Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Exploit

Exploit refers to a piece of code or technique that takes advantage of a security vulnerability in a system, application, or network to cause unintended behavior. Exploits can be used by attackers to gain unauthorized access, escalate privileges, execute arbitrary code, or cause a denial of service. This topic covers the various types of exploits, such as zero-day exploits, remote code execution, and privilege escalation. It also explores the lifecycle of an exploit, from discovery and development to deployment and mitigation, and highlights the importance of vulnerability management and patching in preventing exploits.

https://github.com/jcs090218/reverse_shell

Reverse shell implementation using Python

exploit microservice reverse-shell vulnerability

Last synced: 04 Jan 2025

https://github.com/x0reaxeax/exec-prot-bypass

Bypassing Linux Executable Space Protection using 20+ years old tools (CVE-2022-25265).

cve-2022-25265 dep-bypass exploit linux noexec

Last synced: 10 Nov 2024

https://github.com/padsalatushal/cve-2018-16763

Fuel CMS 1.4.1 - Remote Code Execution

cve cve-2018-16763 exploit fuelcms python

Last synced: 14 Jan 2025

https://github.com/darkcodersc/slae32-egghunters

SLAE32 Assignment 3 : Egg Hunters

egg exploit hunter shellcode slae32 slae32-assignments

Last synced: 11 Oct 2024

https://github.com/z3n70/CVE-2021-43798

Simple program for exploit grafana

bugbounty cybersecurity exploit grafana pentesting

Last synced: 23 Oct 2024

https://github.com/kardespro/nosqlmap

NoSQLMap CLI Tool is a command-line interface (CLI) tool designed to test for NoSQL injection vulnerabilities using Node.js, TypeScript, and Axios. It supports both HTTP and HTTPS requests and works with all HTTP methods.

exploit mongodb mongodb-database mongoose nosqlmap pentesting scan-tool security security-tools sqlmap

Last synced: 10 Oct 2024

https://github.com/alexfrancow/cve-2020-7200

CVE-2020-7200: HPE Systems Insight Manager (SIM) RCE PoC

cve exploit hpe jboss rce

Last synced: 20 Nov 2024

https://github.com/sgabe/cve-2019-1476

AppXSvc Arbitrary File Overwrite DoS

dos-attack exploit proof-of-concept vulnerability windows10

Last synced: 14 Dec 2024

https://github.com/sebastian-mora/cve-2020-27358-27359

CVE-2020-27358 and CVE-2020-27359

cve cve-2020-27358 cve-2020-27359 exploit

Last synced: 23 Oct 2024

https://github.com/krishpranav/autosploit

A simple ruby tool to automate metasploit modules

bash exploit exploiter metasploit metasploit-modules msfs ruby shell

Last synced: 15 Oct 2024

https://github.com/hktalent/createoneminjar

Automatically search for the required class and package it as a jar Create One Min Jar file

0-day 0day build deserialize exp exploit jar java rce tools

Last synced: 19 Nov 2024

https://github.com/paulveillard/cybersecurity-hack-value

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Hack Value in Cybersecurity.

cybersecurity exploit exploits-finder exploits-scripts hacking hacking-code hacking-framework hacking-tools security-tools vulnerability vulnerability-assessment vulnerability-detection vulnerability-scanners

Last synced: 02 Feb 2025

https://github.com/dreadl0ck/osx-root-installer

OSX ElCapitan Privilege Escalation Proof Of Concept

exploit osx osx-security security

Last synced: 06 Nov 2024

https://github.com/0xbitx/dedsec_malware_dropper

linux based super-stealthy Dropper, that can create a fully undetected linux malware executable.

custom-payload dropper exploit fud fud-backdoor linux-tool malware rat undetectable-malware

