Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Projects in Awesome Lists tagged with exploitation

A curated list of projects in awesome lists tagged with exploitation .

https://github.com/rpisec/mbe

Course materials for Modern Binary Exploitation by RPISEC

ctf exploitation wargame

Last synced: 01 Aug 2024

https://github.com/RPISEC/MBE

Course materials for Modern Binary Exploitation by RPISEC

ctf exploitation wargame

Last synced: 03 Aug 2024

https://github.com/corkami/collisions

Hash collisions and exploitations

collisions exploitation hash md5 scripts sha1

Last synced: 30 Sep 2024

https://github.com/almandin/fuxploider

File upload vulnerability scanner and exploitation tool.

detection exploitation pentesting python3 takeover vulnerability-scanner

Last synced: 26 Sep 2024

https://github.com/rizinorg/rizin

UNIX-like reverse engineering framework and command-line toolset.

debugging exploitation program-analysis reverse-engineering security

Last synced: 30 Sep 2024

https://github.com/ashemery/exploitation-course

Offensive Software Exploitation Course

exploitation exploitation-course exploitdev offensive ose

Last synced: 30 Sep 2024

https://github.com/xyntax/poc-t

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

exploitation pentesting vulnerability-scanner

Last synced: 30 Sep 2024

https://github.com/Xyntax/POC-T

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

exploitation pentesting vulnerability-scanner

Last synced: 01 Aug 2024

https://github.com/sashs/ropper

Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper uses the awesome Capstone Framework.

binary exploitation gadget-finder gadgets rop rop-chains

Last synced: 25 Sep 2024

https://github.com/sashs/Ropper

Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper uses the awesome Capstone Framework.

binary exploitation gadget-finder gadgets rop rop-chains

Last synced: 30 Jul 2024

https://github.com/lefayjey/linwinpwn

linWinPwn is a bash script that streamlines the use of a number of Active Directory tools

active-directory adcs adsecurity bloodhound enumeration exploitation hacking impacket kerberoast kerberos mssql penetration-testing pentest pentest-tool pentesting

Last synced: 01 Oct 2024

https://github.com/lefayjey/linWinPwn

linWinPwn is a bash script that streamlines the use of a number of Active Directory tools

active-directory adcs adsecurity bloodhound enumeration exploitation hacking impacket kerberoast kerberos mssql penetration-testing pentest pentest-tool pentesting

Last synced: 04 Aug 2024

https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

damn-vulnerable damn-vulnerable-web-application exploitation graphql graphql-security penetration-testing security vulnerability

Last synced: 01 Aug 2024

https://github.com/WADComs/WADComs.github.io

WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.

blueteam cheatsheet commands enumeration exploitation persistence privilege-escalation redteam wadcoms windows

Last synced: 01 Aug 2024

https://github.com/wadcoms/wadcoms.github.io

WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.

blueteam cheatsheet commands enumeration exploitation persistence privilege-escalation redteam wadcoms windows

Last synced: 30 Sep 2024

https://github.com/stong/how-to-exploit-a-double-free

How to exploit a double free vulnerability in 2021. Use After Free for Dummies

binary ctf double-free exploitation heap lock-free microarchitecture pwn tutorial use-after-free walkthrough

Last synced: 01 Aug 2024

https://github.com/mufeedvh/moonwalk

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.

cve exploit exploitation infosec infosectools linux privilege-escalation red-teaming redteam redteam-tools security security-tools

Last synced: 30 Sep 2024

https://github.com/0xricksanchez/paper_collection

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

directed-fuzzing embedded exploitation fuzzing fuzzing-binaries guided-fuzzing hybrid-fuzzing iot kernel linux linux-kernel mitigations paper rca root-cause sanitizer vulnerability-detection

Last synced: 30 Sep 2024

https://github.com/jxy-s/herpaderping

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

antivirus antivirus-evasion exploit exploit-development exploit-framework exploitation exploits process-doppelganging process-herpaderping process-hollowing process-migration security security-vulnerability vulnerability windows windows-10 windows-7 windows-defender

