NailgunNailgun attack on ARM devices.
Stars: ✭ 114 (+86.89%)
exploitsSome personal exploits/pocs
Stars: ✭ 52 (-14.75%)
ExploitsMiscellaneous exploit code
Stars: ✭ 1,157 (+1796.72%)
Pwn jenkinsNotes about attacking Jenkins servers
Stars: ✭ 841 (+1278.69%)
Proof Of ConceptsA little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
Stars: ✭ 148 (+142.62%)
Spectre Meltdown PocA semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities
Stars: ✭ 127 (+108.2%)
dheaterD(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Stars: ✭ 142 (+132.79%)
Umbraco.ElasticsearchIntegration of Elasticsearch as a search platform for Umbraco v7.5+
Stars: ✭ 15 (-75.41%)
exprologProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)
Stars: ✭ 131 (+114.75%)
Hisilicon Dvr TelnetPoC materials for article https://habr.com/en/post/486856/
Stars: ✭ 101 (+65.57%)
Gopoc用cel-go重现了长亭xray的poc检测功能的轮子
Stars: ✭ 124 (+103.28%)
poc-github-actionsVarious proofs of concept examples using Github Actions 🤖
Stars: ✭ 103 (+68.85%)
hackKubernetes security and vulnerability tools and utilities.
Stars: ✭ 56 (-8.2%)
batchqlGraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
Stars: ✭ 251 (+311.48%)
go-gtfogtfo, now with the speed of golang
Stars: ✭ 59 (-3.28%)
fake-web-eventsCreates a Simulation of Fake Web Events
Stars: ✭ 48 (-21.31%)
Discord-Block-BypassSimple script that utilities discord's flaw in detecting who blocked who.
Stars: ✭ 24 (-60.66%)
foxy-minerA scavenger / conqueror wrapper for collision free multi mining of PoC coins
Stars: ✭ 17 (-72.13%)
python-log4rceAn All-In-One Pure Python PoC for CVE-2021-44228
Stars: ✭ 179 (+193.44%)
discord-bugs-exploitsA Collection of Various Discord Bugs, Exploits, Un-Documented Parts of the Discord API, and Other Discord Related Miscellaneous Stuff.
Stars: ✭ 22 (-63.93%)
hackerHack on your project easily. A liftoff proof-of-concept.
Stars: ✭ 21 (-65.57%)
prl guest to hostGuest to host VM escape exploit for Parallels Desktop
Stars: ✭ 26 (-57.38%)
banethis is a python module that contains functions and classes which are used to test the security of web/network applications. it's coded on pure python and it's very intelligent tool ! It can easily detect: XSS (relected/stored), RCE (Remote Code/Command Execution), SSTI, SSRF, CORS Misconfigurations, File Upload, CSRF, Path Traversal,.... Also, …
Stars: ✭ 167 (+173.77%)
CRAXCRAX: software CRash analysis for Automatic eXploit generation
Stars: ✭ 44 (-27.87%)
RCE-python-oneliner-payloadPython bind shell single line code for both Unix and Windows, used to find and exploit RCE (ImageMagick, Ghostscript, ...)
Stars: ✭ 23 (-62.3%)
Ultimate-Guitar-HackThe first tool to download any Guitar Pro file, including 'Official' from Ultimate Guitar
Stars: ✭ 61 (+0%)
fusee-nanoA minimalist re-implementation of the Fusée Gelée exploit (http://memecpy.com), designed to run on embedded Linux devices. (Zero dependencies)
Stars: ✭ 49 (-19.67%)
ProxyLogonProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)
Stars: ✭ 112 (+83.61%)
SubRosaBasic tool to automate backdooring PE files
Stars: ✭ 48 (-21.31%)
x64dbgpylibPort of windbglib to x64dbgpy, in an effort to support mona.py in x64dbg.
Stars: ✭ 46 (-24.59%)
front-end-visual-comparison-tool🔮🔬Front-End testing tool which can be used to create a side by side visual comparison between your live site and local site.
Stars: ✭ 16 (-73.77%)
exploitCollection of different exploits
Stars: ✭ 153 (+150.82%)
vendr-demo-storeDemo store for Vendr, the eCommerce solution for Umbraco v8+
Stars: ✭ 22 (-63.93%)
flaskbombGZip HTTP Bombing in Python for everyone
Stars: ✭ 30 (-50.82%)
Pool2021Pools organized for Epitech's students in 2021.
Stars: ✭ 19 (-68.85%)
umbraco-contentmentContentment for Umbraco - a state of happiness and satisfaction
Stars: ✭ 63 (+3.28%)
rceDistributed, workflow-driven integration environment
Stars: ✭ 42 (-31.15%)
CVE-2019-8449CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (+8.2%)
CVE-2019-10149CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
Stars: ✭ 15 (-75.41%)
CVE-2020-5902exploit code for F5-Big-IP (CVE-2020-5902)
Stars: ✭ 37 (-39.34%)
T-XPLOITERT-XPLOITER is a Perl program for detect and (even) exploit website(s). Why the name is T-XPLOITER ? T means Triple, XPLOITER means Exploiter. This program has 3 features and functions to detect and (even) exploit website(s), just check it out :).
Stars: ✭ 13 (-78.69%)
vbulletin5-rceCVE-2019-16759 vbulletin 5.0.0 till 5.5.4 pre-auth rce
Stars: ✭ 21 (-65.57%)
HamsterHamster是基于mitmproxy开发的异步被动扫描框架,基于http代理进行被动扫描,主要功能为重写数据包、签名、漏洞扫描、敏感参数收集等功能(开发中)。
Stars: ✭ 27 (-55.74%)
cloudrasp-log4j2一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.
Stars: ✭ 105 (+72.13%)
FastPwnCTF中Pwn的快速利用模板(包含awd pwn)
Stars: ✭ 18 (-70.49%)
CVE-2019-7609RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer
Stars: ✭ 47 (-22.95%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+5990.16%)
DoubleStarA personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques
Stars: ✭ 140 (+129.51%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (+106.56%)
shakeitoffWindows MSI Installer LPE (CVE-2021-43883)
Stars: ✭ 68 (+11.48%)
umbraco-dittoDitto - the friendly view-model mapper for Umbraco
Stars: ✭ 83 (+36.07%)
vnf-asteriskDocumentation, configuration, reference material and other information around an Asterisk-based VNF
Stars: ✭ 38 (-37.7%)