Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Exploit

Exploit refers to a piece of code or technique that takes advantage of a security vulnerability in a system, application, or network to cause unintended behavior. Exploits can be used by attackers to gain unauthorized access, escalate privileges, execute arbitrary code, or cause a denial of service. This topic covers the various types of exploits, such as zero-day exploits, remote code execution, and privilege escalation. It also explores the lifecycle of an exploit, from discovery and development to deployment and mitigation, and highlights the importance of vulnerability management and patching in preventing exploits.

https://github.com/sleepytariq/php-8.1.0-dev-backdoor-rce

PHP 8.1.0-dev User-Agentt Backdoor Exploit

exploit php python3

Last synced: 21 May 2026

https://github.com/a0zhar/ps4payloadloader

This repository will be maintained by me. Super simple to use! It has everything needed to build Your own MiraLoader or Payload Launcher refrenced in the PS4JB Repo by Sleirsgoevy

c exploit freebsd playstation4 ps4 ps4-jailbreak ps4-payload ps4exploit ps4jb ps4payload

Last synced: 22 May 2026

https://github.com/mrxiaom/banclickwhenusingitem

Minecraft Trident dupe bug fixer | 修复网络包状态不同步导致刷三叉戟漏洞

bugfix duplicate-detection exploit minecraft paper-plugin trident

Last synced: 18 Feb 2026

https://github.com/kernelerr/vlc-cve-2008-4654-exploit

An EXP could run on Windows x64 against CVE-2008-4654.

cve exploit out-of-memory vlc vlc-media-player

Last synced: 16 May 2026

https://github.com/gill-singh-a/docker-api-remote-root-shell-exploit

A Simple Python Program that uses Docker Module to communicate with Docker API and gets a Remote Root Shell on the Target Device

docker exploit python ssh

Last synced: 03 Feb 2026

https://github.com/lynk4/cve-2011-2523

Python exploit for vsftpd 2.3.4 - Backdoor Command Execution

cve cve-2011-2523 exploit metasploitable metasploitable-2 metasploitable-3 python vsftpd-exploit

Last synced: 24 Apr 2026

https://github.com/ashtondavies/lomoh

Disable admin-forced extensions on managed Chromebooks using the locked mode feature

chromebook chromeos exploit hack unblock

Last synced: 16 May 2025

https://github.com/franckferman/cauchemar-apprendre_le_pwn

Référentiel exhaustif pour acquérir une compréhension approfondie des fondamentaux de l'exploitation de binaires. Fruit d'une démarche analytique rigoureuse, ce guide offre une pédagogie structurée, avec explications détaillées et exemples concrets, pour maîtriser pas à pas l'exploitation de binaires.

apprendre apprendre-les-bases apprendre-pwn binary-exploitation exploit exploit-development exploitation francais francaise france gdb heap-overflow learning pwn pwn-college pwn-course-practice pwndbg pwning reverse-engineering stack-overflow

Last synced: 19 Jan 2026

https://github.com/codeb0ss/cve-2024-1698-poc

Mass Exploit CVE-2024-1698 - Wordpress NotificationX <= 2.8.2 - SQL Injection

codeb0ss codeboss cve-2024 cve-2024-1698 cve-2024-1698-exp cve-2024-1698-poc exploit wordpress

Last synced: 03 May 2025

https://github.com/drdataye/drxploit

DrXploit is a powerful and open-source penetration testing and exploitation tool for web applications. This tool is designed to automate the process of discovering and exploiting vulnerabilities, saving time and effort for security researchers.

bugbounty exploit exploit-db hacking hacking-tool hackweb python3 scanning

Last synced: 08 Jul 2025

https://github.com/hackingyseguridad/CVE-2021-4034

CVE-2021-4034, exploit para escalado de privilegios en SO Linux a root

cve elevar exploit linux privilegios root vuln

Last synced: 10 Mar 2025

https://github.com/whokilleddb/CVE-2019-15107

CVE-2019-15107 Webmin Exploit in C

cve exploit poc vulnerability

Last synced: 10 Mar 2025

https://github.com/lololosys/exploitation_notes

This repository contain common exploitation primites for various platforms

exploit security-research

Last synced: 07 Jan 2026

https://github.com/trigii/cve-2023-42860

Exploit for CVE-2023-42860

apple exploit fda macos root sip tcc

Last synced: 01 Feb 2026

https://github.com/evantesecond/zoom-in-cloaker

when zoomed in to at least 150%, the overlapping content disappears. this is useful for cloaking content

cloak cloaker cloakers cloaking cloaks exploit game games school

Last synced: 25 Mar 2025

https://github.com/p1ckzi/cve-2022-35513

CVE-2022-35513 | blink1-pass-decrypt

blink1-pass-decrypt blink1control2 cve cve-2022-35513 exploit

Last synced: 25 Mar 2025

https://github.com/sarperavci/exploitme

A collection of containerized security vulnerabilities including privilege escalation CVEs and SUID exploits for hands-on penetration testing practice.

