590 Open source projects that are alternatives of or similar to Spectre Meltdown Poc

SpectreExploit POC

Potentially dangerous files

Hide your payload into .jpg file

CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.

Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits

A simple PHP application to learn SQL Injection detection and exploitation techniques.

Automatic SSRF fuzzer and exploitation tool

Malicious use of macho, such as dump-runtime-macho, function-hook.

OWASP Joomla Vulnerability Scanner Project

图形化漏洞利用集成工具

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

Simple program for detecting if host(s) are vulnerable to SMB exploit(MS17-010)

Bluetooth scanner for local devices that may be vulnerable to Blueborne exploit

windows-kernel-exploits Windows平台提权漏洞集合

My proof-of-concept exploits for the Linux kernel

A Anti-DDoS script to protect Nginx web servers using Lua with a HTML Javascript based authentication puzzle inspired by Cloudflare I am under attack mode an Anti-DDoS authentication page protect yourself from every attack type All Layer 7 Attacks Mitigating Historic Attacks DoS DoS Implications DDoS All Brute Force Attacks Zero day exploits Social Engineering Rainbow Tables Password Cracking Tools Password Lists Dictionary Attacks Time Delay Any Hosting Provider Any CMS or Custom Website Unlimited Attempt Frequency Search Attacks HTTP Basic Authentication HTTP Digest Authentication HTML Form Based Authentication Mask Attacks Rule-Based Search Attacks Combinator Attacks Botnet Attacks Unauthorized IPs IP Whitelisting Bruter THC Hydra John the Ripper Brutus Ophcrack unauthorized logins Injection Broken Authentication and Session Management Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Security Misconfiguration Cross-Site Scripting (XSS) Insecure Deserialization Using Components with Known Vulnerabilities Insufficient Logging & Monitoring Drupal WordPress Joomla Flash Magento PHP Plone WHMCS Atlassian Products malicious traffic Adult video script avs KVS Kernel Video Sharing Clip Bucket Tube sites Content Management Systems Social networks scripts backends proxy proxies PHP Python Porn sites xxx adult gaming networks servers sites forums vbulletin phpbb mybb smf simple machines forum xenforo web hosting video streaming buffering ldap upstream downstream download upload rtmp vod video over dl hls dash hds mss livestream drm mp4 mp3 swf css js html php python sex m3u zip rar archive compressed mitigation code source sourcecode chan 4chan 4chan.org 8chan.net 8ch 8ch.net infinite chan 8kun 8kun.net anonymous anon tor services .onion torproject.org nginx.org nginx.com openresty.org darknet dark net deepweb deep web darkweb dark web mirror vpn reddit reddit.com adobe flash hackthissite.org dreamhack hack hacked hacking hacker hackers hackerz hackz hacks code coding script scripting scripter source leaks leaked leaking cve vulnerability great firewall china america japan russia .gov government http1 http2 http3 quic q3 litespeedtech litespeed apache torrents torrent torrenting webtorrent bittorrent bitorrent bit-torrent cyberlocker cyberlockers cyber locker cyberbunker warez keygen key generator free irc internet relay chat peer-to-peer p2p cryptocurrency crypto bitcoin miner browser xmr monero coinhive coin hive coin-hive litecoin ethereum cpu cycles popads pop-ads advert advertisement networks banner ads protect ovh blazingfast.io amazon steampowered valve store.steampowered.com steamcommunity thepiratebay lulzsec antisec xhamster pornhub porn.com pornhub.com xhamster.com xvideos xvdideos.com xnxx xnxx.com popads popcash cpm ppc

A tool to help you write binary exploits

A Ruby micro-framework for writing and running exploits

Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.

An overlay attack example

An IDA Pro plugin to examine the glibc heap, focused on exploit development

Python SDK to access the vulnerability database

Some of my CTF solutions

workmanw.github.io/embernati-upload-demo

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

Advisories and Proofs of Concept by BlackArrow

Vulnerability Recurrence:漏洞复现记录

A collection of android Exploits and Hacks

all mine papers, pwn & exploit

a "Proof of Concept or GTFO" mirror with extra article index, direct links and clean PDFs.

Vulnerability assessment and penetration testing automation and reporting platform for teams.

exploit

SmartBugs: A Framework to Analyze Solidity Smart Contracts

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Collection of bash scripts I wrote to make my life easier or test myself that you may find useful.

PoC for CVE-2019-19844(https://www.djangoproject.com/weblog/2019/dec/18/security-releases/)

CTF中Pwn的快速利用模板（包含awd pwn）

SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4)

Blazing fast, advanced Padding Oracle exploit

This resource implements a deep neural network through Numpy, and is equipped with easy-to-understand theoretical derivation, mainly for the in-depth understanding of neural networks. 神经网络模型的理论证明与基于Numpy的实现。

Framework for rapid development and reusable of security tools

OPCDE Cybersecurity Conference Materials

🐛 A plug-in of sublime 2/3 which is able to find PHP vulnerabilities

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

RootMyTV is a user-friendly exploit for rooting/jailbreaking LG webOS smart TVs.

Angular app to visualize & interact with a blockchain

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.

Framework to test any Anti-Cheat

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

Securify v2.0

⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

😎 Curated list about cryptocurrency security (reverse / exploit / fuzz..)

MrsPicky - An IDAPython decompiler script that helps auditing calls to the memcpy() and memmove() functions.

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum.