603 Open source projects that are alternatives of or similar to Pub

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

🦄🔒 Awesome list of secrets in environment variables 🖥️

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

IoT 固件漏洞复现环境

Focus on cybersecurity | collection of PoC and Exploits

Asynchronous Python implementation of SlowLoris DoS attack

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

A social experiment

Proof of concept code for the Spectre CPU exploit.

Blueborne CVE-2017-0781 Android heap overflow vulnerability

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

Proof of concept of VMSA-2017-0012

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

Unsigned code loader for Exynos BootROM

Some of my public exploits

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Focus on cybersecurity | collection of PoC and Exploits

Kubernetes security and vulnerability tools and utilities.

Guest to host VM escape exploit for Parallels Desktop

A number of scripts POC's and problems solved as pentests move along.

A command-line tool for exploiting stack-based buffer overflow vulnerabilities.

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Advanced Web Browser Fingerprinting

项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

SQL Injection Payload List

Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield

PoC exploit for CVE-2016-4622

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

Xbox One Symbolic Link Exploit: Access restricted/encrypted volumes using the Xbox File Explorer.

Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

Reverse Shell as a Service

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

ADAPT is a tool that performs automated Penetration Testing for WebApps.

SVScanner - Scanner Vulnerability And MaSsive Exploit.

Encrypted exploit delivery for the masses

200 TOOLS BY 0XID4FF0X FOR TERMUX

JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

Greenbone Vulnerability Manager

🔍Heap analysis tool for CTF pwn.

This repo records all the vulnerabilities of linux software I have reproduced in my local workspace

Metasploit Cheat Sheet 💣

poc-collection 是对 github 上公开的 PoC 进行收集的一个项目。

SlowMist Vulnerability Research Advisories

An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

Wordpress Vulnerability Scanner

Original Automated CVE Checking Tool

Vulnerability Database | huntr.dev

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

Exploit Netwave and GoAhead IP Camera

JSshell - JavaScript reverse/remote shell

CVE-2020-0688_EXP Auto trigger payload & encrypt method

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

Java漏洞学习笔记 Deserialization Vulnerability