ctf cybersecurity docker exploit penetration-testing privilege-escalation security security-training suid vagrant vulnerable

Last synced: 08 Jul 2025

https://github.com/m3hu1/speedtyperexploit

speedtyper.dev exploit written in python

exploit

Last synced: 07 Oct 2025

https://github.com/ytisf/snmplicity

the Swiss Army Knife of the SNMP world, but, it's coded in Python, not made of stainless steel!

cisco code-execution exploit redteam-tools redteaming snmp

Last synced: 15 Oct 2025

https://github.com/kaanaryoverflow/ipfire-2-25-auth-rce

ipfire 2.25 authenticated remote code execution

exploit ipfire rce

Last synced: 19 Oct 2025

https://github.com/hunthubspace/cve-2024-3105-poc

A PoC Exploit for CVE-2024-3105 - The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress Remote Code Execution (RCE)

bugbounty cve cve-2024-3105 ethical-hacking exploit penetration-testing web

Last synced: 28 Jan 2026

https://gitlab.com/whoatemybutter/letterbomb

✉💣 LetterBomb: A fork of the classic Wii hacking tool from fail0verflow

exploit fail0verflow letterbomb python wii

Last synced: 15 Mar 2026

https://github.com/arpsyndicate/cnnvd-scores

适用于 CNNVD 的 VEDAS 分数聚合器

cnnvd exploit exploit-maturity vedas vulnerability

Last synced: 30 Jan 2026

https://github.com/arpsyndicate/euvd-scores

VEDAS Score Aggregator for EUVDs

euvd exploit exploit-maturity vedas vulnerability

Last synced: 25 Feb 2026

https://github.com/jenderal92/git-dump

This script is a tool to recursively download the contents of the '.git' directory from a website. Using Python and libraries like 'requests' and 'BeautifulSoup', this script examines the directory structure, downloads files, and identifies SHA-1 hashes within Git files.

exploit git git-download git-dumper git-dumper-python git-exposed git-vulnerability python python-git-dumper vulnerability vulnerability-git

Last synced: 09 Feb 2026

https://github.com/9dl/websploit

Advanced reconnaissance tool for identifying web vulnerabilities through crowd-sourced data collection

cybersecurity exploit poc proof-of-concept vulnerable

Last synced: 20 Mar 2026

https://github.com/sum-catnip/foundry-rnghax

foundryvtt admin authentication bypass POC exploit

authentication-bypass exploit foundry-vtt poc security

Last synced: 03 Apr 2026

https://github.com/3qnrpdwd/juststone

[ JustStoneTransferProtocol&Backdoor ] This project stems from my interest in protocols and security, leading to the creation of a small backdoor and a proprietary protocol.

api backdoor eternalblue exploit protocol rust secure security socket socket-io

Last synced: 25 Apr 2026

https://github.com/xerosic/leidenfrost

Local privilege escalation on Windows by abusing CMSTP to bypass User Access Control (UAC)

exploit lpe privilege-escalation uac uac-bypass windows

Last synced: 27 Apr 2026

https://github.com/dubniczky/kernel-exploits

Kernel exploits consisting mostly of privilege escalation attacks against core components of Linux distribtions

cve exploit linux linux-exploits linux-kernel

Last synced: 27 Apr 2026

https://github.com/unicordev/exploit-cve-2025-29927

Exploit for CVE-2025-29927 (Next.js) - Authorization Bypass

authorization bypass exploit middleware nextjs python python3

Last synced: 29 Apr 2026

https://github.com/kaisen-bot/pwnkit-helper

🚀 Enhance your penetration testing with PwnKit Helper, a simple tool for exploiting the CVE-2021-4034 vulnerability in pkexec for local privilege escalation.

bash ctf ctfs cve-2021-4034 debian ethical-hacking ethical-hacking-tools exploit hack hacking-tools hacks hackthebox linux privilege-escalation pwnkit python tryhackme ubuntu

Last synced: 04 May 2026

https://github.com/0x00-0x00/cve-2015-3224

Modification of Metasploit module for RCE in Ruby-On-Rails Console CVE-2015-3224

console cve exploit rails ruby

Last synced: 08 May 2026

https://github.com/m3ssap0/wordpress_cve-2018-6389

Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service.

cve-2018-6389 exploit security security-tools vulnerability vulnerability-scanners wordpress

