Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Exploit
Exploit refers to a piece of code or technique that takes advantage of a security vulnerability in a system, application, or network to cause unintended behavior. Exploits can be used by attackers to gain unauthorized access, escalate privileges, execute arbitrary code, or cause a denial of service. This topic covers the various types of exploits, such as zero-day exploits, remote code execution, and privilege escalation. It also explores the lifecycle of an exploit, from discovery and development to deployment and mitigation, and highlights the importance of vulnerability management and patching in preventing exploits.
- GitHub: https://github.com/topics/exploit
- Wikipedia: https://en.wikipedia.org/wiki/Exploit_(computer_security)
- Created by: The cybersecurity community
- Related Topics: hacking, cybersecurity, penetration-testing, vulnerability-assessment,
- Aliases: exploits, vulnerability-exploit,
- Last updated: 2025-01-31 00:09:52 UTC
- JSON Representation
https://github.com/sgabe/cve-2019-1476
AppXSvc Arbitrary File Overwrite DoS
dos-attack exploit proof-of-concept vulnerability windows10
Last synced: 14 Dec 2024
https://github.com/alexandre-bartel/cve-2018-20343
PoC for CVE-2018-20343
build-engine cve exploit vulnerability
Last synced: 01 Dec 2024
https://github.com/lucabarile/dll-hijacking
DLL Hijacking using DLL Proxying technique
cve dll-hijacking dll-proxying elevation-of-privilege exploit exported-functions hijacking local-privilege-escalation mingw-w64 poc pop-a-shell privilege-escalation proof-of-concept vulnerability windows-privilege-escalation
Last synced: 31 Dec 2024
https://github.com/0xmachos/cve-2019-8561
Proof of concept exploit for CVE-2019-8561 discovered by @jbradley89
exploit macos poc proof-of-concept
Last synced: 22 Nov 2024
https://github.com/fear2o/shellkill
an advanced python-based web shell uploader
bypass-shell bypass-waf cli cybersecurity exploit hacking payload penetration-testing python python-tool python3 rce rce-exploit security security-tool web-shell web-shell-upload
Last synced: 26 Jan 2025
https://github.com/scipag/browserrecon-asp
Advanced Web Browser Fingerprinting
browser exploit exploitation fingerprint fingerprinting security-vulnerability vulnerability vulnerability-detection vulnerability-identification vulnerability-scanners
Last synced: 05 Jan 2025
https://github.com/sebastian-mora/cve-2020-27358-27359
CVE-2020-27358 and CVE-2020-27359
cve cve-2020-27358 cve-2020-27359 exploit
Last synced: 23 Oct 2024
https://github.com/krishpranav/autosploit
A simple ruby tool to automate metasploit modules
bash exploit exploiter metasploit metasploit-modules msfs ruby shell
Last synced: 15 Oct 2024
https://github.com/samkg/flush-reload-sidechannel
A demonstration of a sidechannel vulnerability that exploits cache timings using Flush Reload to communicate information over a covert channel
covert-channel exploit intel linux
Last synced: 21 Jan 2025
https://github.com/vexontop-py/vanishraider
Vanish raid tool - easy server nuke with no efforts!
discord discord-account-generator discord-banner discord-exploit discord-py discord-raid-tool discord-raider discord-token-generator exploit mass-dm mass-mention mass-report py ratelimit-bypass spammer
Last synced: 12 Oct 2024
https://github.com/dreadl0ck/osx-root-installer
OSX ElCapitan Privilege Escalation Proof Of Concept
exploit osx osx-security security
Last synced: 06 Nov 2024
https://github.com/0xbitx/dedsec_malware_dropper
linux based super-stealthy Dropper, that can create a fully undetected linux malware executable.
custom-payload dropper exploit fud fud-backdoor linux-tool malware rat undetectable-malware
Last synced: 14 Jan 2025
https://github.com/demining/bitcoin-lightning-wallet-vulnerability
How to find a private key in binary code from Bitcoin Lightning Wallet Vulnerability in Quasar Framework
bitcoin bitcoin-wallet blockchain exploit hack hacking metasploit metasploit-framework privatekey vulnerability vulnerable
Last synced: 22 Jan 2025
https://github.com/b2r2-org/poe
PoE (Proof-of-Exploit) is a language designed specifically for writing an exploit.
