391 Open source projects that are alternatives of or similar to Wasabi Aeg

CRAX: software CRash analysis for Automatic eXploit generation

Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI

Various kernel exploits

Trinity Exploit - Emulator Escape

Detect deauthentication frames using an ESP8266

Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.

An exploit for Apache Struts CVE-2017-5638

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Multiplatform reverse shell generator

3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

Simple Theorem Prover, an efficient SMT solver for bitvectors

yet another tool for analysing binaries

An IDA Pro plugin to examine the glibc heap, focused on exploit development

This repository contains several applications, demonstrating the Meltdown bug.

A curated list of awesome symbolic execution resources including essential research papers, lectures, videos, and tools.

Kindle 5.6.5 exploitation tools.

Framework to test any Anti-Cheat

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢

Automated Mass Exploiter

A lightweight VM for hardware hacking, RE (fuzzing, symEx, exploiting etc) and wargaming tasks

windows-kernel-exploits Windows平台提权漏洞集合

Hypervisor Memory Introspection Core Library

A collection of links related to Linux kernel security and exploitation

An interactive multi-user web JS shell

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.

Cloak can backdoor any python script with some tricks.

OWASP Joomla Vulnerability Scanner Project

Discovering vulnerabilities in firmware through concolic analysis and function clustering.

Playing with the Tigress binary protection. Break some of its protections and solve some of its challenges. Automatic deobfuscation using symbolic execution, taint analysis and LLVM.

linux-kernel-exploits Linux平台提权漏洞集合

Self contained htaccess shells and attacks

History of symbolic execution (as well as SAT/SMT solving, fuzzing, and taint data tracking)

hack tools

Bypassing disabled exec functions in PHP (c) CRLF

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

A hyper plugin to provide a flexible GDB GUI with the help of GEF, pwndbg or peda

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

🌸 Interactive shellcoding environment to easily craft shellcodes

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Proofs-of-concept

PHPMailer < 5.2.18 Remote Code Execution exploit and vulnerable container

A unit test-like interface for fuzzing and symbolic execution

IoT 固件漏洞复现环境

Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)

漏洞利用框架模块分享仓库

Example of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)

AndroRAT | Remote Administrator Tool for Android OS Hacking

CVE-2018-8120 Windows LPE exploit

Search gtfobins and lolbas files from your terminal

A tool to help you write binary exploits

💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002

Blueborne CVE-2017-0785 Android information leak vulnerability

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Collection of things made during my OSCP journey

Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.

An analysis tool for Python that blurs the line between testing and type systems.