603 Open source projects that are alternatives of or similar to Pub

Remote Command Execution as SYSTEM on Windows IoT Core (releases available for Python2.7 & Python3)

Exploitation and Mitigation Slides

Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities

Windows Exploit Suggester - Next Generation

Very simplified shop sales system made in a microservices architecture using quarkus

generate and search pattern string for exploit development

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

The Correlated CVE Vulnerability And Threat Intelligence Database API

Compromising the macOS Kernel through Safari by Chaining Six Vulnerabilities

A sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)

CVE-2020-1206 Uninitialized Kernel Memory Read POC

Go Web Application Penetration Test

A python script designed to check if the website if vulnerable of clickjacking and create a poc

Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram

My proof-of-concept exploits for the Linux kernel

a plenty of poc based on python

pwninit - automate starting binary exploit challenges

⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

Some of my CTF solutions

Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing.

CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum.

Miscellaneous exploit code

collection poc use pocsuite framework 收集一些 poc with pocsuite框架

Proof of Concepts

Potentially dangerous files

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

Linux local root exploit for CVE-2014-0038

😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

PoC for triggering buffer overflow via CVE-2020-0796

Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

Reverse Shell Cheat Sheet TooL

NSA Hacking Tool Recreation UnitedRake

Escalate as Administrator bypassing the UAC affecting administrator accounts only.

🌸 Interactive shellcoding environment to easily craft shellcodes

Patch for Waterfall to improve performance during attacks and fix memory issues.

Plaintext Password harvesting from Azure Windows VMs

List of Magento extensions with known security issues.

😎 Curated list about cryptocurrency security (reverse / exploit / fuzz..)

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Penetration Testing Platform

Hacking Charles Web Debugging Proxy

Steal Net-NTLM Hash using Bad-PDF

Collection of things made during my OSCP journey

Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.

A python based tool for exploiting and managing Android devices via ADB

CVE-2019-1458 Windows LPE Exploit

Self contained htaccess shells and attacks

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

A container repository for my public web hacks!

Example of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)

🎯 Command Injection Payload List

Audit tool to find common vulnerabilities in PHP source code

Test a host for susceptibility to CVE-2019-19781

Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）

OWASP Joomla Vulnerability Scanner Project

Automatic SSRF fuzzer and exploitation tool

A DNS rebinding attack framework.

CVE-2019-1652 /CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data AND Remote Root Exploit!

lovense hush buttplug exploit chain