ctf exploit fsharp hacking poe programming-language
Last synced: 31 Dec 2024
https://github.com/loneicewolf/vulnserver-bof
My approach to the VulnServer BOF (Windows 10 - SYSTEM gained)
exploit loneicewolf oscp oscp-prep oscp-tools vulnserver william-martens
Last synced: 06 Nov 2024
https://github.com/mauricelambert/cve-2021-31166
CVE-2021-31166: exploitation with Powershell, Python, Ruby, NMAP and Metasploit.
bluescreen crash cve cve-2021-31166 denial-of-service dos exploit iis metasploit microsoft nmap payload powershell python3 ruby vulnerability webserver
Last synced: 14 Nov 2024
https://github.com/cokebeer/logi
Logi is a LDAP/MySQL server focusing on pingback deserialize recon and exploit.
commons-beanutils custom cve-2020-14644 deserialize exploit gadget go java jdbc jndi ldap log4j mysql probe server wordlist
Last synced: 24 Nov 2024
https://github.com/codeb0ss/cve-2023-0255-poc
Mass Exploit - CVE-2023-0255 < WordPress < Enable Media+Plugin < Unauthenticated Arbitrary File Upload / Webshell Upload
codeb0ss codeboss cve-2023-0225-exp cve-2023-0225-exploit cve-2023-0225-poc exploit wordpress
Last synced: 12 Jan 2025
https://github.com/z3n70/CVE-2021-41277
simple program for exploit metabase
bugbounty cybersecurity exploit metabase ruby
Last synced: 23 Oct 2024
https://github.com/FOGSEC/routersploit
The Router Exploitation Framework
802-11 controller exploit exploitation-framework framework network-analysis network-security python router scanner scanning switch wifi wifi-security wpa wpa2 wps
Last synced: 04 Nov 2024
https://github.com/siddhant385/flask-phishing
PHISHING FRAMEWORK BUILT OVER FLASK AND COULD BE DEPLOYED OVER WEB TO SHOW THE RISKS OF PHISHING OVER THE WEB WITH PASSWORD FETCH OVER TELEGRAM
brute-force exploit flask flask-login flask-phishing flask-web instagram iplogger ngrok phishing phishing-attacks phishing-kit phishing-page phishing-script phishing-tool portforward web zphisher
Last synced: 16 Nov 2024
https://github.com/undacmic/heartbleed-proof-of-concept
Proof of concept for exploiting the Heartbeat Extension bug detailed in the CVE-2014-0160. :old_key: :unlock:
cve-2014-0160 exploit heartbeat heartbleed proof-of-concept tls vulnerability
Last synced: 31 Dec 2024
https://github.com/mython-dev/mythical-payload
Payload Creator for Operating Systems and Programming Language
android bash exploit hacker hacking hacking-tool hacking-tools kalil linux metasploit metasploit-framework payload payload-generator payloads programming python script ubuntu widnows
Last synced: 22 Nov 2024
https://github.com/randomrobbiebf/cve-2024-22145
InstaWP Connect <= 0.1.0.8 - Missing Authorization to Arbitrary Options Update (Subscriber+)
cve-2024-22145 exploit instawp-connect wordpress
Last synced: 21 Jan 2025
https://github.com/nguyenmg/roblox-synapse
Roblox Synapse Executor is a top-tier script execution tool for Roblox, valued for its advanced features and stability, enabling seamless Lua scripting for game modifications and customization.
bloxfruit-script bloxfruits-autofarm-script bloxfruits-hack-script bloxfruits-script exploit gui lua roblox roblox-lua roblox-script roblox-scripts roblox-synapse robloxscript robloxscripts
Last synced: 23 Dec 2024
https://github.com/chaitanyarahalkar/spectre-poc
Proof of Concept - Spectre
c exploit meltdown poc proof-of-concept spectre
Last synced: 17 Dec 2024
https://github.com/baum1810/anonxss
this is a xss exploit for the popular filehoster anonfiles its been around for some while but i have edit it a bit
anofiles anonfiles-xss api baum1810 ethical-hacking ethical-hacking-tools exploit flask flask-server grabber ip ipgrabber python replit requests xss
Last synced: 17 Dec 2024
https://github.com/codeb0ss/webshell_executor
Advanced Software To Scan Webshells With The Best Features - For SEO Webshells/SEO Companies.
