590 Open source projects that are alternatives of or similar to Spectre Meltdown Poc

kunpeng是一个Golang编写的开源POC框架/库，以动态链接库的形式提供各种语言调用，通过此项目可快速开发漏洞检测类的系统。

Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

PoC materials for article https://habr.com/en/post/486856/

📖 [译] SploitFun Linux x86 Exploit 开发系列教程

CryptoLocker is open source files encrypt-er. Crypto is developed in Visual C++. It has features encrypt all file, lock down the system and send keys back to the server. Multi-threaded functionality helps to this tool make encryption faster.

CVE-2019-1458 Windows LPE Exploit

Scan and Export RouterOS Password

A local privilege escalation chain from user to kernel for MacOS < 10.15.5. CVE-2020–9854

📢 🔒 Exploit farm for attack-defense CTF competitions

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

A container repository for my public web hacks!

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

Brandis: End-to-end encryption for everyone

Test a host for susceptibility to CVE-2019-19781

Exploitation and Mitigation Slides

PoC tool to demonstrate vulnerabilities in wireless input devices

Reference: http://www.secgeek.net/bookfresh-vulnerability/

Optimized implementation for color-icon-matrix barcodes

Blueborne CVE-2017-0781 Android heap overflow vulnerability

Software tools for Nordic Semiconductor nRF24-based devices like wireless keyboards, mice, and presenters

Automatic SSRF fuzzer and exploitation tool

A sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)

Bluetooth scanner for local devices that may be vulnerable to Blueborne exploit

A high performance FortiGate SSL-VPN vulnerability scanning and exploitation tool.

A modern, simple & elegant theme for Hexo

burpsuite extension for check unauthorized vulnerability

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

My proof-of-concept exploits for the Linux kernel

Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

Some of my CTF solutions

Vulnerability Recurrence:漏洞复现记录

A bootrom exploit for MediaTek devices

A curated list of awesome baseband research resources

exploit

PoC for CVE-2019-19844(https://www.djangoproject.com/weblog/2019/dec/18/security-releases/)

Focus on cybersecurity | collection of PoC and Exploits

This resource implements a deep neural network through Numpy, and is equipped with easy-to-understand theoretical derivation, mainly for the in-depth understanding of neural networks. 神经网络模型的理论证明与基于Numpy的实现。

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

DDOS Archive by RootSec (Scanners, BotNets (Mirai and QBot Premium & Normal and more), Exploits, Methods, Sniffers)

Penetration tests guide based on OWASP including test cases, resources and examples.

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

Securify v2.0

Mikrotik RouterOS (6.x < 6.38.5) exploit kit. Reverse engineered from the "Vault 7" WikiLeaks publication.

An example rootkit that gives a userland process root permissions

The best tool for finding one gadget RCE in libc.so.6

NSA Hacking Tool Recreation UnitedRake

Disabling kernel lockdown on Ubuntu without physical access

Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

Web wrapper of niklasb/libc-database

Word 2016 vulnerability allows injecting HTML/JS code into a docx file's embeddedHTML="" tags.

Plaintext Password harvesting from Azure Windows VMs

A web crawler (for bug hunting) that gathers more than you can imagine.

Penetration Testing Platform

Algorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.

cve-2019-0604 SharePoint RCE exploit

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

Create actionable data from your Vulnerability Scans