590 Open source projects that are alternatives of or similar to Spectre Meltdown Poc

CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.

Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits

Apache Solr Injection Research

Loss modelling framework.

Disabling kernel lockdown on Ubuntu without physical access

CVE-2018-8120 Windows LPE exploit

Word 2016 vulnerability allows injecting HTML/JS code into a docx file's embeddedHTML="" tags.

#INFILTRATE20 raptor's party pack

The hackers tool belt

Unrestricted Lua Execution

A Anti-DDoS script to protect Nginx web servers using Lua with a HTML Javascript based authentication puzzle inspired by Cloudflare I am under attack mode an Anti-DDoS authentication page protect yourself from every attack type All Layer 7 Attacks Mitigating Historic Attacks DoS DoS Implications DDoS All Brute Force Attacks Zero day exploits Social Engineering Rainbow Tables Password Cracking Tools Password Lists Dictionary Attacks Time Delay Any Hosting Provider Any CMS or Custom Website Unlimited Attempt Frequency Search Attacks HTTP Basic Authentication HTTP Digest Authentication HTML Form Based Authentication Mask Attacks Rule-Based Search Attacks Combinator Attacks Botnet Attacks Unauthorized IPs IP Whitelisting Bruter THC Hydra John the Ripper Brutus Ophcrack unauthorized logins Injection Broken Authentication and Session Management Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Security Misconfiguration Cross-Site Scripting (XSS) Insecure Deserialization Using Components with Known Vulnerabilities Insufficient Logging & Monitoring Drupal WordPress Joomla Flash Magento PHP Plone WHMCS Atlassian Products malicious traffic Adult video script avs KVS Kernel Video Sharing Clip Bucket Tube sites Content Management Systems Social networks scripts backends proxy proxies PHP Python Porn sites xxx adult gaming networks servers sites forums vbulletin phpbb mybb smf simple machines forum xenforo web hosting video streaming buffering ldap upstream downstream download upload rtmp vod video over dl hls dash hds mss livestream drm mp4 mp3 swf css js html php python sex m3u zip rar archive compressed mitigation code source sourcecode chan 4chan 4chan.org 8chan.net 8ch 8ch.net infinite chan 8kun 8kun.net anonymous anon tor services .onion torproject.org nginx.org nginx.com openresty.org darknet dark net deepweb deep web darkweb dark web mirror vpn reddit reddit.com adobe flash hackthissite.org dreamhack hack hacked hacking hacker hackers hackerz hackz hacks code coding script scripting scripter source leaks leaked leaking cve vulnerability great firewall china america japan russia .gov government http1 http2 http3 quic q3 litespeedtech litespeed apache torrents torrent torrenting webtorrent bittorrent bitorrent bit-torrent cyberlocker cyberlockers cyber locker cyberbunker warez keygen key generator free irc internet relay chat peer-to-peer p2p cryptocurrency crypto bitcoin miner browser xmr monero coinhive coin hive coin-hive litecoin ethereum cpu cycles popads pop-ads advert advertisement networks banner ads protect ovh blazingfast.io amazon steampowered valve store.steampowered.com steamcommunity thepiratebay lulzsec antisec xhamster pornhub porn.com pornhub.com xhamster.com xvideos xvdideos.com xnxx xnxx.com popads popcash cpm ppc

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images

Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

A collection of android Exploits and Hacks

all mine papers, pwn & exploit

This is a complete project series on implementing hacking tools available in Kali Linux into python.

hacker, ready for more of our story ! 🚀

Python Powered Repository

Algorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.

A collection of my quick and dirty scripts for vulnerability POC and detections

Current home of rubysec.com

cve-2019-0604 SharePoint RCE exploit

Chrome Extension for Send Push Notification 🔔 to gotify/server ☁

Discovering vulnerabilities in firmware through concolic analysis and function clustering.

Create actionable data from your Vulnerability Scans

⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).

linux-kernel-exploits Linux平台提权漏洞集合

CVE-2021-43798:Grafana 任意文件读取漏洞

my oscp prep collection

Vulnerable software and exploits used for OSCP/OSCE preparation

Kindle 5.6.5 exploitation tools.

GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Simple script that utilities discord's flaw in detecting who blocked who.

Bypassing disabled exec functions in PHP (c) CRLF

Self defense post module for metasploit

溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）

The first tool to download any Guitar Pro file, including 'Official' from Ultimate Guitar

A hyper plugin to provide a flexible GDB GUI with the help of GEF, pwndbg or peda

Fully Featured Nintendo DS Loader for Ghidra

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools

Test your Security Skills, and Clean Code Development as a Pythonist, Hacker & Warrior 🥷🏻

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.

Use the docker to build a vulnerability environment

A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques

Perform a MitM attack and extract clear text credentials from RDP connections

😎 Curated list about cryptocurrency security (reverse / exploit / fuzz..)

MrsPicky - An IDAPython decompiler script that helps auditing calls to the memcpy() and memmove() functions.

Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC

CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum.

macOS Kernel Exploit for CVE-2019-8781. Credit for the bug goes to @LinusHenze :)

Writeup of CVE-2020-15906

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Keylogger is 100% invisible keylogger not only for users, but also undetectable by antivirus software. Blackcat keylogger Monitors all keystokes, Mouse clicks. It has a seperate process which continues capture system screenshot and send to ftp server in given time.

Huorong Internet Security vulnerabilities 火绒安全软件漏洞