0day china codeb0ss codeboss cve exploit high-da lufix olux rce-exploit shell shell-exploit webshell webshell-backdoor webshell-detect webshell-exploit wso xleet
Last synced: 12 Jan 2025
https://github.com/siddhant385/karavas
A remote acess tool without port forwarding. An Evil Os implementation for windows
byob evilosx evilwindows exploit flask fud fud-rat karavas payload payload-generator post-exploitation python3 rat remote-access-tool remote-access-trojan reverse-shell simple
Last synced: 16 Nov 2024
https://github.com/passort/uac-bypass-fud
UAC bypass, Elevate, Persistence methods
administrator-privileges bypass-uac dll-hijacking exploit fodhelperbypass fud hacking uac-bypass uacme user-account-control windows
Last synced: 21 Jan 2025
https://github.com/xewdy444/netgrave
A tool for retrieving login credentials from Netwave IP cameras using a memory dump vulnerability (CVE-2018-17240)
camera exploit netwave security vulnerability
Last synced: 18 Oct 2024
https://github.com/jsmoreira02/sar2html_exploit
Exploit the Sar2HTML RCE vulnerability and also perform a Shell Upload on the target
cybersecurity exploit hacking python3 reverse-shell vulnerability web-exploitation
Last synced: 19 Jan 2025
https://github.com/krishpranav/pyssh
A simple python tool to get ssh password of a target machine when they connect to the pySSH server
exploit pip pip3 python python3 ssh ssh-server
Last synced: 06 Dec 2024
https://github.com/edoardottt/edoardottt
Hey! I'm edoardottt! 🏴☠️👹
coding computer-science computing cybersecurity edoardottt exploit hacking internet linux mathematics open-source operating-system osint reconnaissance science security security-tools security-toolset technology university
Last synced: 11 Oct 2024
https://github.com/paulveillard/cybersecurity-exploits
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Software Exploits in Cybersecurity.
Last synced: 07 Dec 2024
https://github.com/hyeonjun17/cve-2022-2590-analysis
Dirty COW restricted to shmem in linux kernel
1-day analysis cve-2022-2590 dirty-cow exploit linux linux-kernel memory-management race-condition security shared-memory userfaultfd vulnerability
Last synced: 12 Oct 2024
https://github.com/nyawox/nixtendo-switch
NixOS module with useful features for hacked nintendo switch
cve-2018-6242 exploit hekate nintendo-switch nix-flake nixos nixos-module usb
Last synced: 15 Nov 2024
https://github.com/0xtas/cve-2012-2982
An exploit for CVE-2012-2982 implemented in Rust
cve-2012-2982 exploit poc rust tryhackme
Last synced: 11 Jan 2025
https://github.com/hupe1980/gopherfy
Tool to generate gopher links for exploiting SSRF
exploit fastcgi gopher http mysql postgresql smtp ssrf
Last synced: 20 Dec 2024
https://github.com/kube-tarian/kubetak
KubeTaK - Kube Attack. Exploit your K8s cluster and workloads running in it. PenTest K8s. Inspired by the concept of kubesploit by CyberArk and StackHawk.
