{"id":19261452,"url":"https://github.com/wangyihang/exploit-framework","last_synced_at":"2025-04-21T17:30:40.171Z","repository":{"id":113353582,"uuid":"114019179","full_name":"WangYihang/Exploit-Framework","owner":"WangYihang","description":":fire: An Exploit framework for Web Vulnerabilities written in Python","archived":false,"fork":false,"pushed_at":"2020-08-01T08:57:06.000Z","size":108,"stargazers_count":170,"open_issues_count":0,"forks_count":53,"subscribers_count":14,"default_branch":"master","last_synced_at":"2025-04-17T03:54:29.558Z","etag":null,"topics":["exploit-development","exploit-framework","exploits","vulnerability"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/WangYihang.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2017-12-12T17:26:10.000Z","updated_at":"2025-04-07T15:28:03.000Z","dependencies_parsed_at":"2023-09-29T08:52:03.468Z","dependency_job_id":null,"html_url":"https://github.com/WangYihang/Exploit-Framework","commit_stats":{"total_commits":69,"total_committers":2,"mean_commits":34.5,"dds":0.01449275362318836,"last_synced_commit":"7116d878d84d1fe9037163b28171ba5cae926ee6"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WangYihang%2FExploit-Framework","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WangYihang%2FExploit-Framework/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WangYihang%2FExploit-Framework/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WangYihang%2FExploit-Framework/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/WangYihang","download_url":"https://codeload.github.com/WangYihang/Exploit-Framework/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250100193,"owners_count":21374895,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["exploit-development","exploit-framework","exploits","vulnerability"],"created_at":"2024-11-09T19:27:03.492Z","updated_at":"2025-04-21T17:30:39.911Z","avatar_url":"https://github.com/WangYihang.png","language":"Python","funding_links":["https://opencollective.com/Exploit-Framework"],"categories":[],"sub_categories":[],"readme":"# Exploit-Framework\n[![Backers on Open Collective](https://opencollective.com/Exploit-Framework/backers/badge.svg)](#backers)\n [![Sponsors on Open Collective](https://opencollective.com/Exploit-Framework/sponsors/badge.svg)](#sponsors) \n#### Exploits: \n\n|Vendor|Vulnerability|Effected Version|Description|Author|\n|:-:|:-:|:-:|:-:|:-:|\n|[zblog](https://www.zblogcn.com/zblogphp/)|[NOT_CVE](https://gist.github.com/WangYihang/318020687b7e5f1efb38e9afd40c941b)|\u003c=1.5.1|Zblog Authenticated LFI|[@Shutdown_r](http://www.jianshu.com/u/0876d51c215f)|\n|[OpenSNS](http://www.opensns.cn/)|[NOT_CVE](http://0day5.com/archives/4280/)|\u003c=3.31|OpenSNS UnAuthenticated GetShell|[@90sec](https://forum.90sec.org/)|\n|[Joomla](https://www.joomla.org/)|[CVE-2015-8562](https://blog.sucuri.net/2015/12/joomla-remote-code-execution-the-details.html)|1.5\u003c3.45|Joomla Header Unauthenticated RCE|[@Andrew McNicol](https://github.com/anarcoder)|\n|[Codiad](https://github.com/Codiad/Codiad)|[CVE-2017-11366](https://nvd.nist.gov/vuln/detail/CVE-2017-11366)|\u003c=2.8.3|Codiad Authenticated RCE|[@WangYihang](https://github.com/wangyihang)|\n|[Codiad](https://github.com/Codiad/Codiad)|[CVE-2014-9581](https://nvd.nist.gov/vuln/detail/CVE-2014-9581)|\u003c=2.4.3|Codiad Authenticated LFI|[@TaurusOmar](https://www.exploit-db.com/author/?a=7716)|\n|[SeaCMS](http://www.seacms.net)|[CVE-2017-17561](https://nvd.nist.gov/vuln/detail/CVE-2017-17561)|\u003c=6.56|SeaCMS Authenticated GetShell|[@WangYihang](https://github.com/wangyihang)|\n|[SeaCMS](http://www.seacms.net)|[NOT_CVE](http://0day5.com/archives/4180/)|\u003c=6.28|SeaCMS UnAuthenticated RCE|[@没穿底裤](http://0day5.com/author/1/)|\n|[phpMoAdmin](http://www.phpmoadmin.com/)|[CVE-2015-2208](https://www.exploit-db.com/exploits/36251/)|\u003c=1.1.2|phpMoAdmin UnAuthenticated RCE|Unknown|\n|[WordPress](https://wordpress.org/)|[CVE-2017-5487](https://www.exploit-db.com/exploits/41497/)|\u003c4.7.1|WordPress Username