Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Exploit
Exploit refers to a piece of code or technique that takes advantage of a security vulnerability in a system, application, or network to cause unintended behavior. Exploits can be used by attackers to gain unauthorized access, escalate privileges, execute arbitrary code, or cause a denial of service. This topic covers the various types of exploits, such as zero-day exploits, remote code execution, and privilege escalation. It also explores the lifecycle of an exploit, from discovery and development to deployment and mitigation, and highlights the importance of vulnerability management and patching in preventing exploits.
- GitHub: https://github.com/topics/exploit
- Wikipedia: https://en.wikipedia.org/wiki/Exploit_(computer_security)
- Created by: The cybersecurity community
- Related Topics: hacking, cybersecurity, penetration-testing, vulnerability-assessment,
- Aliases: exploits, vulnerability-exploit,
- Last updated: 2025-01-31 00:09:52 UTC
- JSON Representation
https://github.com/padsalatushal/cve-2011-2523
Python exploit for vsftpd 2.3.4 - Backdoor Command Execution
cve cve-2011-2523 exploit python security vsftpd-exploit
Last synced: 14 Nov 2024
https://github.com/ljmf00/google-translate-exploit
Google Translate Translation Exploit
exploit exploitation google google-translate google-translate-api poc proof-of-concept
Last synced: 15 Dec 2024
https://github.com/scipag/proxyexe
Launch a Windows EXE file with this EXE file (application filter evasion)
bypass bypass-antivirus bypass-av bypassantivirus bypassing bypassing-avs evasion executable exploit exploitation filter filter-files proxy
Last synced: 05 Jan 2025
https://github.com/alexandre-bartel/cve-2019-12594
This is a PoC for CVE-2019-12594, a vulnerability in DOSBox 0.74-2.
cve dos dosbox exploit poc proof-of-concept vulnerability
Last synced: 01 Dec 2024
https://github.com/demining/twist-attack-2
In this article, we will implement a Twist Attack with an example and show how, using certain points on the secp256k1 elliptic curve, we can get partial private key values and restore a Bitcoin Wallet within 5-15 minutes using “Sagemath pollard rho function: (discrete_log_rho)” and “ Chinese Remainder Theorem” .
attack attacker bitcoin bitcoin-wallet blockchain blockchain-technology cryptocurrency exploit exploiting exploiting-vulnerabilities hack hacking vulnerabilities vulnerability vulnerability-scanners
Last synced: 11 Jan 2025
https://github.com/m3ssap0/springbreakvulnerableapp
WARNING: This is a vulnerable application to test the exploit for the Spring Break vulnerability (CVE-2017-8046). Run it at your own risk!
cve-2017-8046 exploit security security-tools spring-break spring-data-rest vulnerability vulnerability-scanners
Last synced: 13 Nov 2024
https://github.com/0xricksanchez/sploitget
A wrapper script for https://sploitus.com to scrape query results for tools and exploits
ctf exploit exploitation pentest-tool security wrapper-api
Last synced: 15 Nov 2024
https://github.com/coretool/botmap
A nmap & MSF bot
bot exploit metasploit pentest vuln
Last synced: 29 Oct 2024
https://github.com/eqstlab/cve-2024-8353
Proof-of-Concept for CVE-2024-8353
cve exploit php poc proof-of-concept security vulnerability
Last synced: 05 Jan 2025
https://github.com/theori-io/web3-publications
Collection of Web3 Audits and Publications by ChainLight of Theori
blockchain ethereum exploit fuzzing publications security smart-contract web3
Last synced: 14 Dec 2024
https://github.com/voidsec/slae
SecurityTube Linux Assembly Expert x86 Exam
exploit exploitation metasploit pentester shellcode slae voidsec
Last synced: 24 Nov 2024
https://github.com/jdgregson/disclosures
My publically disclosed vulnerability reports.
exploit exploits poc vulnerabilities vulnerability
Last synced: 19 Dec 2024
https://github.com/machine1337/fudransome
Generate FUD Ransomeware For Windows, Linux and MAC OS
antivirus-evasion applehacking cybersecurity encryption evasions exploit hacking linuxransomeware machine1337 malware obfuscation python ransomware windowsransomeware
Last synced: 10 Nov 2024
https://github.com/k8gege/dotnetnukeexploit
MSF moudle DotNetNuke GetShell & execute exploit
0day dotnetnuke exp exploit getshell metasploit msf poc rce
Last synced: 13 Nov 2024
https://github.com/imyelo/padoracle
Padding Oracle Attack with Node.js
aes attack buster cbc exploit oracle pad padding padding-oracle-attacks pkcs7 pkcs7padding ssl tls
Last synced: 14 Oct 2024
https://github.com/kitikod6/roblox-bunni-executor
Bunni is a premier Roblox exploiting platform, renowned for its cutting-edge tools, rapid updates, and robust support. Developed by experienced professionals, it ensures maximum efficiency, security, and a seamless user experience with features like HWID spoofer and extensive script support.
