401 Open source projects that are alternatives of or similar to ronin-exploits

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Exploiting challenges in Linux and Windows

Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

My documentation and tools for learn ethical hacking.

Very simple script(s) to hasten binary exploit creation

Basic tool to automate backdooring PE files

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities

Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

Metasploit Cheat Sheet 💣

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

Red-team tool to hook libc read syscall with a buffer overflow vulnerability.

A 2d Game Engine written in C++20.

Collection of different exploits

ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)

Windows MSI Installer LPE (CVE-2021-43883)

A Collection of Various Discord Bugs, Exploits, Un-Documented Parts of the Discord API, and Other Discord Related Miscellaneous Stuff.

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

Python Powered Repository

Angular 2 component for Leaflet 1.x (WIP - Help Wanted)

BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit

ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container

Gui Library written in Crystal

TUI menu driven bash shell script to update and maintain a Debian based Linux distro.

Guest to host VM escape exploit for Parallels Desktop

Collection of bash scripts I wrote to make my life easier or test myself that you may find useful.

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Unrestricted Lua Execution

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

A number of scripts POC's and problems solved as pentests move along.

Network based protocol fuzzer

An IDA_Wrapper for linux, shipped with an Function Identifier. It works well with Driller on static linked binaries.

It is primary designed to be hidden and monitoring the computer activity. Take a screenshot of desktop in hidden mode using Visual C++ and save automatically to 'jpeg' file in every 30 second. 60+ Most Popular antivirus not detect this application while it is running on background.

Python script to decrypt passwords stored by mRemoteNG

[WIP] React Testing Library everywhere

CTF中Pwn的快速利用模板（包含awd pwn）

A spare-time C# .NET 6 game engine project. Cross-platform, multi-threaded.

⛷ A collection of hacker scripts.

Binary String Toolkit (BST). Quickly and easily convert binary strings for all your exploit development needs. 😎

Rage allows you to execute any file in a Microsoft Office document.

Vulnerable software and exploits used for OSCP/OSCE preparation

Modern blog engine made with Go and the Next.js framework

GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations

gtfo, now with the speed of golang

Blazing fast, advanced Padding Oracle exploit

A collection of reverse engineered Apple things, as well as a machine-readable database of Apple hardware

Simple script that utilities discord's flaw in detecting who blocked who.

Self defense post module for metasploit

Exploits developed by me.

CRAX: software CRash analysis for Automatic eXploit generation

The first tool to download any Guitar Pro file, including 'Official' from Ultimate Guitar

Port of windbglib to x64dbgpy, in an effort to support mona.py in x64dbg.

Framework for rapid development and reusable of security tools

CTF binary exploit code

Python package for Customizable Data Preprocessing Pipelines