Enumeration|[@Dctor](https://www.facebook.com/hatbashbr/)|\n|[DedeCMS](http://www.dedecms.com/)|[NOT_CVE](http://0day5.com/archives/1349/)|\u003c=5.6|DedeCms recommend.php SQL injection|[@没穿底裤](http://0day5.com/author/1/)|\n|[Kernel](https://www.kernel.org/)|[CVE-2016-5195](https://dirtycow.ninja/)|2.6.22\u003c3.9|DirtyC0w Privilege Escalation|[@nowsecure](https://github.com/nowsecure)|\n\n#### Video:\n[![asciicast](https://asciinema.org/a/152418.png)](https://asciinema.org/a/152418)\n\n#### WIKI:\n\u003e https://github.com/WangYihang/Exploit-Framework/wiki\n\n#### Contribution:\n\u003e [1. Guidance of writing exploit module](https://github.com/WangYihang/Exploit-Framework/wiki/Contributing-to-Exploit-Framework)\n\n#### TODO: \n- [ ] 解析字符串\n- [ ] 深层模块化\n- [ ] 上下文栈维护\n- [ ] 日志\n- [ ] 自动补全\n- [ ] Exploit 搜索\n- [ ] Wiki\n- [ ] Exploit 规范\n- [ ] 维护 Reverse Shell (结合 Reverse-Shell-Manager)\n- [ ] Payload 模块\n- [ ] 免杀模块\n- [ ] 维护一句话木马 (结合 Webshell-Sniper)\n- [ ] 数据库\n- [ ] Web 前端\n\n\n## Contributors\n\nThis project exists thanks to all the people who contribute. \n\u003ca href=\"https://github.com/WangYihang/Exploit-Framework/graphs/contributors\"\u003e\u003cimg src=\"https://opencollective.com/Exploit-Framework/contributors.svg?width=890\u0026button=false\" /\u003e\u003c/a\u003e\n\n\n## Backers\n\nThank you to all our backers! 🙏 [[Become a backer](https://opencollective.com/Exploit-Framework#backer)]\n\n\u003ca href=\"https://opencollective.com/Exploit-Framework#backers\" target=\"_blank\"\u003e\u003cimg src=\"https://opencollective.com/Exploit-Framework/backers.svg?width=890\"\u003e\u003c/a\u003e\n\n\n## Sponsors\n\nSupport this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor](https://opencollective.com/Exploit-Framework#sponsor)]\n\n\u003ca href=\"https://opencollective.com/Exploit-Framework/sponsor/0/website\" target=\"_blank\"\u003e\u003cimg src=\"https://opencollective.com/Exploit-Framework/sponsor/0/avatar.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://opencollective.com/Exploit-Framework/sponsor/1/website\" target=\"_blank\"\u003e\u003cimg src=\"https://opencollective.com/Exploit-Framework/sponsor/1/avatar.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://opencollective.com/Exploit-Framework/sponsor/2/website\" target=\"_blank\"\u003e\u003cimg src=\"https://opencollective.com/Exploit-Framework/sponsor/2/avatar.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://opencollective.com/Exploit-Framework/sponsor/3/website\" target=\"_blank\"\u003e\u003cimg src=\"https://opencollective.com/Exploit-Framework/sponsor/3/avatar.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://opencollective.com/Exploit-Framework/sponsor/4/website\" target=\"_blank\"\u003e\u003cimg src=\"https://opencollective.com/Exploit-Framework/sponsor/4/avatar.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://opencollective.com/Exploit-Framework/sponsor/5/website\" target=\"_blank\"\u003e\u003cimg src=\"https://opencollective.com/Exploit-Framework/sponsor/5/avatar.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://opencollective.com/Exploit-Framework/sponsor/6/website\" target=\"_blank\"\u003e\u003cimg src=\"https://opencollective.com/Exploit-Framework/sponsor/6/avatar.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://opencollective.com/Exploit-Framework/sponsor/7/website\" target=\"_blank\"\u003e\u003cimg src=\"https://opencollective.com/Exploit-Framework/sponsor/7/avatar.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://opencollective.com/Exploit-Framework/sponsor/8/website\" target=\"_blank\"\u003e\u003cimg src=\"https://opencollective.com/Exploit-Framework/sponsor/8/avatar.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://opencollective.com/Exploit-Framework/sponsor/9/website\" target=\"_blank\"\u003e\u003cimg src=\"https://opencollective.com/Exploit-Framework/sponsor/9/avatar.svg\"\u003e\u003c/a\u003e\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwangyihang%2Fexploit-framework","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwangyihang%2Fexploit-framework","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwangyihang%2Fexploit-framework/lists"}