cheats code developer executor exploit free gaming github hacking injector lua modding open-source programming project roblox-bunni-executor script software tools
Last synced: 06 Dec 2024
https://github.com/aqhmal/pulsexploit
Automated script for Pulse Secure SSL VPN exploit (CVE-2019-11510) using hosts retrieved from Shodan API. You must have a Shodan account to use this script.
exploit information-extraction infosec offset pentest-script python3
Last synced: 17 Nov 2024
https://github.com/darkcodersc/freepbx-shell-admin-module
FreePBX PHP Web Shell Admin Module
Last synced: 11 Oct 2024
https://github.com/darkcodersc/yase-encoder
Yet Another Sub Encoder (YASE)
assembly exploit python sub-encoder
Last synced: 11 Oct 2024
https://github.com/makindotcc/cs2-server-crasher-vac-live-v2
cs2 server crasher found by me. already patched on valve ds. posted for educational purposes as tutorial how to beat cheaters
Last synced: 09 Jan 2025
https://github.com/enty8080/tfp0
tfp0 (task for pid 0) is a kernel task port that grants full control over the iOS device's kernel. Access to this port is necessary for developing many types of exploits, including jailbreaks.
cve exploit ios iphone jailbreak macos payload tfp0 vulnerability
Last synced: 26 Jan 2025
https://github.com/mfazrinizar/sqlzr-i
This is a Perl program to do an automated SQL Injection for pentesting web's SQL database protection. Coded by M.Fazri Nizar.
database exploit exploitation pentesting perl sql sql-i
Last synced: 18 Nov 2024
https://github.com/i32-sudo/nmicallbackblocker
Kernel Level NMI Callback Blocker
be blocker bypass callback driver eac exploit hvci hyperguard nmi ntoskrnl patchguard project undetected windows
Last synced: 15 Nov 2024
https://github.com/mrtaheramine/cve-2018-10583
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by "xlink:href=file://192.168.0.2/test.jpg" within an "office:document-content" element in a ".odt XML document".
cve-2018-10583 exploit exploit-db exploit-development py
Last synced: 24 Jan 2025
https://github.com/bitwalls-ops/ihack
A framework built to exploit jailbroken ios devices.
apple exploit framework hacking hacking-framework hacking-tool ios ios-demo ios-hacking ios-hacks iphone jailbreak jailbroken payload-generator payloads script
Last synced: 09 Nov 2024
https://github.com/m3ssap0/gitlab_rce_cve-2022-2884
Exploits GitLab authenticated RCE vulnerability known as CVE-2022-2884.
cve-2022-2884 exploit gitlab security security-tools vulnerability vulnerability-scanners
Last synced: 13 Nov 2024
https://github.com/EliotVU/UnrealScript-Unflect
exploit unreal-engine unrealscript
Last synced: 23 Oct 2024
https://github.com/noraj/openemr-rce
OpenEMR <= 5.0.1 - (Authenticated) Remote Code Execution
cve-2018-15142 exploit openemr openemr-exploit openemr-rce openemr-shell-upload openemr-vulnerability poc proof-of-concept rce remote-code-execution
Last synced: 07 Nov 2024
https://github.com/esonhugh/chatgpt-web-setting-funny-abuse
Play with ChatGPT-Web and found the HTML rendering in description settings. [Add Custom js and html in the XSS payload to enhanced ChatGPT-Web]
chatgpt chatgpt-web demo exploit extension funny
Last synced: 22 Nov 2024
https://github.com/eschan145/dieknow
Bypass of DyKnow, the monitoring software used on school devices to monitor the hell out of them. Use responsibly.
bypass cpp cpu ctypes dll dyknow easy-to-use exploit gui hack performance-optimization proprietary python school school-app unblock win32 windows windows-api
Last synced: 17 Jan 2025
https://github.com/martinclauss/exim-rce-cve-2018-6789
This repository provides a learning environment to understand how an Exim RCE exploit for CVE-2018-6789 works.
