153 Open source projects that are alternatives of or similar to Pwin

This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

CMS auto detect and exploit.

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

A collection of pwn/CTF related utilities for Ghidra

r2 the Rhme3! The RHme (Riscure Hack me) is a low level hardware CTF that comes in the form of an Arduino board (AVR architecture). It involves a set of SW and HW challenges to test your skills in different areas such as side channel analysis, fault injection, reverse-engineering and software exploitation. In our talk we will briefly recap RHme2…

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

AndroRAT | Remote Administrator Tool for Android OS Hacking

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Subaru StarLink persistent root code execution.

Automatic Exploit Generation Paper

Linux Binary Exploitation

Sifter aims to be a fully loaded Op Centre for Pentesters

wide range mass audit toolkit

SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

UNIX-like reverse engineering framework and command-line toolset.

Android Kernel Exploitation

Writeup of CVE-2020-15906

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.

Web Recon & Exploitation Tool.

Advanced dork Search & Mass Exploit Scanner

RAIR: RAdare In Rust

Notes for taking the OSCP in 2097. Read in book form on GitBook

fireELF - Fileless Linux Malware Framework

Fast, parallel, cross-variant ROP/JOP gadget search for x86/x64 binaries.

🌸 Interactive shellcoding environment to easily craft shellcodes

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A container analysis and exploitation tool for pentesters and engineers.

Exploit Pack -The next generation exploit framework

Automatic SQL injection and database takeover tool

Exploit code for CVE-2016-9066

Linux Heap Exploitation Practice

A collection where my current and future writeups for exploits/CTF will go

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.

Medfusion 4000 security research & a MQX RCE.

Very vulnerable ARM/AARCH64 application (CTF style exploitation tutorial with 14 vulnerability techniques)

MS17-010: Python and Meterpreter

📚 VoidHack CTF write-ups

Format string exploitation helper

Attify OS - Distro for pentesting IoT devices

Challenges and vulnerabilities exploitation.

fsociety Hacking Tools Pack – A Penetration Testing Framework

EmpireCTF – write-ups, capture the flag, cybersecurity

An IDA Pro plugin to examine the glibc heap, focused on exploit development

Microarchitectural exploitation and other hardware attacks.

Remote exploitation framework written in Python

How to exploit a double free vulnerability in 2021. Use After Free for Dummies

mXtract - Memory Extractor & Analyzer

You are probably looking for: https://github.com/ViRb3/magisk-frida

Awesome tools to exploit Windows !

Course materials for Modern Binary Exploitation by RPISEC

Good to know, easy to forget information about binaries and their exploitation!

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Automated Mass Exploiter