Last synced: 27 Sep 2024

https://github.com/nccgroup/featherduster

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

cryptanalysis crypto cryptography encryption exploit exploitation exploitation-framework exploits python security

Last synced: 30 Sep 2024

https://github.com/MegaManSec/SSH-Snake

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

bash cybersecurity exploitation exploitation-tool hacking hacking-tools pentesting post-exploitation redteam scanner security security-tools shell ssh ssh-hacking vulnerability-scanner worm

Last synced: 01 Aug 2024

https://github.com/megamansec/ssh-snake

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

bash cybersecurity exploitation exploitation-tool hacking hacking-tools pentesting post-exploitation redteam scanner security security-tools shell ssh ssh-hacking vulnerability-scanner worm

Last synced: 30 Sep 2024

https://github.com/safebuffer/sam-the-admin

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

active-directory exploitation redteam s4u2self

Last synced: 01 Aug 2024

https://github.com/adi0x90/attifyos

Attify OS - Distro for pentesting IoT devices

embedded exploitation hacking hardware internet-of-things iot iot-pentesting security

Last synced: 04 Aug 2024

https://github.com/bkerler/exploit_me

Very vulnerable ARM/AARCH64 application (CTF style exploitation tutorial with 14 vulnerability techniques)

arm ctf exploitation rop tutorial

Last synced: 01 Aug 2024

https://github.com/ViRb3/magisk-frida

🔐 Run frida-server on boot with Magisk, always up-to-date

android exploitation frida magisk reverse-engineering root security

Last synced: 31 Jul 2024

https://github.com/spawnmason/randar-explanation

"Randar" is an exploit for Minecraft which uses LLL lattice reduction to crack the internal state of an incorrectly reused java.util.Random in the Minecraft server, then works backwards from that to locate other players currently loaded into the world.

2b2t exploit exploitation lattice lattice-reduction lll minecraft munmap papermc radar randar random rng spawnmason spawnmasons

Last synced: 28 Sep 2024

https://github.com/cryptogenic/exploit-writeups

A collection where my current and future writeups for exploits/CTF will go

capture-the-flag exploit-development exploitation vulnerabilities

Last synced: 01 Aug 2024

https://github.com/Cryptogenic/Exploit-Writeups

A collection where my current and future writeups for exploits/CTF will go

capture-the-flag exploit-development exploitation vulnerabilities

Last synced: 30 Jul 2024

https://github.com/danigargu/heap-viewer

IDA Pro plugin to examine the glibc heap, focused on exploit development

exploit exploitation glibc heap ida-plugin ida-pro idapython idapython-plugin python

Last synced: 30 Jul 2024

https://github.com/incredibleindishell/ssrf_vulnerable_lab

This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

attack exploitation hacking lab server-side-request-forgery ssrf web-security

Last synced: 01 Aug 2024

https://github.com/0xb0bb/pwndra

A collection of pwn/CTF related utilities for Ghidra

ctf ctf-tools exploitation ghidra ghidra-scripts pwn reverse-engineering

Last synced: 04 Aug 2024

https://github.com/anon-exploiter/suid3num

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

auto-exploitation boot2root exploitation gtfo gtfo-bin gtfobins htb oscp oscp-tools pentest pentest-tools pentesting privilege-escalation python python-3 standalone-python-script suid suid-binaries suid3num vulnhub

Last synced: 01 Oct 2024

https://github.com/brompwnie/botb

A container analysis and exploitation tool for pentesters and engineers.

container-analysis container-breakout docker-daemon exploitation metadata-endpoints pentesters procfs unix-domain-sockets

Last synced: 01 Aug 2024

https://github.com/sgayou/subaru-starlink-research

Subaru StarLink persistent root code execution.