Last synced: 08 May 2026

https://github.com/threadlinee/metadata-extractor

Metadata Extractor Scans images for any hidden code behind it.

educational educational-purposes exploit github hacking-tool image lua python safe spyware-blocking useful viral

Last synced: 09 May 2026

https://github.com/p1ckzi/nanocmshell

authenticated remote code execution via shell upload.

exploit file-upload nanocms nanocmshell php php-reverse-shell rce

Last synced: 10 May 2026

https://github.com/unai-d/lliurex-epoptes-exploit

Single Python file that exploits a LliureX's Epoptes vulnerability in order to gain access to any computer.

exploit lliurex vulnerability

Last synced: 12 Jun 2026

https://github.com/mauricelambert/cve-2021-42013

These Nmap, Python and Ruby scripts detects and exploits CVE-2021-42013 with RCE and local file disclosure.

cve cve-2021-42013 detection exploit metasploit nmap python3 rce ruby scanner vulnerability

Last synced: 07 May 2026

https://github.com/codingchili/cve-2020-14368

Interactive RCE exploit demo for Eclipse CHE

eclipse-che exploit proof-of-concept vulnerability

Last synced: 21 Jan 2026

https://github.com/rf-peixoto/rogue

Python RCE & AV Evasion Dropper

dropper exploit malware pentest redteam

Last synced: 08 Oct 2025

https://github.com/anshvaid4/follinatest

Reference of code has been taken from https://github.com/JohnHammond/msdt-follina/blob/main/follina.py. I have given the explanation of the code and made the code a bit simplified.

cve exploit follina

Last synced: 27 Mar 2025

https://github.com/s1lkys/cve-2021-40101

Survey XSS combined with CSRF leads to Admin Account Takeover in Concrete5 8.5.4

concrete5 cve-2021-40101 exploit xss

Last synced: 06 Jan 2026

https://github.com/nxroot/natxploit

Take control of other devices using Reverse NAT Traversal

bypass exploit hacking hacking-tool payload-generator remote-access reverse-shell

Last synced: 26 Jan 2026

https://github.com/chikof/discord-opera

OperaGX really messed up with this one

discord discord-opera educational exploit opera

Last synced: 31 Mar 2025

https://github.com/pandh4cker/pandagik

Image Magick Exploit for CVE-2016–3714

exploit imagemagick python3 rce

Last synced: 28 May 2026

https://github.com/waived/cve-2024-3393

PAN-OS: Firewall Denial-of-Service exploit via malicious DNS query

cve-2024-3393 denial-of-service dns-attack exploit palo-alto-networks pan-os proof-of-concept python3

Last synced: 13 Jul 2025

https://github.com/fahmifj/php-8.1.0-dev-zerodium-rce

A script that leverages 'zerodium' backdoor in PHP 8.1.0-dev via User-Agent.

ctf exploit php php-810-dev

Last synced: 12 Mar 2026

https://github.com/mar-ket-vector/metamorpheus

A metamorphic shellcode obfuscator capable of generating more unique shellcodes than there are atoms in the OBSERVABLE UNIVERSE and designed for shellcodes/implants that need to run in W^X memory.

av-evasion backdoor c2 code-mutation exploit implant metamorphic obfuscator polymorphic shellcode

Last synced: 13 May 2025

https://github.com/caenjones/codespaces-desktop

Web-based operating system running in Github Codespaces!

bypass codespaces exploit github kasmvnc proxy

Last synced: 29 Apr 2025

https://github.com/natthasath/cms-detect-exploit-cmseek

CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs

cms detect exploit joomla wordpress

Last synced: 13 May 2026

https://github.com/mauricelambert/pywcgishell

This package implement a WebShell for CGI and WSGI server.

cgi-script exploit pypi-package python3 web-attacks webshell wsgi-server

Last synced: 08 Jun 2026

https://github.com/devvyyxyz/devvyys-scripts

Roblox exploit scripts by Devvyyxyz

exploit roblox-cheat roblox-executor roblox-hack script

Last synced: 04 Apr 2025

https://github.com/zebbern/exploitdb-extracter

📥 | Extracts and saves dorks in various formats for analysis. Fetches all dorks from Exploit-DB/google-hacking-database!

automation bugbounty cross-platform database developer exploit exploitdb extractor google google-hacking google-hacking-database hacker hacking osint pentesting python python3 script

Last synced: 20 Apr 2026

https://123tool.github.io/Awesome-Hacker-Search-Engines/

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

awesome awesome-list awesome-lists awesome-readme cyber cyber-security dns exploit hacker hacking hacking-tool hacking-tools osint osint-tool osint-tools tool tools