binary-exploitation cve docker educational exim exim-exploit exploit exploit-development gdb learning-by-doing pwndbg pwntools rce vagrant
Last synced: 16 Dec 2024
https://github.com/krishpranav/evilkit
A Simple Backdoor ToolKit Using Rust
backdoor client cybersecurity exploit hacking linux macos phishing reverse-shell rust server shell unix windows
Last synced: 15 Oct 2024
https://github.com/mishakorzik/exploitaddr
Find website ips addresses and website ip behind cloudflare.
address api censys censys-search cloudflare domain exploit hacking hacking-tool hacking-tools ip ip-address ipv4 ipv6 linux linux-hacking python python3 termux termux-hacking
Last synced: 19 Nov 2024
https://github.com/z3k0sec/cve-2024-9264-rce-exploit
Grafana RCE exploit (CVE-2024-9264)
cve-2024-9264 duckdb exploit grafana rce shellfs
Last synced: 27 Oct 2024
https://github.com/fortniggtggu/cryptic-executor
Cryptic is a top-tier exploit with a 98% UNC and Level 7 power, making it perfect for unlocking new possibilities in Roblox. Even though it’s new, it's already becoming popular for its smooth performance and exciting features that are easy to use for all players.
api code coding community development development-environment executor exploit game github lua open-source programming project scripting software source studio tool working-executors-roblox
Last synced: 23 Dec 2024
https://github.com/ice-wzl/fuel-1.4.1-rce-updated
exploit exploitation exploits fuel-cms poc rce reverse-shell
Last synced: 15 Dec 2024
https://github.com/uyrib8/roblox-synapse
Roblox Synapse Executor is a top-tier script execution tool for Roblox, valued for its advanced features and stability, enabling seamless Lua scripting for game modifications and customization.
authentication bloxfruit-script bloxfruits-autofarm-script bloxfruits-hack-script executer exploit game gui hack lua nexus-roblox roblox roblox-lua roblox-script roblox-scripts script-hub supported v whitelist
Last synced: 06 Dec 2024
https://github.com/thewhiteh4t/cve-2021-31630
Python script for exploiting command injection in Open PLC Webserver v3
Last synced: 15 Nov 2024
https://github.com/thewhiteh4t/cve-2019-11447
CutePHP Cute News 2.1.2 RCE PoC
cutenews cutephp cve-2019-11447 exploit python rce
Last synced: 15 Nov 2024
https://github.com/d3ext/reflex-gallery-exploit
Reflex Gallery 3.1.3 Arbitrary File Upload to RCE Exploit
2022 awesome ctf exploit hacking hackthebox htb kali kali-linux mrrobot oscp owasp pentesting reflex-gallery vuln wordpress
Last synced: 14 Nov 2024
https://github.com/nerdsinspace/nocom-frontend
The No Comment web application frontend.
angular exploit javascript minecraft
Last synced: 07 Nov 2024
https://github.com/Esonhugh/ChatGPT-Web-Setting-Funny-Abuse
Play with ChatGPT-Web and found the HTML rendering in description settings. [Add Custom js and html in the XSS payload to enhanced ChatGPT-Web]
chatgpt chatgpt-web demo exploit extension funny
Last synced: 05 Nov 2024
https://github.com/giacomoferretti/janus-toolkit
A collection of tools for the Janus exploit [CVE-2017-13156].
android cve-2017-13156 exploit go golang janus janus-poc janus-toolkit python python3
Last synced: 15 Dec 2024
https://github.com/xorond/l0l
An exploit development kit with shellcodes and backdoors for various operating systems
backdoor exploit pwn shellcode
Last synced: 14 Dec 2024
https://github.com/0x00-0x00/cve-2016-10033
PHPMailer < 5.2.18 Remote Code Execution Exploit
2016-10033 cve exploit php phpmailer
Last synced: 22 Nov 2024
https://github.com/hupe1980/gomsf
Golang based RPC client to communicate with Metasploit
exploit golang metasploit meterpreter msf redteam rpc shell
Last synced: 07 Dec 2024
https://github.com/sjord/protravel
Recursively exploit path traversal vulnerability
Last synced: 23 Oct 2024
https://github.com/ibnusyawall/mytools
commandline-interface exploit nodejs npm tools-engineering vulnerability
Last synced: 04 Dec 2024
https://github.com/r3li4nt/ctf-retos
Retos de Captura la bandera (CTF) resueltos en español.