application-bug application-security bug-fixing exploit kubernetes-attack kubernetes-exploiting penetration-testing pentest pentest-tool pentesting
Last synced: 11 Jan 2025
https://github.com/demining/defi-attacks
DeFi Attacks & Exploits all the biggest cryptocurrency thefts from 2021 to 2022
attack attacks attacks-threats-vulnerabilites bitcoin bitcoin-wallet blockchain defi defichain ethereum exploit exploits
Last synced: 12 Nov 2024
https://github.com/Acceis/exploit-CVE-2022-0482
Easy!Appointments < 1.4.3 - Unauthenticated PII (events) disclosure
cve cve-2022-0482 disclosure exploit pii
Last synced: 23 Oct 2024
https://github.com/totekuh/shellcrafter
Scripts, tools and code snippets for exploit development/assembly/shellcoding
assembly exploit exploit-development keystone pip python3 shellcode
Last synced: 16 Oct 2024
https://github.com/al1ex/cve-2021-3317
CVE-2021-3317
cve-2021-3317 exploit klogserver
Last synced: 24 Nov 2024
https://github.com/onuratakan/haimgard
Haimgard is an environment for writing, testing and using exploit code.
cybersecurity environment exploit hacking hacktool module modules python3 testing whitehat
Last synced: 01 Jan 2025
https://github.com/acceis/exploit-cve-2022-0482
Easy!Appointments < 1.4.3 - Unauthenticated PII (events) disclosure
cve cve-2022-0482 disclosure exploit pii
Last synced: 06 Nov 2024
https://github.com/voidsec/virit-explorer-lpe-arbitrary-code-execution
VirIT Explorer v.8.1.68 Local Privilege Escalation (System)/Arbitrary Code Execution
Last synced: 24 Jan 2025
https://github.com/lucadibello/weaponizedping
🔫 A weaponized ping implementation that includes concealed data in the packet payload.
exploit icmp-tunnel ping pinger python3
Last synced: 11 Nov 2024
https://github.com/francescodisalesgithub/simpleviruswriting
An example of basic virus writing in C
c exploit fallocate fork-bomb hacking hide-messages kernel linux passwords shadowfile timebomb virus-writing
Last synced: 29 Nov 2024
https://github.com/synap5e/razor-eop-xiao
Razor installer elevation of privilege trigger + automation with Seeeduino XIAO
circuitpython eop exploit micropython privesc razor
Last synced: 08 Nov 2024
https://github.com/mykhis/discord-image-logger-stealer
Ephemeral discourse is embodied by the likes of Messenger Sessions, the digital portraits of Accounts, and the enigmatic Token
cve cve-2021-44228 cve-scanning exploit exploit-code exploit-database exploit-development exploit-exercises exploit-kit exploitation exploitation-framework slient-doc-exploit slient-exploit slient-exploit-builder slient-hta-exploit slient-jpg-exploit slient-pdf-exploit slient-png-exploit slient-url-exploit
Last synced: 28 Jan 2025
https://github.com/danucosukosuko/rfsrcexploit
Un nuevo exploit de ChatGPT o una alternativa a D.A.N. Las siglas de RFSR son RE.FU.SE.R. Que se salta la política de OpenAI.
Last synced: 25 Jan 2025
https://github.com/ebrasha/cve-2024-28000
LiteSpeed Cache Privilege Escalation PoC - CVE-2024-28000
abdal cve-2024-28000 ebrasha exploit litespeed-cache-privilege poc privilege-escalation-poc wordpress
Last synced: 10 Oct 2024
https://github.com/eee-n/scratch-commenter-plus
A tool for posting comments on scratch.mit.edu! created by iw131, Scratch Hacks
bookmarklet edge-extension exploit exploitation extension extension-chrome extensions firefox-extension safari-extension scratch scratch-extension scratch-implementation scratch3
Last synced: 25 Jan 2025
https://github.com/mrcl0wnlab/nuclei-template-exploit-f5-big-ip-icontrol-rest-auth-bypass-rce-command-parameter
CVE-2022-1388 is an authentication bypass vulnerability in the REST component of BIG-IP’s iControl API that was assigned a CVSSv3 score of 9.8. The iControl REST API is used for the management and configuration of BIG-IP devices. CVE-2022-1388 could be exploited by an unauthenticated attacker with network access to the management port or self IP addresses of devices that use BIG-IP. Exploitation would allow the attacker to execute arbitrary system commands, create and delete files and disable services.
bigip bigip-rest-api cve-2022-1388 exploit f5-bigip nuclei nuclei-templates
Last synced: 05 Dec 2024
https://github.com/fssay/dall-e
Free DALL-E text-to-image generator using exploit in a third-party service
ai dall-e dalle exploit rust-lang tauri text-to-image
Last synced: 07 Dec 2024
https://github.com/m3ssap0/wordpress_cve-2018-6389
Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service.
