Fuzz.txtPotentially dangerous files
Stars: ✭ 1,382 (+988.19%)
ImgbackdoorHide your payload into .jpg file
Stars: ✭ 87 (-31.5%)
Cve 2018 18852CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.
Stars: ✭ 42 (-66.93%)
Windows kernel resourcesPapers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits
Stars: ✭ 298 (+134.65%)
sqlinjection-training-appA simple PHP application to learn SQL Injection detection and exploitation techniques.
Stars: ✭ 56 (-55.91%)
SsrfmapAutomatic SSRF fuzzer and exploitation tool
Stars: ✭ 1,344 (+958.27%)
evilMACHOMalicious use of macho, such as dump-runtime-macho, function-hook.
Stars: ✭ 13 (-89.76%)
JoomscanOWASP Joomla Vulnerability Scanner Project
Stars: ✭ 640 (+403.94%)
Gr33k图形化漏洞利用集成工具
Stars: ✭ 361 (+184.25%)
CiscoexploitCisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)
Stars: ✭ 73 (-42.52%)
goMS17-010Simple program for detecting if host(s) are vulnerable to SMB exploit(MS17-010)
Stars: ✭ 67 (-47.24%)
Blueborne ScannerBluetooth scanner for local devices that may be vulnerable to Blueborne exploit
Stars: ✭ 125 (-1.57%)
Kernel ExploitsMy proof-of-concept exploits for the Linux kernel
Stars: ✭ 1,173 (+823.62%)
Nginx Lua Anti DdosA Anti-DDoS script to protect Nginx web servers using Lua with a HTML Javascript based authentication puzzle inspired by Cloudflare I am under attack mode an Anti-DDoS authentication page protect yourself from every attack type All Layer 7 Attacks Mitigating Historic Attacks DoS DoS Implications DDoS All Brute Force Attacks Zero day exploits Social Engineering Rainbow Tables Password Cracking Tools Password Lists Dictionary Attacks Time Delay Any Hosting Provider Any CMS or Custom Website Unlimited Attempt Frequency Search Attacks HTTP Basic Authentication HTTP Digest Authentication HTML Form Based Authentication Mask Attacks Rule-Based Search Attacks Combinator Attacks Botnet Attacks Unauthorized IPs IP Whitelisting Bruter THC Hydra John the Ripper Brutus Ophcrack unauthorized logins Injection Broken Authentication and Session Management Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Security Misconfiguration Cross-Site Scripting (XSS) Insecure Deserialization Using Components with Known Vulnerabilities Insufficient Logging & Monitoring Drupal WordPress Joomla Flash Magento PHP Plone WHMCS Atlassian Products malicious traffic Adult video script avs KVS Kernel Video Sharing Clip Bucket Tube sites Content Management Systems Social networks scripts backends proxy proxies PHP Python Porn sites xxx adult gaming networks servers sites forums vbulletin phpbb mybb smf simple machines forum xenforo web hosting video streaming buffering ldap upstream downstream download upload rtmp vod video over dl hls dash hds mss livestream drm mp4 mp3 swf css js html php python sex m3u zip rar archive compressed mitigation code source sourcecode chan 4chan 4chan.org 8chan.net 8ch 8ch.net infinite chan 8kun 8kun.net anonymous anon tor services .onion torproject.org nginx.org nginx.com openresty.org darknet dark net deepweb deep web darkweb dark web mirror vpn reddit reddit.com adobe flash hackthissite.org dreamhack hack hacked hacking hacker hackers hackerz hackz hacks code coding script scripting scripter source leaks leaked leaking cve vulnerability great firewall china america japan russia .gov government http1 http2 http3 quic q3 litespeedtech litespeed apache torrents torrent torrenting webtorrent bittorrent bitorrent bit-torrent cyberlocker cyberlockers cyber locker cyberbunker warez keygen key generator free irc internet relay chat peer-to-peer p2p cryptocurrency crypto bitcoin miner browser xmr monero coinhive coin hive coin-hive litecoin ethereum cpu cycles popads pop-ads advert advertisement networks banner ads protect ovh blazingfast.io amazon steampowered valve store.steampowered.com steamcommunity thepiratebay lulzsec antisec xhamster pornhub porn.com pornhub.com xhamster.com xvideos xvdideos.com xnxx xnxx.com popads popcash cpm ppc
Stars: ✭ 295 (+132.28%)
Rop ToolA tool to help you write binary exploits
Stars: ✭ 590 (+364.57%)
ronin-exploitsA Ruby micro-framework for writing and running exploits
Stars: ✭ 36 (-71.65%)
ToolsSecurity and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
Stars: ✭ 1,343 (+957.48%)
Heap ViewerAn IDA Pro plugin to examine the glibc heap, focused on exploit development
Stars: ✭ 574 (+351.97%)
python-sdkPython SDK to access the vulnerability database
Stars: ✭ 22 (-82.68%)
CtfSome of my CTF solutions
Stars: ✭ 70 (-44.88%)
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+4796.06%)
advisoriesAdvisories and Proofs of Concept by BlackArrow
Stars: ✭ 17 (-86.61%)
VulrecVulnerability Recurrence:漏洞复现记录
Stars: ✭ 109 (-14.17%)
Android ExploitsA collection of android Exploits and Hacks
Stars: ✭ 290 (+128.35%)
Pwn2exploitall mine papers, pwn & exploit
Stars: ✭ 289 (+127.56%)
Pocorgtfoa "Proof of Concept or GTFO" mirror with extra article index, direct links and clean PDFs.
Stars: ✭ 560 (+340.94%)
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: ✭ 242 (+90.55%)
smartbugsSmartBugs: A Framework to Analyze Solidity Smart Contracts
Stars: ✭ 222 (+74.8%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+25812.6%)
BashCollection of bash scripts I wrote to make my life easier or test myself that you may find useful.
Stars: ✭ 19 (-85.04%)
Django cve 2019 19844 pocPoC for CVE-2019-19844(https://www.djangoproject.com/weblog/2019/dec/18/security-releases/)
Stars: ✭ 94 (-25.98%)
FastPwnCTF中Pwn的快速利用模板(包含awd pwn)
Stars: ✭ 18 (-85.83%)
SpecucheckSpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4)
Stars: ✭ 542 (+326.77%)
padreBlazing fast, advanced Padding Oracle exploit
Stars: ✭ 35 (-72.44%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (-47.24%)
OpcdeOPCDE Cybersecurity Conference Materials
Stars: ✭ 538 (+323.62%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+1434.65%)
RootMyTV.github.ioRootMyTV is a user-friendly exploit for rooting/jailbreaking LG webOS smart TVs.
Stars: ✭ 745 (+486.61%)
Attack Surface Detector BurpThe Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
Stars: ✭ 63 (-50.39%)
hacking-resourcesHacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.
Stars: ✭ 1,386 (+991.34%)
ExploitsA personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.
Stars: ✭ 75 (-40.94%)
Traitor⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket
Stars: ✭ 3,473 (+2634.65%)
GhostGhost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.
Stars: ✭ 992 (+681.1%)
Vulnerable NodeA very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools
Stars: ✭ 282 (+122.05%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+2418.11%)
MrspickyMrsPicky - An IDAPython decompiler script that helps auditing calls to the memcpy() and memmove() functions.
Stars: ✭ 86 (-32.28%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-69.29%)
Cve 2017 11882CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum.
Stars: ✭ 280 (+120.47%)