Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Projects in Awesome Lists tagged with exploit
A curated list of projects in awesome lists tagged with exploit .
https://github.com/safebreach-labs/sireprat
Remote Command Execution as SYSTEM on Windows IoT Core (releases available for Python2.7 & Python3)
exploit iot-core raspberry-pi raspberrypi rce windows-iot
Last synced: 13 Jan 2025
https://github.com/assetnote/batchql
GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
Last synced: 14 Jan 2025
https://github.com/den1al/jsshell
An interactive multi-user web JS shell
exploit interactive javascript python python-3-6 shell web xss
Last synced: 13 Jan 2025
https://github.com/Den1al/JSShell
An interactive multi-user web JS shell
exploit interactive javascript python python-3-6 shell web xss
Last synced: 03 Nov 2024
https://github.com/sam-b/windows_kernel_resources
Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits
Last synced: 18 Nov 2024
https://github.com/saelo/armpwn
Repository to train/learn memory corruption on the ARM platform.
Last synced: 15 Jan 2025
https://github.com/a2u/cve-2018-7600
💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002
cve-2018-7600 drupal drupalgeddon2 exploit poc sa-core-2018-002
Last synced: 13 Jan 2025
https://github.com/Cr4sh/KernelForge
A library to develop kernel level Windows payloads for post HVCI era
exploit hvci hypervisor kernel library rookit vbs windows
Last synced: 21 Nov 2024
https://github.com/hugsy/gdb-static
Public repository of statically compiled GDB and GDBServer
debug exploit gdb gdbserver gef linux reverse-engineering
Last synced: 13 Jan 2025
https://github.com/hlldz/CVE-2021-1675-LPE
Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527
cobaltstrike cve-2021-1675 cve-2021-34527 exploit lpe printnightmare reflectivedll windows
Last synced: 21 Nov 2024
https://github.com/Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337
bugbounty bugbounty-writeups bugbountytips cve cve-2022-0337 cybersecurity exploit hacking payload pentest pentesting red-team security security-writeups writeups
Last synced: 03 Nov 2024
https://github.com/rezasp/vbscan
OWASP VBScan is a Black Box vBulletin Vulnerability Scanner
exploit owasp vbscan vbulletin vulnerability vulnerability-scanners
Last synced: 31 Dec 2024
https://github.com/OWASP/vbscan
OWASP VBScan is a Black Box vBulletin Vulnerability Scanner
exploit owasp vbscan vbulletin vulnerability vulnerability-scanners
Last synced: 03 Nov 2024
https://github.com/rip1s/cve-2017-11882
CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum.
cve-2017-11882 exploit rtf shellcode
Last synced: 15 Jan 2025
https://github.com/kkent030315/evil-mhyprot-cli
A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.
driver exploit kernel kernel-exploit kernel-exploits mhyprot mhyprot2 windows
Last synced: 14 Jan 2025
https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc
Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
cve cve-2019-1003000 exploit groovy information-security jenkins poc rce security security-1266
Last synced: 13 Jan 2025
https://github.com/0x727/jndiexploit
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
Last synced: 15 Jan 2025
https://github.com/tijme/angularjs-csti-scanner
Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.
angularjs angularjs-csti-scanner angularjs-sandbox-escape exploit sandbox-escape security tool vulnerability-scanners xss xss-scanners
Last synced: 13 Jan 2025
https://github.com/crozone/spectrepoc
Proof of concept code for the Spectre CPU exploit.
exploit linux poc spectre spectreexploit-poc
Last synced: 20 Jan 2025
https://github.com/mazen160/struts-pwn_cve-2018-11776
An exploit for Apache Struts CVE-2018-11776
apache cve-2018-11776 exploit st2-057 struts struts-pwn
Last synced: 15 Jan 2025
https://github.com/mazen160/struts-pwn_CVE-2018-11776
An exploit for Apache Struts CVE-2018-11776
apache cve-2018-11776 exploit st2-057 struts struts-pwn
Last synced: 18 Jan 2025
https://github.com/garyodernichts/udpih
Exploit for the Wii U's USB Host Stack
exploit hacking raspberry-pi wiiu
Last synced: 15 Jan 2025
https://github.com/petercunha/jenkins-rce
:smiling_imp: Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!
exploit hacking jenkins orangetw rce unauthenticated
Last synced: 15 Jan 2025
https://github.com/a2nkf/macos-kernel-exploit
macOS Kernel Exploit for CVE-2019-8781.
