350 Open source projects that are alternatives of or similar to ProxyLogon

log4j2 remote code execution or IP leakage exploit (with examples)

Yet Another PHP Shell - The most complete PHP reverse shell

My documentation and tools for learn ethical hacking.

CVE-2021-3449 OpenSSL denial-of-service exploit 👨🏻‍💻

Misc. Public Reports of Penetration Testing and Security Audits.

Ladon Moudle MS17010 Exploit for PowerShell

HatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.

ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit

Very simple script(s) to hasten binary exploit creation

Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation

Experiments on C/C++ Exploits

A simple PHP application to learn SQL Injection detection and exploitation techniques.

This powershell script has got to run in remote hacked windows host, even for pivoting

Malicious use of macho, such as dump-runtime-macho, function-hook.

图形化漏洞利用集成工具

block game military grade radar

Simple program for detecting if host(s) are vulnerable to SMB exploit(MS17-010)

One of the few malware collection

Powerful dork searcher and vulnerability scanner for windows platform

项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。

My exploitDB.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Advanced Web Browser Fingerprinting

Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.

A Ruby micro-framework for writing and running exploits

An overlay attack example

Rage allows you to execute any file in a Microsoft Office document.

Authentication bypass for outdated WoW emulation authentication servers

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

Network based protocol fuzzer

Port of windbglib to x64dbgpy, in an effort to support mona.py in x64dbg.

CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials.

Collection of bash scripts I wrote to make my life easier or test myself that you may find useful.

CTF中Pwn的快速利用模板（包含awd pwn）

An IDA_Wrapper for linux, shipped with an Function Identifier. It works well with Driller on static linked binaries.

Blazing fast, advanced Padding Oracle exploit

Framework for rapid development and reusable of security tools

RootMyTV is a user-friendly exploit for rooting/jailbreaking LG webOS smart TVs.

Collection of different exploits

CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

A number of scripts POC's and problems solved as pentests move along.

⛷ A collection of hacker scripts.

A collection of reverse engineered Apple things, as well as a machine-readable database of Apple hardware

CTF binary exploit code

Extensible framework for analyzing publicly available information about vulnerabilities

CamOver is a camera exploitation tool that allows to disclosure network camera admin password.

Kubernetes security and vulnerability tools and utilities.

iOS 15 0-day exploit (still works in 15.0.2)

Public Disclosures