ctf easy escalate-privilages exploit hacking hard kali linux medium pentesting redteam root-me security vulnerability vulnhub wifi
Last synced: 04 Dec 2024
https://github.com/elmerikh/beryl
Payload Dropper with Persistance & Privesc & UAC bypass 🐱👤
avbypass backdoor backdoor-attacks backdoor-dropper cybersecurity cybersecurity-education dropper exploit hacking-tool payload-generator payload-injector python redteaming redteamtool shellcode-injector shellcode-loader uac-bypass windows windowsdefenderbypass
Last synced: 11 Nov 2024
https://github.com/abdullah2993/zong-wifi
exploit hack unlock unlocker vulnerability zong
Last synced: 31 Dec 2024
https://github.com/hansmach1ne/myexploits
Repo for discovered zero day vulnerabilities/exploits
bug-hunting cve exploit vulnerability
Last synced: 21 Nov 2024
https://github.com/xsscx/ios-arm-binaries
UPDATED: All the action is at https://github.com/xsscx/srd
arm development discovery exploit ios vulnerability
Last synced: 08 Jan 2025
https://github.com/voidsec/joomla_cve-2015-8562
A proof of concept for Joomla's CVE-2015-8562 vulnerability (Object Injection RCE)
cve-2015-8562 exploit joomla php rce vulnerability
Last synced: 24 Nov 2024
https://github.com/kuduxaaa/exploits-parser
CVE Exploits Parser from cvedetails.com [ the ultimate security vulnerability datasource ]
cve cve-details-scraper exploit parser
Last synced: 09 Nov 2024
https://github.com/lucabarile/toctou
Exploiting TOCTOU vulnerability using OpLock and Junctions
cve elevation-of-privilege eop exploit junction local-privilege-escalation lpe oplock opportunistic-lock poc pop-a-shell proof-of-concept race-conditions symbolic-link symlink toctou vulnerability
Last synced: 08 Nov 2024
https://github.com/gemesa/shadow-shell
Cyber lab designed for analyzing shellcode, exploring memory exploits and supporting malware analysis
aarch64 amd64 arm64 assembly buffer-overflow exploit exploit-development malware-analysis malware-research memory-exploits reverse-engineering rust shellcode shellcode-development stack-smashing x64 x86-64
Last synced: 08 Nov 2024
https://github.com/n132/dec-safe-linking
A general way to Recover Safe linking protected value/pointer
Last synced: 28 Nov 2024
https://github.com/jamesjara/toolkit-exploit-hacking-seismologic-networks
toolkit for exploiting your own seismological networks
Last synced: 05 Nov 2024
https://github.com/darkcodersc/slae32-polymophism
SLAE32 Assignment N°6 - Create up to three polymorphic version of shellcodes.
exploit polymorphism slae32 slae32-assignments
Last synced: 11 Oct 2024
https://github.com/voidsec/mona-ropshell
For all loaded modules (DLLs), fetch ROP gadgets querying Ropshell DB
corelan exploit exploitation mona rop ropgadget ropshell voidsec
Last synced: 24 Nov 2024
https://github.com/voidsec/tivoli-madness
Advisory for CVE-2020-28054 & stack based buffer overflow in IBM Tivoli Storage Manager
authorization-bypass buffer-overflow exploit ibm jamodat tivoli voidsec
Last synced: 24 Nov 2024
https://github.com/noraj/fuelcms-rce
Fuel CMS 1.4 - Remote Code Execution
cve-2018-16763 exploit fuel-cms poc rce remote-code-execution
Last synced: 07 Nov 2024
https://github.com/0xapt/evil-xmlrpc
evil-xmlrpc is a tool that I created to help me bruteforce Wordpress user accounts using xmlrpc.php while bypassing iThemes Security preventing lockouts
exploit ithemes-security python wordpress
Last synced: 02 Jan 2025
https://github.com/team0se7en/cve-2020-8816
Pi-hole ( <= 4.3.2) authenticated remote code execution.
cve-2020-8811 exploit golang pi-hole privesc rce
Last synced: 10 Oct 2024
https://github.com/crllect/zorro
Frontend-only game and unblock website with a pretty big lib. Only a fun side-project, dont expect daily updates
Last synced: 10 Jan 2025
https://github.com/al1ex/cve-2020-35729
CVE-2020-35729
cve-2020-35729 exploit klogserver
Last synced: 24 Nov 2024
https://github.com/acceis/exploit-cve-2022-24780
iTop < 2.7.6 - (Authenticated) Remote command execution
cve cve-2022-24780 exploit rce ssti
Last synced: 06 Nov 2024
https://github.com/lucabarile/cve-2023-23396
Exploit and report for CVE-2023-23396.