Last synced: 03 Nov 2024
https://github.com/entysec/hatsploit
Modular penetration testing platform that enables you to write, test, and execute exploit code.
android entysec exploit exploit-database exploit-development exploitation exploitation-framework exploits hacking-tool infosec payload post-exploitation privilege-escalation python remote-access-tool remote-control security windows windows-hacking
Last synced: 20 Jan 2025
https://github.com/hacksysteam/CVE-2023-21608
Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
adobe adobe-reader aslr-bypass cfg-bypass cve-2023-21608 dep-bypass exploit rce use-after-free
Last synced: 02 Jan 2025
https://github.com/momo5502/cod-exploits
☠️ Call of Duty - Vulnerabilities and proof-of-concepts
assembly cod cpp exploit hack ida mw2 poc security-vulnerability
Last synced: 09 Nov 2024
https://github.com/tintinweb/pub
Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb
cve-2014-2021 cve-2014-2022 cve-2014-2023 cve-2015-5477 cve-2016-0772 cve-2016-2563 cve-2016-3115 cve-2016-3116 cve-2016-5725 cve-2017-13208 cve-2017-16929 cve-2017-16930 cve-2017-18016 cve-2017-8798 cve-2018-10057 cve-2018-10058 ethereum-mist exploit poc vulnerability
Last synced: 14 Jan 2025
https://github.com/NtRaiseHardError/Antimalware-Research
Research on Anti-malware and other related security solutions
antimalware antivirus antivirus-evasion antivirus-testing bypass bypass-antivirus bypassantivirus bypassing-avs c exploit exploit-dev exploit-development exploitation windows
Last synced: 21 Nov 2024
https://github.com/m8sec/activereign
A Network Enumeration and Attack Toolset for Windows Active Directory Environments.
activedirectory enumeration exploit impacket ldap network network-enumeration python windows
Last synced: 15 Jan 2025
https://github.com/m8sec/ActiveReign
A Network Enumeration and Attack Toolset for Windows Active Directory Environments.
activedirectory enumeration exploit impacket ldap network network-enumeration python windows
Last synced: 21 Nov 2024
https://github.com/jimywork/shodanwave
Shodanwave is a tool for exploring and obtaining information from Netwave IP Camera.
camera exploit ipcamera netwave-ip-cameras python shodan shodan-api vulnerability-scanners
Last synced: 16 Jan 2025
https://github.com/wangyihang/reverse-shell-manager
:hammer: A multiple reverse shell session/client manager via terminal
attack-defense command-and-control ctf exploit pentesting pty python reverse-shell socket web-security
Last synced: 17 Jan 2025
https://github.com/WangYihang/Reverse-Shell-Manager
:hammer: A multiple reverse shell session/client manager via terminal
attack-defense command-and-control ctf exploit pentesting pty python reverse-shell socket web-security
Last synced: 21 Nov 2024
https://github.com/unknownhad/CloudIntel
This repo contains IOC, malware and malware analysis associated with Public cloud
aws azure exploit gcp malware-analysis security threat-intelligence threatintel
Last synced: 20 Dec 2024
https://github.com/chocapikk/cve-2023-29357
Microsoft SharePoint Server Elevation of Privilege Vulnerability
cve-2023-24955 cve-2023-29357 exploit infosec microsoft sharepoint
Last synced: 16 Jan 2025
https://github.com/A-D-Team/grafanaExp
A exploit tool for Grafana Unauthorized arbitrary file reading vulnerability (CVE-2021-43798), it can burst plugins / extract secret_key / decrypt data_source info automatic.
cve-2021-43798 exploit grafana
Last synced: 21 Nov 2024
https://github.com/a-d-team/grafanaexp
A exploit tool for Grafana Unauthorized arbitrary file reading vulnerability (CVE-2021-43798), it can burst plugins / extract secret_key / decrypt data_source info automatic.
cve-2021-43798 exploit grafana
Last synced: 15 Jan 2025
https://github.com/0x27/CiscoRV320Dump
CVE-2019-1652 /CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data AND Remote Root Exploit!
cisco config-dump exploit exploitation
Last synced: 18 Jan 2025
https://github.com/riptl/cve-2021-3449
CVE-2021-3449 OpenSSL denial-of-service exploit 👨🏻💻
cve-2021-3449 denial-of-service exploit openssl tls
Last synced: 03 Jan 2025
https://github.com/voidsec/exploit-development
Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
0day aslr aslr-bypass eop exploit kernel lpe poc rce rop rop-chain rop-exploitation rop-gadgets shellcode windows
Last synced: 16 Jan 2025
https://github.com/hugsy/stuff
Unsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest
exploit malware-development pentest python reverse-engineering tools
Last synced: 15 Jan 2025
https://github.com/entysec/camraptor
CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials.
