Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/chaitin/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
passive-vulnerability-scanner poc security sqlinjection vulnerability vulnerability-scanner xss
Last synced: 01 Aug 2024
https://github.com/frohoff/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
deserialization exploit gadget java javadeser jvm poc serialization vulnerability
Last synced: 01 Aug 2024
https://github.com/mr-xn/penetration_testing_poc
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
authentication-bypass bypass cobalt-strike csrf csrf-webshell cve cve-cms exploit getshell oa-getshell penetration-testing penetration-testing-poc php-bypass poc poc-exp rce sql-getshell sql-poc thinkphp
Last synced: 01 Aug 2024
https://github.com/Mr-xn/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
authentication-bypass bypass cobalt-strike csrf csrf-webshell cve cve-cms exploit getshell oa-getshell penetration-testing penetration-testing-poc php-bypass poc poc-exp rce sql-getshell sql-poc thinkphp
Last synced: 30 Jul 2024
https://github.com/trickest/cve
Gather and update all available and newest CVEs with their PoC.
cve cve-poc exploit hacking infosec latest-cve penetration-testing pentesting poc red-team security security-tools software-security software-vulnerabilities software-vulnerability vulnerabilities vulnerability
Last synced: 01 Aug 2024
https://github.com/nomi-sec/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
cve exploit poc security vulnerability
Last synced: 01 Aug 2024
https://github.com/k8gege/k8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
0day apt brute-force bypass crack database exploit getshell hacking netscan password pentest poc privilege-escalation scanner
Last synced: 01 Aug 2024
https://github.com/k8gege/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
0day apt brute-force bypass crack database exploit getshell hacking netscan password pentest poc privilege-escalation scanner
Last synced: 01 Aug 2024
https://github.com/ffffffff0x/1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
blueteam collection ctf hacking ics-security infosec linux-learning markdown-article pentest pentest-tool poc post-penetration redteam security security-tools study writeup
Last synced: 01 Aug 2024
https://github.com/k8gege/ladon
Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange
brute-force exp exploit getshell hack hacking ipscanner ladon netscan password pentest poc portscan scanner security security-scanner security-tools tools
Last synced: 01 Aug 2024
https://github.com/zan8in/afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
afrog bug-bounty penetration-testing pentest poc red-teaming vulnerability-scanner vulnerability-scanning-tools
Last synced: 01 Aug 2024
https://github.com/Ascotbe/Medusa
:cat2:Medusa是一个红队武器库平台,目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能,持续开发中
cobaltstrike cve dnslog email exp mail medusa metasploit-framework payload poc readteam virus xss
Last synced: 31 Jul 2024
https://github.com/Notselwyn/CVE-2024-1086
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
cve cve-2024-1086 exploit lpe poc
Last synced: 31 Jul 2024
https://github.com/Lucifer1993/AngelSword
Python3编写的CMS漏洞检测框架
cms poc vulnerability-scanners
Last synced: 30 Jul 2024
https://github.com/lucifer1993/angelsword
Python3编写的CMS漏洞检测框架
cms poc vulnerability-scanners
Last synced: 01 Aug 2024
https://github.com/c0ny1/fastjsonexploit
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
exp exploiting-vulnerabilities fastjson poc
Last synced: 01 Aug 2024
https://github.com/c0ny1/FastjsonExploit
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
exp exploiting-vulnerabilities fastjson poc
Last synced: 30 Jul 2024
https://github.com/k8gege/k8cscan
K8Ladon大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
cobalt-strike crack exploit ftp getshell hacking ipc mssql mysql netscan oracle password pentest poc portscan scanner security smb subdomain wmi
Last synced: 01 Aug 2024
https://github.com/arthepsy/CVE-2021-4034
PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
Last synced: 01 Aug 2024
https://github.com/tenable/routeros
RouterOS Security Research Tooling and Proof of Concepts