cve-2018-6389 exploit security security-tools vulnerability vulnerability-scanners wordpress
Last synced: 12 Jan 2025
https://github.com/m3hu1/speedtyperexploit
speedtyper.dev exploit written in python
Last synced: 15 Jan 2025
https://github.com/x86-512/vxpp
A VFGadget finder script to facilitate Counterfeit Object-Oriented Programming (COOP) and Loop-Oriented Programming (LOP) attacks to bypass advanced security protections like CET and CFG.
binary-exploitation buffer-overflow code-reuse control-flow-guard control-flow-integrity coop exploit exploit-development intel-cet lop rop rop-gadgets ropgadget security-bypass uaf use-after-free
Last synced: 11 Nov 2024
https://github.com/kernelerr/vlc-cve-2008-4654-exploit
An EXP could run on Windows x64 against CVE-2008-4654.
cve exploit out-of-memory vlc vlc-media-player
Last synced: 19 Jan 2025
https://github.com/codeb0ss/cve-2024-1698-poc
Mass Exploit CVE-2024-1698 - Wordpress NotificationX <= 2.8.2 - SQL Injection
codeb0ss codeboss cve-2024 cve-2024-1698 cve-2024-1698-exp cve-2024-1698-poc exploit wordpress
Last synced: 13 Nov 2024
https://github.com/codeb0ss/cve-2024-29824-poc
Mass Exploit - CVE-2024-29824 - Ivanti EPM - Remote Code Execution (RCE)
codeb0ss cve cve-2024-29824 cve-2024-29824-exp cve-2024-29824-exploit cve-2024-29824-poc exploit ivanti ivanti-rce rce remote-code-execution uncodeboss
Last synced: 13 Nov 2024
https://github.com/renatoalencar/dlink-dir610-exploits
Exploits for CVE-2020-9376 and CVE-2020-9377
authentication-bypass dlink exploit remote-code-execution
Last synced: 07 Nov 2024
https://github.com/tigerclips1/ps4jb_update_downloader_usb
What this script does is auto download ps4JB updates that you choose to your USB automation for linux only
automation exploit firmware guide linux ps4 ps4-jailbreak python python-script python3 tigerclips1
Last synced: 07 Jan 2025
https://github.com/alwalxed/juicyurls
A CLI tool to scan suspicious URLs by keywords, extensions, paths and hidden files.
automation bugbounty cli cybersecurity detection exploit golang malware open-source osint penetration-testing projectdiscovery recon reconnaissance scanner scanning security urlscan vulnerabilities
Last synced: 15 Nov 2024
https://github.com/piotrbania/apple_exploit_talos-2016-0088
apple exploit TALOS-2016-0088
apple exploit hacking macos null-pointer-dereferences
Last synced: 21 Jan 2025
https://github.com/piotrbania/smb2_exploit_release_ms09-050
smb2 remote exploit for MS09-050
exploit exploitation hacking samba smb2 windows
Last synced: 21 Jan 2025
https://github.com/drdataye/drxploit
DrXploit is a powerful and open-source penetration testing and exploitation tool for web applications. This tool is designed to automate the process of discovering and exploiting vulnerabilities, saving time and effort for security researchers.