camera camera-hacking entysec exploit iot kalilinux payload
Last synced: 15 Jan 2025
https://github.com/KishanBagaria/AirDoS
💣 Remotely render any nearby iPhone or iPad unusable with an AirDrop exploit (now patched)
Last synced: 04 Nov 2024
https://github.com/kishanbagaria/airdos
💣 Remotely render any nearby iPhone or iPad unusable with an AirDrop exploit (now patched)
Last synced: 19 Dec 2024
https://github.com/edoardottt/tryhackme-ctf
TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
capture capture-the-flag code ctf-challenges ctf-competitions ctf-solutions ctf-writeups cyber-security cybersecurity exploit exploitation exploits hacking hacking-tools hacktoberfest notes penetration-testing tryhackme web-exploitation writeups
Last synced: 26 Oct 2024
https://github.com/b1gnout/VAC-Bypass
(NO LONGER WORKS)
anticheat anticheat-bypass cheat csgo exploit hacking hooking reverse-engineering vac vac-bypass valve-anti-cheat
Last synced: 13 Dec 2024
https://github.com/EntySec/CamRaptor
CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials.
camera camera-hacking entysec exploit iot kalilinux payload
Last synced: 21 Nov 2024
https://github.com/Jackbail4/VAC-Bypass
Full VAC Bypass. Inject detected cheats and not get VAC banned.
anticheat anticheat-bypass cheat csgo exploit hacking hooking reverse-engineering vac vac-bypass valve-anti-cheat
Last synced: 07 Nov 2024
https://github.com/mgeeky/expdevbadchars
Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing.
bad bin charset development diff expdev exploit
Last synced: 17 Jan 2025
https://github.com/HuskyHacks/ShadowSteal
Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation
exploit exploit-development nim windows
Last synced: 21 Nov 2024
https://github.com/huskyhacks/shadowsteal
Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation
exploit exploit-development nim windows
Last synced: 29 Oct 2024
https://github.com/glebarez/padre
Blazing fast, advanced Padding Oracle exploit
aes cbc-mode-encryption exploit padding-oracle-attacks
Last synced: 01 Nov 2024
https://github.com/mgeeky/expdevBadChars
Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing.
bad bin charset development diff expdev exploit
Last synced: 21 Nov 2024
https://github.com/svenito/exploit-pattern
generate and search pattern string for exploit development
debruijn exploit exploit-development python
Last synced: 15 Jan 2025
https://github.com/Svenito/exploit-pattern
generate and search pattern string for exploit development
debruijn exploit exploit-development python
Last synced: 25 Oct 2024
https://github.com/ctxz/stm32f1-picopwner
Dump read-out protected STM32F1's with a Pi Pico - A Pi Pico implementation of @JohannesObermaier's, Marc Schink's and Kosma Moczek's Glitch and FPB attack to bypass RDP (read-out protection) level 1 on STM32F1 chips
attack dump exploit firmware firmware-dump glitching pi pi-pico pico pwn pwned rdp stm32f1
Last synced: 16 Jan 2025
https://github.com/saelo/cve-2014-0038
Linux local root exploit for CVE-2014-0038
Last synced: 20 Nov 2024
https://github.com/lassehauballe/Eternalblue
Eternalblue written in CSharp. Contains version detection, vulnerability scanner and exploit of MS17-010
eternalblue eternalblue-scanner exploit metasploit powershell
Last synced: 21 Nov 2024
https://github.com/jollheef/lpe
collection of verified Linux kernel exploits
exploit exploit-database exploit-kit exploits lpe
Last synced: 06 Nov 2024
https://github.com/VoidSec/WebRTC-Leak
Check if your VPN leaks your IP address via the WebRTC technology
exploit vpn-leaks webrtc webrtc-leak
Last synced: 25 Oct 2024
https://github.com/voidsec/webrtc-leak
Check if your VPN leaks your IP address via the WebRTC technology
exploit vpn-leaks webrtc webrtc-leak
Last synced: 24 Nov 2024
https://github.com/sickcodes/no-sandbox
No Sandbox - Applications That Run Chromium and Chrome Without The Sandbox. TL;DR exploits in these browser based applications are already sandboxed escaped: https://no-sandbox.io/
0day bug bugbounty chrome chromium exploit rce research
Last synced: 28 Oct 2024
https://github.com/k8gege/powerladon
Ladon hacking Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
exp exploit hacking ladon lanscanner netscan pentest pentest-tool pentesting-networks poc portscan security subdomain-scanner vulscan
Last synced: 16 Jan 2025
https://github.com/aziz0x48/vmass
vMass Bot :hook: Vulnerability Scanner & Auto Exploiter Tool Written in Perl.