Last synced: 14 Jan 2025

https://github.com/loneicewolf/vulnserver-bof

My approach to the VulnServer BOF (Windows 10 - SYSTEM gained)

exploit loneicewolf oscp oscp-prep oscp-tools vulnserver william-martens

Last synced: 06 Nov 2024

https://github.com/siddhant385/flask-phishing

PHISHING FRAMEWORK BUILT OVER FLASK AND COULD BE DEPLOYED OVER WEB TO SHOW THE RISKS OF PHISHING OVER THE WEB WITH PASSWORD FETCH OVER TELEGRAM

brute-force exploit flask flask-login flask-phishing flask-web instagram iplogger ngrok phishing phishing-attacks phishing-kit phishing-page phishing-script phishing-tool portforward web zphisher

Last synced: 16 Nov 2024

https://github.com/codeb0ss/cve-2023-0255-poc

Mass Exploit - CVE-2023-0255 < WordPress < Enable Media+Plugin < Unauthenticated Arbitrary File Upload / Webshell Upload

codeb0ss codeboss cve-2023-0225-exp cve-2023-0225-exploit cve-2023-0225-poc exploit wordpress

Last synced: 12 Jan 2025

https://github.com/cokebeer/logi

Logi is a LDAP/MySQL server focusing on pingback deserialize recon and exploit.

commons-beanutils custom cve-2020-14644 deserialize exploit gadget go java jdbc jndi ldap log4j mysql probe server wordlist

Last synced: 24 Nov 2024

https://github.com/mauricelambert/cve-2021-31166

CVE-2021-31166: exploitation with Powershell, Python, Ruby, NMAP and Metasploit.

bluescreen crash cve cve-2021-31166 denial-of-service dos exploit iis metasploit microsoft nmap payload powershell python3 ruby vulnerability webserver

Last synced: 14 Nov 2024

https://github.com/demining/bitcoin-lightning-wallet-vulnerability

How to find a private key in binary code from Bitcoin Lightning Wallet Vulnerability in Quasar Framework

bitcoin bitcoin-wallet blockchain exploit hack hacking metasploit metasploit-framework privatekey vulnerability vulnerable

Last synced: 22 Jan 2025

https://github.com/kennytv/exploitfixes

Fixes a recently found tab complete server crash (fixed in Paper 1.20.4). May be used for more in the future

crash exploit fix minecraft paper

Last synced: 20 Oct 2024

https://github.com/randomrobbiebf/cve-2024-22145

InstaWP Connect <= 0.1.0.8 - Missing Authorization to Arbitrary Options Update (Subscriber+)

cve-2024-22145 exploit instawp-connect wordpress

Last synced: 21 Jan 2025

https://github.com/baum1810/anonxss

this is a xss exploit for the popular filehoster anonfiles its been around for some while but i have edit it a bit

anofiles anonfiles-xss api baum1810 ethical-hacking ethical-hacking-tools exploit flask flask-server grabber ip ipgrabber python replit requests xss

Last synced: 17 Dec 2024

https://github.com/samkg/flush-reload-sidechannel

A demonstration of a sidechannel vulnerability that exploits cache timings using Flush Reload to communicate information over a covert channel

covert-channel exploit intel linux

Last synced: 21 Jan 2025

https://github.com/undacmic/heartbleed-proof-of-concept

Proof of concept for exploiting the Heartbeat Extension bug detailed in the CVE-2014-0160. :old_key: :unlock:

cve-2014-0160 exploit heartbeat heartbleed proof-of-concept tls vulnerability

Last synced: 31 Dec 2024

https://github.com/z3n70/CVE-2021-41277

simple program for exploit metabase

bugbounty cybersecurity exploit metabase ruby

Last synced: 23 Oct 2024

https://github.com/kos0ng/cves

Repository regarding my security research

cve exploit security

Last synced: 03 Dec 2024

https://github.com/b2r2-org/poe

PoE (Proof-of-Exploit) is a language designed specifically for writing an exploit.

