349 Open source projects that are alternatives of or similar to ShadowSteal

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢

My documentation and tools for learn ethical hacking.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Basic tool to automate backdooring PE files

Exploiting challenges in Linux and Windows

Red-team tool to hook libc read syscall with a buffer overflow vulnerability.

A Ruby micro-framework for writing and running exploits

It is primary designed to be hidden and monitoring the computer activity. Take a screenshot of desktop in hidden mode using Visual C++ and save automatically to 'jpeg' file in every 30 second. 60+ Most Popular antivirus not detect this application while it is running on background.

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

Extensible framework for analyzing publicly available information about vulnerabilities

ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)

A number of scripts POC's and problems solved as pentests move along.

Rage allows you to execute any file in a Microsoft Office document.

Exploits developed by me.

Powerful dork searcher and vulnerability scanner for windows platform

Kubernetes security and vulnerability tools and utilities.

Port of windbglib to x64dbgpy, in an effort to support mona.py in x64dbg.

图形化漏洞利用集成工具

Windows MSI Installer LPE (CVE-2021-43883)

My exploitDB.

Collection of bash scripts I wrote to make my life easier or test myself that you may find useful.

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

Python Powered Repository

CTF中Pwn的快速利用模板（包含awd pwn）

ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container

Python script to decrypt passwords stored by mRemoteNG

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

An overlay attack example

⛷ A collection of hacker scripts.

One of the few malware collection

A collection of reverse engineered Apple things, as well as a machine-readable database of Apple hardware

Authentication bypass for outdated WoW emulation authentication servers

CTF binary exploit code

Malicious use of macho, such as dump-runtime-macho, function-hook.

CamOver is a camera exploitation tool that allows to disclosure network camera admin password.

Network based protocol fuzzer

Guest to host VM escape exploit for Parallels Desktop

项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials.

Unrestricted Lua Execution

A simple PHP application to learn SQL Injection detection and exploitation techniques.

A Collection of Various Discord Bugs, Exploits, Un-Documented Parts of the Discord API, and Other Discord Related Miscellaneous Stuff.

Advanced Web Browser Fingerprinting

Blazing fast, advanced Padding Oracle exploit

GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations

BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Binary String Toolkit (BST). Quickly and easily convert binary strings for all your exploit development needs. 😎

An IDA_Wrapper for linux, shipped with an Function Identifier. It works well with Driller on static linked binaries.

Vulnerable software and exploits used for OSCP/OSCE preparation

block game military grade radar

gtfo, now with the speed of golang

Framework for rapid development and reusable of security tools

Simple script that utilities discord's flaw in detecting who blocked who.

Self defense post module for metasploit

Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.

RootMyTV is a user-friendly exploit for rooting/jailbreaking LG webOS smart TVs.

CRAX: software CRash analysis for Automatic eXploit generation

Experiments on C/C++ Exploits