auto-exploit bot drupal exploit exploitation-framework hacking-tool joomla magento pentest-tool pentesting perl prestashop security-tools vulnerability vulnerability-detection vulnerability-scanners wordpress wpscan
Last synced: 19 Dec 2024
https://github.com/samueltulach/nullmap
Using CVE-2023-21768 to manual map kernel mode driver
cve-2023-21768 driver exploit kernel manual-mapper mapper windows
Last synced: 19 Dec 2024
https://github.com/k8gege/PowerLadon
Ladon hacking Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
exp exploit hacking ladon lanscanner netscan pentest pentest-tool pentesting-networks poc portscan security subdomain-scanner vulscan
Last synced: 21 Nov 2024
https://github.com/andreafioraldi/cve_searchsploit
Search an exploit in the local exploitdb database by its CVE
cve cve-edb cve-exploit edb edbid exploit exploit-database exploit-db exploitdb search-exploits searchsploit
Last synced: 13 Jan 2025
https://github.com/Puliczek/CVE-2021-21123-PoC-Google-Chrome
🐱💻 👍 Google Chrome - File System Access API - vulnerabilities reported by Maciej Pulikowski | Total Bug Bounty Reward: $5.000 | CVE-2021-21123 and 5 more...
bugbounty bugbounty-writeups bugbountytips cve cybersecurity exploit hacking payload pentesing pentest red-team security security-writeups writeups
Last synced: 03 Nov 2024
https://github.com/NullArray/MIDA-Multitool
Bash script purposed for system enumeration, vulnerability identification and privilege escalation.
bash bash-script enumeration exploit exploitation pentest pentesting privilege-escalation root shell shell-script vulnerability-identification
Last synced: 13 Dec 2024
https://github.com/nullarray/mida-multitool
Bash script purposed for system enumeration, vulnerability identification and privilege escalation.
bash bash-script enumeration exploit exploitation pentest pentesting privilege-escalation root shell shell-script vulnerability-identification
Last synced: 19 Dec 2024
https://github.com/synacktiv/octoscan
Octoscan is a static vulnerability scanner for GitHub action workflows.
cicd exploit github github-actions vulnerability
Last synced: 15 Dec 2024
https://github.com/radenvodka/SVScanner
SVScanner - Scanner Vulnerability And MaSsive Exploit.
auto-exploiter exploit massive scanner scanner-web svscanner wordpress-exploit-framework
Last synced: 21 Nov 2024
https://github.com/dotPY-hax/gitlab_RCE
RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
ctf cve cve-2018-19571 cve-2018-19585 cve-2020-10977 exploit gitlab gitlab-rce lfi rce
Last synced: 21 Nov 2024
https://github.com/ALEXZZZ9/PS4-5.01-WebKit-Exploit-PoC
PS4 5.01 WebKit Exploit PoC
Last synced: 18 Nov 2024
https://github.com/TasosY2K/camera-exploit-tool
Automated exploit scanner for cameras on the internet
camera camera-exploitation camera-hacking exploit iot scanner shodan vulnerability
Last synced: 17 Nov 2024
https://github.com/ningzhenyu/nailgun
Nailgun attack on ARM devices.
android arm attack debugging exploit fingerprint huawei-mate7 proof-of-concept raspberry-pi security tee trustzone vulnerabilities
Last synced: 10 Nov 2024
https://github.com/hugsy/gef-extras
Extra goodies for GEF to (try to) make GDB suck even less
debugging exploit gdb gef linux pwn python reverse-engineering
Last synced: 15 Jan 2025
https://github.com/0x802/MikrotikSploit
MikrotikSploit is a script that searches for and exploits Mikrotik network vulnerabilities
docker exploit mikrotik network network-mikrotik password python3 routers
Last synced: 29 Oct 2024
https://github.com/forrest-orr/doublestar
A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques
alpc apt chain cve-2019-17026 cve-2020-0674 darkhotel double eop exploit firefox jit pac rpc shellcode star wpad
Last synced: 01 Nov 2024
https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc
A script to automate privilege escalation with CVE-2023-22809 vulnerability
cve cve-2023-22809 exploit privesc script sudo sudoedit vulnerability
Last synced: 25 Oct 2024
https://github.com/n3m1sys/CVE-2023-22809-sudoedit-privesc
A script to automate privilege escalation with CVE-2023-22809 vulnerability
cve cve-2023-22809 exploit privesc script sudo sudoedit vulnerability
Last synced: 02 Jan 2025
https://github.com/hook-s3c/blueborne-scanner
Bluetooth scanner for local devices that may be vulnerable to Blueborne exploit
ble blueborne bluetooth bluetooth-low-energy exploit python scanner
Last synced: 14 Dec 2024