ctf exploit fsharp hacking poe programming-language

Last synced: 31 Dec 2024

https://github.com/volkansah/sqlp-edu

Example Python script that demonstrates a simple example of a Cross-Site Scripting (XSS) exploit for educational purposes only. This script is intended to be used responsibly, for learning and understanding the security implications of XSS attacks, and should not be used for any illegal or unethical activities.

bypass cross-site-scripting ehtical-hacking-tools exploit exploitation explotation hacking hacking-tool hacking-tools penetration-testing pentesting phishing python security sql-xss vulnerability xss xss-attacks xss-exploitation xss-injection

Last synced: 04 Feb 2025

https://github.com/nguyenmg/roblox-synapse

Roblox Synapse Executor is a top-tier script execution tool for Roblox, valued for its advanced features and stability, enabling seamless Lua scripting for game modifications and customization.

bloxfruit-script bloxfruits-autofarm-script bloxfruits-hack-script bloxfruits-script exploit gui lua roblox roblox-lua roblox-script roblox-scripts roblox-synapse robloxscript robloxscripts

Last synced: 23 Dec 2024

https://github.com/danucosukosuko/rfsrcexploit

Un nuevo exploit de ChatGPT o una alternativa a D.A.N. Las siglas de RFSR son RE.FU.SE.R. Que se salta la política de OpenAI.

exploit gpt-3-5-turbo

Last synced: 25 Jan 2025

https://github.com/hupe1980/gopherfy

Tool to generate gopher links for exploiting SSRF

exploit fastcgi gopher http mysql postgresql smtp ssrf

Last synced: 20 Dec 2024

https://github.com/demining/defi-attacks

DeFi Attacks & Exploits all the biggest cryptocurrency thefts from 2021 to 2022

attack attacks attacks-threats-vulnerabilites bitcoin bitcoin-wallet blockchain defi defichain ethereum exploit exploits

Last synced: 12 Nov 2024

https://github.com/lucadibello/weaponizedping

🔫 A weaponized ping implementation that includes concealed data in the packet payload.

exploit icmp-tunnel ping pinger python3

Last synced: 11 Nov 2024

https://github.com/codeb0ss/webshell_executor

Advanced Software To Scan Webshells With The Best Features - For SEO Webshells/SEO Companies.

0day china codeb0ss codeboss cve exploit high-da lufix olux rce-exploit shell shell-exploit webshell webshell-backdoor webshell-detect webshell-exploit wso xleet

Last synced: 12 Jan 2025

https://github.com/fssay/dall-e

Free DALL-E text-to-image generator using exploit in a third-party service

ai dall-e dalle exploit rust-lang tauri text-to-image

Last synced: 02 Feb 2025

https://github.com/hunthubspace/exploit-tracker

A script designed to automatically discover new exploits and save results to a file or integrate with your Discord server. Also search for exploits related to specific CVEs of your choice.

bugbounty cve ethical-hacking exploit penetration-testing-tools web

Last synced: 31 Jan 2025

https://github.com/acceis/exploit-cve-2022-0482

Easy!Appointments < 1.4.3 - Unauthenticated PII (events) disclosure

cve cve-2022-0482 disclosure exploit pii

Last synced: 06 Nov 2024

https://github.com/totekuh/shellcrafter

Scripts, tools and code snippets for exploit development/assembly/shellcoding

assembly exploit exploit-development keystone pip python3 shellcode

Last synced: 16 Oct 2024

https://github.com/kube-tarian/kubetak

KubeTaK - Kube Attack. Exploit your K8s cluster and workloads running in it. PenTest K8s. Inspired by the concept of kubesploit by CyberArk and StackHawk.

application-bug application-security bug-fixing exploit kubernetes-attack kubernetes-exploiting penetration-testing pentest pentest-tool pentesting

