590 Open source projects that are alternatives of or similar to Spectre Meltdown Poc

Proofs-of-concept

SQL Injection Payload List

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Proof of concept of VMSA-2017-0012

Unsigned code loader for Exynos BootROM

Powerful dork searcher and vulnerability scanner for windows platform

ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit

hack tools

PoC exploit for CVE-2016-4622

Reverse Shell as a Service

Extraction of iMessage Data via XSS

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

Some of my public exploits

DoS PoC's for SAP products

Advanced Web Browser Fingerprinting

My exploitDB.

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

Guest to host VM escape exploit for Parallels Desktop

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Vulnerability Labs for security analysis

Exploiting Edge's read:// urlhandler

Here you can get full exploit for SAP NetWeaver AS JAVA

Proof of concept code for the Spectre CPU exploit.

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

rsGen is a Reverse Shell Payload Generator for hacking.

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

A command-line tool for exploiting stack-based buffer overflow vulnerabilities.

A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

Extensible framework for analyzing publicly available information about vulnerabilities

项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。

Kubernetes security and vulnerability tools and utilities.

Microarchitectural exploitation and other hardware attacks.

Misc. Public Reports of Penetration Testing and Security Audits.

Safari local file reader

Advanced vulnerability scanning with Nmap NSE

Apache Shiro 反序列化漏洞检测与利用工具

Xbox One Symbolic Link Exploit: Access restricted/encrypted volumes using the Xbox File Explorer.

IoT 固件漏洞复现环境

Real world and CTFs exploiting web/binary POCs.

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

This repository contains several applications, demonstrating the Meltdown bug.

Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Asynchronous Python implementation of SlowLoris DoS attack

Example of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)

This is a minified exploit for mikrotik routers. It does not require any aditional modules to run.

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Nailgun attack on ARM devices.

PERIODs and SYSTEM VERSIONING for PostgreSQL

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.