proxylogscanA fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).
Stars: ✭ 145 (+29.46%)
exprologProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)
Stars: ✭ 131 (+16.96%)
Exploit-DevelopmentExploit Development - Weaponized Exploit and Proof of Concepts (PoC)
Stars: ✭ 84 (-25%)
prl guest to hostGuest to host VM escape exploit for Parallels Desktop
Stars: ✭ 26 (-76.79%)
discord-bugs-exploitsA Collection of Various Discord Bugs, Exploits, Un-Documented Parts of the Discord API, and Other Discord Related Miscellaneous Stuff.
Stars: ✭ 22 (-80.36%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+3625.89%)
PoC-BankFocus on cybersecurity | collection of PoC and Exploits
Stars: ✭ 83 (-25.89%)
SubRosaBasic tool to automate backdooring PE files
Stars: ✭ 48 (-57.14%)
xss-http-injectorXSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.
Stars: ✭ 22 (-80.36%)
batchqlGraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
Stars: ✭ 251 (+124.11%)
DoubleStarA personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques
Stars: ✭ 140 (+25%)
CVE-2021-22205GitLab CE/EE Preauth RCE using ExifTool
Stars: ✭ 165 (+47.32%)
RTSPhuzzRTSPhuzz - An RTSP Fuzzer written using the Boofuzz framework
Stars: ✭ 33 (-70.54%)
Ultimate-Guitar-HackThe first tool to download any Guitar Pro file, including 'Official' from Ultimate Guitar
Stars: ✭ 61 (-45.54%)
BoomERFramework for exploiting local vulnerabilities
Stars: ✭ 84 (-25%)
mRemoteNG-DecryptPython script to decrypt passwords stored by mRemoteNG
Stars: ✭ 96 (-14.29%)
PocOrExp in Github聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
Stars: ✭ 544 (+385.71%)
readhookRed-team tool to hook libc read syscall with a buffer overflow vulnerability.
Stars: ✭ 31 (-72.32%)
PythonPython Powered Repository
Stars: ✭ 17 (-84.82%)
overflowA command-line tool for exploiting stack-based buffer overflow vulnerabilities.
Stars: ✭ 66 (-41.07%)
LogServiceCrashPOC code to crash Windows Event Logger Service
Stars: ✭ 23 (-79.46%)
Discord-Block-BypassSimple script that utilities discord's flaw in detecting who blocked who.
Stars: ✭ 24 (-78.57%)
exynos-usbdlUnsigned code loader for Exynos BootROM
Stars: ✭ 57 (-49.11%)
fix4log4jNo description or website provided.
Stars: ✭ 21 (-81.25%)
exploitsSome of my public exploits
Stars: ✭ 50 (-55.36%)
CRAXCRAX: software CRash analysis for Automatic eXploit generation
Stars: ✭ 44 (-60.71%)
exploit-CVE-2015-3306ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container
Stars: ✭ 97 (-13.39%)
LightCosmosRatA remote administration tool for Windows, written in C#
Stars: ✭ 31 (-72.32%)
fusee-nanoA minimalist re-implementation of the Fusée Gelée exploit (http://memecpy.com), designed to run on embedded Linux devices. (Zero dependencies)
Stars: ✭ 49 (-56.25%)
ADMMutateClassic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…
Stars: ✭ 69 (-38.39%)
ios-gamed-0dayiOS gamed exploit (fixed in 15.0.2)
Stars: ✭ 437 (+290.18%)
dirtycowradare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability
Stars: ✭ 93 (-16.96%)
expdevVulnerable software and exploits used for OSCP/OSCE preparation
Stars: ✭ 24 (-78.57%)
CVE-2019-8449CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (-41.07%)
HTPHack The Printer
Stars: ✭ 31 (-72.32%)
shakeitoffWindows MSI Installer LPE (CVE-2021-43883)
Stars: ✭ 68 (-39.29%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (+12.5%)
break-fast-serialA proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
Stars: ✭ 53 (-52.68%)
go-gtfogtfo, now with the speed of golang
Stars: ✭ 59 (-47.32%)
EOS-Proxy-TokenProxy token to allow mitigating EOSIO Ram exploit
Stars: ✭ 22 (-80.36%)
shu-shellWebshell Jumping Edition
Stars: ✭ 23 (-79.46%)
exploitingExploiting challenges in Linux and Windows
Stars: ✭ 122 (+8.93%)
PatrowlHearsDataOpen-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds
Stars: ✭ 66 (-41.07%)
GhostGhost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.
Stars: ✭ 1,934 (+1626.79%)
getroot🛠️ Tool to bypass my school's security system to get sudo privileges on MacOS
Stars: ✭ 34 (-69.64%)
CVE-2018-2380PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM
Stars: ✭ 55 (-50.89%)
kernelpwnkernel-pwn and writeup collection
Stars: ✭ 348 (+210.71%)
rsGenrsGen is a Reverse Shell Payload Generator for hacking.
Stars: ✭ 71 (-36.61%)
BrahmaBrahma - Privilege elevation exploit for Nintendo 3DS
Stars: ✭ 34 (-69.64%)
Discord-Console-hacksA collection of JavaScript Codes I've made to enhance the User Experience of Discord and some other Discord related stuff
Stars: ✭ 353 (+215.18%)
PwnX.py🏴☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit
Stars: ✭ 30 (-73.21%)