204 Open source projects that are alternatives of or similar to vnf-asterisk

PoC ActiveX SVG Document Execution

prove of concept using angularjs (1.x) accessing github api

鹿不在侧，鲸不予游🐋

Poc Collected for study and develop

We're working with community non-profits who have a Host Home or empty bedrooms initiative to develop a workflow management tool to make the process scalable (across all providers), reduce institutional bias, and effectively capture data.

CVE-2020-10199、CVE-2020-10204漏洞一键检测工具，图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Very simplified shop sales system made in a microservices architecture using quarkus

SCCP Manager

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

Authenticate against a MySQL server without knowing the cleartext password

Hacking Charles Web Debugging Proxy

Task Hijacking in Android (somebody call it also StrandHogg vulnerability)

Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）

💣 Remotely render any nearby iPhone or iPad unusable

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

No description or website provided.

Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.

☠️ Call of Duty - Vulnerabilities and proof-of-concepts

白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目

Security-related PHP7 OPcache abuse tools and demo

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

Proofs-of-concept

Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity

The Open Source Contact Center Solution (mirror of https://gitlab.com/omnileads/ominicontacto)

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

A PoC on passing data through UNIX file privilege bits (RWX Triplets)

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

CVE-2020-1206 Uninitialized Kernel Memory Read POC

CVE-2020-0796 Remote Code Execution POC

A Proof of Capacity proxy which supports solo and pool mining upstreams

💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002

用cel-go重现了长亭xray的poc检测功能的轮子

a plenty of poc based on python

Fileless attack with persistence

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

SpectreExploit POC

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform bulk vulnerability verification for multiple targets.

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

IOTA Proof of Concept, store MQTT messages on the tangle.

🦄🔒 Awesome list of secrets in environment variables 🖥️

Hacking tools

Misc. Public Reports of Penetration Testing and Security Audits.

✍️ A curated list of CVE PoCs.

A complete Grabber, sending data to a TCP server that you have to host and stocking all in a database.

Krack POC

Writing Spyware Made Easy - POC spyware Chrome Extension/Server

WindowTextExtractor allows you to get a text from any window of an operating system including asterisk passwords

A python script designed to check if the website if vulnerable of clickjacking and create a poc

Blueborne CVE-2017-0781 Android heap overflow vulnerability

Asterisk Queues Dashboard with amiws

CVE-2020-11651: Proof of Concept

Focus on cybersecurity | collection of PoC and Exploits

ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)