4711.76%)
Svg Inject A tiny, intuitive, robust, caching solution for injecting SVG files inline into the DOM.
Stars: ✭ 559 (+3188.24%)
Poc Exppoc or exp of android vulnerability
Stars: ✭ 362 (+2029.41%)
Javadeserh2hcSample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
Stars: ✭ 361 (+2023.53%)
Am I Affected By MeltdownMeltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.
Stars: ✭ 549 (+3129.41%)
Cve 2019 07083389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)
Stars: ✭ 350 (+1958.82%)
ImagejsSmall tool to package javascript into a valid image file.
Stars: ✭ 828 (+4770.59%)
Cve 2018 7600💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002
Stars: ✭ 330 (+1841.18%)
AviatorAntivirus evasion project
Stars: ✭ 529 (+3011.76%)
SharpneedleInject C# code into a running process
Stars: ✭ 301 (+1670.59%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (+3976.47%)
Kangaru🦘 A dependency injection container for C++11, C++14 and later
Stars: ✭ 297 (+1647.06%)
DlinjectInject a shared library (i.e. arbitrary code) into a live linux process, without ptrace
Stars: ✭ 521 (+2964.71%)
Poc SPOC-T强化版本 POC-S , 用于红蓝对抗中快速验证Web应用漏洞, 对功能进行强化以及脚本进行分类添加,自带dnslog等, 平台补充来自vulhub靶机及其他开源项目的高可用POC
Stars: ✭ 285 (+1576.47%)
Medusa🐈Medusa是一个红队武器库平台,目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能,持续开发中 http://medusa.ascotbe.com
Stars: ✭ 796 (+4582.35%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+22594.12%)
Cve 2020 0796 PocPoC for triggering buffer overflow via CVE-2020-0796
Stars: ✭ 266 (+1464.71%)
Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (+2758.82%)
Quarkus Microservices PocVery simplified shop sales system made in a microservices architecture using quarkus
Stars: ✭ 16 (-5.88%)
KoinKoin - a pragmatic lightweight dependency injection framework for Kotlin
Stars: ✭ 7,142 (+41911.76%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+4464.71%)
FastjsonexploitFastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
Stars: ✭ 645 (+3694.12%)