Last synced: 11 Jan 2025

https://github.com/krishpranav/pyssh

A simple python tool to get ssh password of a target machine when they connect to the pySSH server

exploit pip pip3 python python3 ssh ssh-server

Last synced: 06 Dec 2024

https://github.com/xewdy444/netgrave

A tool for retrieving login credentials from Netwave IP cameras using a memory dump vulnerability (CVE-2018-17240)

camera exploit netwave security vulnerability

Last synced: 18 Oct 2024

https://github.com/Acceis/exploit-CVE-2022-0482

Easy!Appointments < 1.4.3 - Unauthenticated PII (events) disclosure

cve cve-2022-0482 disclosure exploit pii

Last synced: 23 Oct 2024

https://github.com/ebrasha/cve-2024-28000

LiteSpeed Cache Privilege Escalation PoC - CVE-2024-28000

abdal cve-2024-28000 ebrasha exploit litespeed-cache-privilege poc privilege-escalation-poc wordpress

Last synced: 10 Oct 2024

https://github.com/nyawox/nixtendo-switch

NixOS module with useful features for hacked nintendo switch

cve-2018-6242 exploit hekate nintendo-switch nix-flake nixos nixos-module usb

Last synced: 15 Nov 2024

https://github.com/ibnusyawall/find-shell

Find shell backdoor on website

exploit nodejs shell-backdoor

Last synced: 31 Jan 2025

https://github.com/0xtas/cve-2012-2982

An exploit for CVE-2012-2982 implemented in Rust

cve-2012-2982 exploit poc rust tryhackme

Last synced: 11 Jan 2025

https://github.com/synap5e/razor-eop-xiao

Razor installer elevation of privilege trigger + automation with Seeeduino XIAO

circuitpython eop exploit micropython privesc razor

Last synced: 08 Nov 2024

https://github.com/onuratakan/haimgard

Haimgard is an environment for writing, testing and using exploit code.

cybersecurity environment exploit hacking hacktool module modules python3 testing whitehat

Last synced: 01 Jan 2025

https://github.com/jsmoreira02/sar2html_exploit

Exploit the Sar2HTML RCE vulnerability and also perform a Shell Upload on the target

cybersecurity exploit hacking python3 reverse-shell vulnerability web-exploitation

Last synced: 19 Jan 2025

https://github.com/voidsec/virit-explorer-lpe-arbitrary-code-execution

VirIT Explorer v.8.1.68 Local Privilege Escalation (System)/Arbitrary Code Execution

exploit lpe virit-explorer

Last synced: 24 Jan 2025

https://github.com/codeb0ss/cve-2024-1698-poc

Mass Exploit CVE-2024-1698 - Wordpress NotificationX <= 2.8.2 - SQL Injection

codeb0ss codeboss cve-2024 cve-2024-1698 cve-2024-1698-exp cve-2024-1698-poc exploit wordpress

Last synced: 13 Nov 2024

https://github.com/randomrobbiebf/cve-2024-0679

ColorMag <= 3.1.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation

cve-2024-0679 exploit wordpress

Last synced: 21 Jan 2025

https://github.com/lbirchler/sys-call

Linux syscall implementations, calling conventions, and shellcode examples

assembly cli exploit linux shellcode syscalls

Last synced: 01 Feb 2025

https://github.com/whokilleddb/CVE-2019-15107

CVE-2019-15107 Webmin Exploit in C

cve exploit poc vulnerability

Last synced: 23 Oct 2024

https://github.com/kaanaryoverflow/ipfire-2-25-auth-rce

ipfire 2.25 authenticated remote code execution

exploit ipfire rce

Last synced: 05 Feb 2025

https://github.com/retr0kr0dy/malloc-bomb

Presenting the latest Linux bomb exploit: not a fork but a malloc-based threat. Delve into the intricacies of this novel vulnerability.

coding cybersecurity denial-of-service dos exploit forkbomb hacking infosec linux malloc pentesting security system-exploitation vulnerability

Last synced: 23 Dec 2024

https://github.com/whokilleddb/cve-2019-15107

CVE-2019-15107 Webmin Exploit in C

cve exploit poc vulnerability

Last synced: 01 Jan 2025

https://github.com/masasron/chameleondump

Dump RFID tag IDs from ChameleonUltra devices

ble chameleonultra exploit

Last synced: 22 Nov 2024

https://github.com/n3rada/zero-effort

Exploiting CVE-2020-1472 vulnerability (a.k.a Zerologon) without effort.