bugbounty exploit exploit-db hacking hacking-tool hackweb python3 scanning
Last synced: 20 Nov 2024
https://github.com/examplest/uac-bypass-fud
UAC bypass, Elevate, Persistence methods
administrator-privileges bypass-uac dll-hijacking exploit fodhelperbypass fud hacking uac-bypass uacme user-account-control windows
Last synced: 08 Dec 2024
https://github.com/randomrobbiebf/cve-2023-0630
CVE-2023-0630 - Slimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection
cve-2023-0630 exploit wordpress wordpress-plugin
Last synced: 21 Jan 2025
https://github.com/randomrobbiebf/cve-2024-0679
ColorMag <= 3.1.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation
cve-2024-0679 exploit wordpress
Last synced: 21 Jan 2025
https://github.com/krishpranav/exploitdb
Golang tool to search exploits from exploitdb
database db ethical exploit exploitation exploitdb go golang hacking information license mit mongodb open-source osint sqlite
Last synced: 06 Dec 2024
https://github.com/masasron/chameleondump
Dump RFID tag IDs from ChameleonUltra devices
Last synced: 22 Nov 2024
https://github.com/lucabarile/zdi-can-16857
Exploit and report for CVE-2023-32163
0-day 0day bugbounty cve-2023-32163 disclosure elevation-of-privilege exploit local-privilege-escalation logical-vulnerability lpe poc privilege-escalation proof-of-concept vulnerability wacom wacom-driver wacom-vulnerability write-up writeups zdi-can-16857
Last synced: 31 Dec 2024
https://github.com/eqstlab/cve-2024-48914
PoC for CVE-2024-48914
cve exploit poc proof-of-concept security typescript vulnerability
Last synced: 02 Dec 2024
https://github.com/n3rada/zero-effort
Exploiting CVE-2020-1472 vulnerability (a.k.a Zerologon) without effort.
active-directory cve-2020-1472 evil-winrm exploit impacket-secretsdump windows zerologon
Last synced: 28 Dec 2024
https://github.com/ytisf/snmplicity
the Swiss Army Knife of the SNMP world, but, it's coded in Python, not made of stainless steel!
cisco code-execution exploit redteam-tools redteaming snmp
Last synced: 12 Dec 2024
https://github.com/retr0kr0dy/malloc-bomb
Presenting the latest Linux bomb exploit: not a fork but a malloc-based threat. Delve into the intricacies of this novel vulnerability.
coding cybersecurity denial-of-service dos exploit forkbomb hacking infosec linux malloc pentesting security system-exploitation vulnerability
Last synced: 23 Dec 2024
https://github.com/miguelzacca/afs
Redirection of sensitive form data to a remote server. Self-XSS
cheat dom-manipulation dommanipulation exploit google-hacking googlehacking hacking javascript js json ngrok node nodejs self-xss server vulnerability xss xss-injection
Last synced: 23 Dec 2024
https://github.com/whokilleddb/cve-2019-15107
CVE-2019-15107 Webmin Exploit in C
Last synced: 01 Jan 2025
https://github.com/5amu/pocbrowser
Scrape websites to find PoCs for CVEs
crystal crystal-lang cve cybersecurity exploit pentesting proof-of-concept scraping security-tool security-tools vulnerability-assessment
Last synced: 13 Dec 2024
https://github.com/techgaun/exploit-db-search
Search exploit database
exploit offensive-security shell
Last synced: 19 Dec 2024
https://github.com/r-teamdev/rcheat-injector
exploit game-haking injector lua rcheat-injector roblox roblox-lua roblox-script scripts
Last synced: 14 Oct 2024
https://github.com/lynk4/cve-2011-2523
Python exploit for vsftpd 2.3.4 - Backdoor Command Execution
cve cve-2011-2523 exploit metasploitable metasploitable-2 metasploitable-3 python vsftpd-exploit
Last synced: 01 Jan 2025
https://github.com/p1ckzi/cve-2022-35513
CVE-2022-35513 | blink1-pass-decrypt
blink1-pass-decrypt blink1control2 cve cve-2022-35513 exploit
Last synced: 30 Jan 2025
https://github.com/p1ckzi/CVE-2012-5519
cups-root-file-read.sh | CVE-2012-5519
cups-root-file-read cve cve-2012-5519 cves exploit hacking pentesting-tools
Last synced: 23 Oct 2024
https://github.com/sarperavci/exploitme
A collection of containerized security vulnerabilities including privilege escalation CVEs and SUID exploits for hands-on penetration testing practice.
ctf cybersecurity docker exploit penetration-testing privilege-escalation security security-training suid vagrant vulnerable
Last synced: 17 Jan 2025
https://github.com/whokilleddb/CVE-2019-15107
CVE-2019-15107 Webmin Exploit in C
Last synced: 23 Oct 2024