exploitation jailbreak reverse-engineering vulnerability-research

Last synced: 09 Aug 2024

https://github.com/Chudry/Xerror

fully automated pentesting tool

cve2exploit exploitation gui msf pentesting python xerror

Last synced: 04 Aug 2024

https://github.com/Ben-Lichtman/ropr

A blazing fast™ multithreaded ROP Gadget finder. ropper / ropgadget alternative

command-line-tool exploitation rop rop-chain rop-gadget rust

Last synced: 01 Aug 2024

https://github.com/zt2/sqli-hunter

SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

detection exploitation pentesting ruby sql-injection sqlmap vulnerability-scanner

Last synced: 01 Aug 2024

https://github.com/str8outtaheap/heapwn

Linux Heap Exploitation Practice

ctf exploitation heap linux pwning

Last synced: 01 Aug 2024

https://github.com/M4DM0e/BadMod

CMS auto detect and exploit.

cms-detection exploitation hacking vulnerability-scanner

Last synced: 31 Jul 2024

https://github.com/yuawn/NTU-Computer-Security

台大 計算機安全 - Pwn 簡報、影片、作業題目與解法 - Computer Security Fall 2019 @ CSIE NTU Taiwan

binary-exploitation course csie ctf education exploitation exploits ntu pwn reverse-engineering security

Last synced: 01 Aug 2024

https://github.com/sgayou/medfusion-4000-research

Medfusion 4000 security research & a MQX RCE.

exploitation reverse-engineering

Last synced: 04 Aug 2024

https://github.com/JohnTroony/Blisqy

Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).

appsec blind-sql-injection blisqy database-security exploitation john-ombagi sql sql-injection sql-payloads

Last synced: 04 Aug 2024

https://github.com/akamai-threat-research/mqtt-pwn

MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations.

exploitation iot mqtt mqtt-broker mqtt-client python reconnaissance

Last synced: 01 Aug 2024

https://github.com/peperunas/injectopi

A set of tutorials about code injection for Windows.

code-injection exploitation reverse-engineering reversing winapi windows

Last synced: 03 Aug 2024

https://github.com/ajinabraham/droid-application-fuzz-framework

Android application fuzzing framework with fuzzers and crash monitor.

android browser corruption crash exploitation fuzzing memory pdf vulnerability

Last synced: 03 Oct 2024

https://github.com/ajinabraham/Droid-Application-Fuzz-Framework

Android application fuzzing framework with fuzzers and crash monitor.

android browser corruption crash exploitation fuzzing memory pdf vulnerability

Last synced: 02 Aug 2024

https://github.com/deadbits/InsecureProgramming

mirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/

c exploitation learning-exercise security security-vulnerability vulnerabilities

Last synced: 31 Jul 2024

https://github.com/dhn/osee

Collection of resources for my preparation to take the OSEE certification.

expert exploitation exploits hevd kernel offensive-security osee preparation resources

Last synced: 03 Aug 2024

https://github.com/dhn/OSEE

Collection of resources for my preparation to take the OSEE certification.

expert exploitation exploits hevd kernel offensive-security osee preparation resources

Last synced: 03 Aug 2024

https://github.com/shivamrai2003/reconky-automated_bash_script

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

automated-testing bash-script bugbounty bugbounty-tool bugbounty-tools enumeration exploitation hacking hacking-code nmap osint penetration-testing pentesting-tools recon recon-tools reconnaissance

Last synced: 01 Oct 2024

https://github.com/NullArray/MIDA-Multitool

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

bash bash-script enumeration exploit exploitation pentest pentesting privilege-escalation root shell shell-script vulnerability-identification

Last synced: 20 Aug 2024

https://github.com/01rabbit/PAKURI

PAKURI has been merged with Python and launched as a new project, PAKURI-THON.

arsenal exploitation faraday kali metasploit openvas penetration-testing pentest-tool pentesting-tools scanning vulnerabilities

Last synced: 04 Aug 2024