bughunting exploits honeypot poc routeros scanner
Last synced: 31 Jul 2024
https://github.com/100apps/charles-hacking
Hacking Charles Web Debugging Proxy
do-not-use-in-production just-for-learn poc
Last synced: 31 Jul 2024
https://github.com/thezdi/poc
Proofs-of-concept
advantech cve-2016-0856 exploit poc proof-of-concept research rpc scada vulnerability zdi
Last synced: 01 Aug 2024
https://github.com/vulscanteam/vulscan
vulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
exploit-databa exploitation-framework poc pocscan pocscanner scanner-web security-tools sesecurity-vulnerability vulnerability vulnerability-database-entry vulnerability-databases vulnerability-scanners vulnerability-scanning vulscan webscan webscanner
Last synced: 01 Aug 2024
https://github.com/dreadlocked/drupalgeddon2
Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)
cve-2018-7600 drupal drupal7 drupal8 drupalgeddon drupalgeddon2 exploit poc sa-core-2018-002
Last synced: 01 Aug 2024
https://github.com/lockgit/hacking
Hacker, ready for more of our story ! 🚀
attack attacker attacks cracker geek hack hacker hacking hacking-tool poc scanner security security-research security-vulnerability tool tools vulnerabilities vulnerability vulnerability-scanners
Last synced: 01 Aug 2024
https://github.com/LockGit/Hacking
hacker, ready for more of our story ! 🚀
attack attacker attacks cracker geek hack hacker hacking hacking-tool poc scanner security security-research security-vulnerability tool tools vulnerabilities vulnerability vulnerability-scanners
Last synced: 30 Jul 2024
https://github.com/xnbox/DeepfakeHTTP
DeepfakeHTTP is a web server that uses HTTP dumps as a source for responses.
api demo dummy dump graphql http http-server mock mocks-server poc qa qa-automation rest rest-api restful-api spies stub test-automation testing testing-tools
Last synced: 01 Aug 2024
https://github.com/joaomatosf/JavaDeserH2HC
Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
deserialization java javadeser jboss jvm lab poc reverse-shell vulnerability
Last synced: 29 Jul 2024
https://github.com/a2u/cve-2018-7600
💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002
cve-2018-7600 drupal drupalgeddon2 exploit poc sa-core-2018-002
Last synced: 01 Aug 2024
https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc
Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
cve cve-2019-1003000 exploit groovy information-security jenkins poc rce security security-1266
Last synced: 01 Aug 2024
https://github.com/crozone/spectrepoc
Proof of concept code for the Spectre CPU exploit.
exploit linux poc spectre spectreexploit-poc
Last synced: 01 Aug 2024
https://github.com/KishanBagaria/AirDoS
💣 Remotely render any nearby iPhone or iPad unusable with an AirDrop exploit (now patched)
Last synced: 01 Aug 2024
https://github.com/D4Vinci/Clickjacking-Tester
A python script designed to check if the website if vulnerable of clickjacking and create a poc
bug bug-bounty bug-hunter clickjacking poc python-script web-penetration-testing
Last synced: 31 Jul 2024
https://github.com/Vadorequest/rwa-faunadb-reaflow-nextjs-magic
Real-world app example - Real-time Editor, using FaunaDB (realtime stream), Reaflow (graph editor), Next.js framework and a bit of Magic (auth)!
demo edges editor elk faunadb flow fql graph graphql magic magic-link nextjs poc react reaflow real-time real-time-database recoil recoiljs vercel
Last synced: 31 Jul 2024
https://github.com/PoCInnovation/Pool2021
Pools organized for Epitech's students in 2021.
artificial-intelligence augmented-reality hardware learning-by-doing poc security software virtual-reality
Last synced: 29 Jul 2024
https://github.com/CharlesElGriego/Angular-AOT-Dynamic-Components
POC, to get CMS content and add it dynamically
angular cms open-source-project poc web-portfolio
Last synced: 01 Aug 2024
https://github.com/thibmaek/demo-collections
🗂 Repository which holds demos, POCs, examples and other resources
demo examples maekelbergh poc thibault thibmaek
Last synced: 01 Aug 2024
https://github.com/metaory/meta-vanilla-web-component
Vanilla JS Web Components Demo
challenge coding-challenge css demo demo-app es6 html javascript micro-framework poc vanilla-javascript web-components webcomponents
Last synced: 01 Aug 2024