Last synced: 02 Mar 2026

https://github.com/shamo0/CVE-2022-1388

BIG-IP iControl REST vulnerability CVE-2022-1388 PoC

1388 2022 bash bigip cve cve-2022-1388 exploit f5 icontrol python rest script shell vulnerabilit

Last synced: 10 Mar 2025

https://github.com/l0nax/CVE-2019-15053

(FAB-2019-00156) Vulnerability discoverd by me CVE-2019-15053

cve cve-2019-15053 exploit poc proof-of-concept vulnerability

Last synced: 10 Mar 2025

https://github.com/dubniczky/remote-keylogger

A compiled keylogger written in python with logging to a remote host

exploit hack keylogger python server

Last synced: 31 Mar 2025

https://github.com/momenbasel/naggets

old CTF I've made sharing it publicly.

ctf ctf-challenges ctf-platform ctf-playground cve exploit nagios

Last synced: 03 Aug 2025

https://github.com/z1ph1us/milksad-mnemonic-generator

This tool generates BIP-39 mnemonic phrases derived from Unix timestamps, exploring the 'Milk Sad' vulnerability's implications (CVE-2023-39910)

bip39 bitcoin bitcoin-wallet blockchain bx cryptocurrency cryptography cve-2023-39910 entropy exploit milk-sad mnemonic-generator multi-language security-tool seed-phrase unix-timestamp vulnerability wallet-security

Last synced: 12 Mar 2026

https://github.com/whokilleddb/CVE-2019-17662

Exploit for CVE-2019-17662 (ThinVNC 1.0b1)

cve cve-2019-17662 exploit poc thinvnc

Last synced: 10 Mar 2025

https://github.com/SherlockSec/CVE-2020-0601

A Windows Crypto Exploit

cve cve-2020-0601 exploit windows

Last synced: 10 Mar 2025

https://github.com/mauricelambert/cve-2021-41773

These Metasploit, Nmap, Python and Ruby scripts detects and exploits CVE-2021-41773 with RCE and local file disclosure.

cve cve-2021-41773 detection exploit metasploit nmap python3 rce ruby scanner vulnerability

Last synced: 12 May 2026

https://github.com/faisalfs10x/Cisco-CVE-2020-3452-shodan-scanner

simple bash script of CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability checker

cve-2020-3452 exploit poc shodan-dorks

Last synced: 10 May 2025

https://github.com/ramona-flower/discord-video-quest-skipper

This script allows you to make video playback on Discord almost instant by speeding up the playback rate by over 19x faster. Ideal for those who want to skip through videos quickly without wasting time, this script ensures your Discord video quests are completed almost immediately!

betterdiscord discord exploit glitch javascript js quest script vencord

Last synced: 24 Mar 2025

https://github.com/faisalfs10x/F5-BIG-IP-CVE-2020-5902-shodan-scanner

simple bash script of F5 BIG-IP TMUI Vulnerability CVE-2020-5902 checker

bigip cve-2020-5902 exploit poc

Last synced: 10 May 2025

https://github.com/qyfashae/memfd_create_2023_exploit

EDUCATIONAL PURPOSES ONLY! Linux/x64 reverse TCP shell exploit via ELF memory processing

exploit linux-exploits python3 shellcode zero-day

Last synced: 04 May 2026

https://github.com/mtgsoftworks/apce

PowerShell Code Execution Builder Fully UnDetectable (FUD) Exploit

exploit fud-crypter powershell python3

Last synced: 21 Apr 2026

https://github.com/dubniczky/prototype-pollution

JavaScript Prototype Pollution Attack demo against a NodeJS Express server using Lodash

demo exploit javascript lodash prototype-pollution security yarn-berry

Last synced: 30 Apr 2026

Exploit Awesome Lists
Awesome-Hacking-Resources 291 awesome-hacker-search-engines 564 bluetoolkit 67 awesome-mcp-security 119 awesome-vm-escape 47 awesome-MLSecOps 190 awesome-uefi-security 233 awesome-cryptocurrency-security 50 awesome-iot-security-resource 204
Exploit Categories
Uncategorized 698 Table of Contents 385 Threat Modeling 317 Vulnerability Writeup 271 Blogs 213 TODO List 85 Blogs :newspaper: 83 Cloud Infrastructure 63 MlSecOps pipeline 63 Talks :speaker: 60 Open Source Security Tools 54 📕 Articles, X threads and Blog Posts 52 CI/CD & DevOps Pipelines 43 Qemu 39 Tools :hammer: 38 Install 36 Repositories 34 Firmware 26 🧑‍🚀 Tools and code 25 Community Resources 23