active-directory cve-2020-1472 evil-winrm exploit impacket-secretsdump windows zerologon

Last synced: 28 Dec 2024

https://github.com/trigii/cve-2023-42860

Exploit for CVE-2023-42860

apple exploit fda macos root sip tcc

Last synced: 30 Jan 2025

https://github.com/tigerclips1/ps4jb_update_downloader_usb

What this script does is auto download ps4JB updates that you choose to your USB automation for linux only

automation exploit firmware guide linux ps4 ps4-jailbreak python python-script python3 tigerclips1

Last synced: 07 Jan 2025

https://github.com/drdataye/drxploit

DrXploit is a powerful and open-source penetration testing and exploitation tool for web applications. This tool is designed to automate the process of discovering and exploiting vulnerabilities, saving time and effort for security researchers.

bugbounty exploit exploit-db hacking hacking-tool hackweb python3 scanning

Last synced: 20 Nov 2024

https://github.com/techgaun/exploit-db-search

Search exploit database

exploit offensive-security shell

Last synced: 19 Dec 2024

https://github.com/m3hu1/speedtyperexploit

speedtyper.dev exploit written in python

exploit

Last synced: 15 Jan 2025

https://github.com/dubniczky/kernel-exploits

Kernel exploits consisting mostly of privilege escalation attacks against core components of Linux distribtions

cve exploit linux linux-exploits linux-kernel

Last synced: 06 Feb 2025

https://github.com/renatoalencar/dlink-dir610-exploits

Exploits for CVE-2020-9376 and CVE-2020-9377

authentication-bypass dlink exploit remote-code-execution

Last synced: 07 Nov 2024

https://github.com/kernelerr/vlc-cve-2008-4654-exploit

An EXP could run on Windows x64 against CVE-2008-4654.

cve exploit out-of-memory vlc vlc-media-player

Last synced: 19 Jan 2025

https://github.com/monke443/cve-2023-40028-ghost-arbitrary-file-read

Arbitrary file read in Ghost-CMS allows an attacker to upload a malicious ZIP file with a symlink.

cve cve-2023-40028 exploit ghost-cms github pentesting security vulnerability

Last synced: 27 Dec 2024

https://github.com/lynk4/cve-2011-2523

Python exploit for vsftpd 2.3.4 - Backdoor Command Execution

cve cve-2011-2523 exploit metasploitable metasploitable-2 metasploitable-3 python vsftpd-exploit

Last synced: 01 Jan 2025

https://github.com/a0zhar/ps4payloadloader

This repository will be maintained by me. Super simple to use! It has everything needed to build Your own MiraLoader or Payload Launcher refrenced in the PS4JB Repo by Sleirsgoevy

c exploit freebsd playstation4 ps4 ps4-jailbreak ps4-payload ps4exploit ps4jb ps4payload

Last synced: 20 Jan 2025

Exploit Awesome Lists
Awesome-Hacking-Resources 261 awesome-hacker-search-engines 510 awesome-vm-exploit 35 bluetoolkit 69 awesome-MLSecOps 186 awesome-cryptocurrency-security 50 awesome-uefi-security 233 awesome-iot-security-resource 204
Exploit Categories
Uncategorized 511 Table of Contents 300 Blogs 189 Vulnerability Writeup 164 Blogs :newspaper: 64 Threat Modeling 62 Install 60 Talks :speaker: 57 Open Source Security Tools 51 Tools :hammer: 35 Repositories 34 Tools 22 Community Resources 22 Bootkits :bomb: 18 Blogs and Publications 18 Firmware 15 Vulnerabilities & Exploits :mag_right: 14 Tool 13 MlSecOps pipeline 12 Hardware Crack 11