cve-2023-23396 denial-of-service disclosure excel-exploit exploit full-disclosure kb5002356 kb5002362 microsoft-excel office-365 paper poc proof-of-concept report vulnerability vulnerability-disclosure white-paper write-up writeup
Last synced: 31 Dec 2024
https://github.com/teemsploit/situationadmin.lua
A console admin script built for synapseX & Script-Ware may not work on other executors.
admin exploit lua luau rlua roblox roblox-cheat roblox-hack roblox-script robloxlua script-ware synapsex teemsploit
Last synced: 23 Jan 2025
https://github.com/jcs090218/reverse_shell
Reverse shell implementation using Python
exploit microservice reverse-shell vulnerability
Last synced: 04 Jan 2025
https://github.com/sgabe/cve-2019-1476
AppXSvc Arbitrary File Overwrite DoS
dos-attack exploit proof-of-concept vulnerability windows10
Last synced: 14 Dec 2024
https://github.com/mustafadalga/dictionary-attack
Bir hedef web sitesi veya ip adresine giriş için sözlük saldırısı yapan bir script.
cyber-security cyber-threat-intelligence cybersecurity dictionary-attack exploit hackathon hacker hacking hacking-tool hacking-tools python python-3 python-script python3 python3-script web-hackathon web-hacking website-hacking
Last synced: 17 Nov 2024
https://github.com/lucabarile/dll-hijacking
DLL Hijacking using DLL Proxying technique
cve dll-hijacking dll-proxying elevation-of-privilege exploit exported-functions hijacking local-privilege-escalation mingw-w64 poc pop-a-shell privilege-escalation proof-of-concept vulnerability windows-privilege-escalation
Last synced: 31 Dec 2024
https://github.com/alexandre-bartel/cve-2018-20343
PoC for CVE-2018-20343
build-engine cve exploit vulnerability
Last synced: 01 Dec 2024
https://github.com/iosdec/sandbox-escape-poc-ios-13.4.1-and-lower
This is a POC of a sandbox escape by found by Siguza. Works up to iOS 13.4.1.
exploit ios objective-c sandbox-escape
Last synced: 27 Nov 2024
https://github.com/nerdsinspace/nocom-http
The No Comment web application backend.
api exploit java minecraft spring spring-boot
Last synced: 07 Nov 2024
https://github.com/0xnonames/croissanted.py
A Python script exploiting Discord's authorization token.
Last synced: 30 Nov 2024
https://github.com/padsalatushal/cve-2018-16763
Fuel CMS 1.4.1 - Remote Code Execution
cve cve-2018-16763 exploit fuelcms python
Last synced: 14 Jan 2025
https://github.com/x0reaxeax/exec-prot-bypass
Bypassing Linux Executable Space Protection using 20+ years old tools (CVE-2022-25265).
cve-2022-25265 dep-bypass exploit linux noexec
Last synced: 10 Nov 2024
https://github.com/z3n70/CVE-2021-43798
Simple program for exploit grafana
bugbounty cybersecurity exploit grafana pentesting
Last synced: 23 Oct 2024
https://github.com/kardespro/nosqlmap
NoSQLMap CLI Tool is a command-line interface (CLI) tool designed to test for NoSQL injection vulnerabilities using Node.js, TypeScript, and Axios. It supports both HTTP and HTTPS requests and works with all HTTP methods.
exploit mongodb mongodb-database mongoose nosqlmap pentesting scan-tool security security-tools sqlmap
Last synced: 10 Oct 2024
https://github.com/slluxx/windows-reverse-shell
Reverse-shell payloads and scripts
2021 exploit hacking powershell reverse-shell script undetected windows working
Last synced: 11 Jan 2025
https://github.com/cybersecsi/blueborne-dockerized
Repo code for the related post on SecSI Blog: https://secsi.io/blog/blueborne-kill-chain-on-dockerized-android
android aslr aslr-bypass blueborne bluetooth container docker exploit secsi
Last synced: 22 Nov 2024
https://github.com/enty8080/macdirtycow
Example of CVE-2022-46689 aka MacDirtyCow.
cve cve-2022-46689 exploit jailbreak macdirtycow macos
Last synced: 27 Nov 2024
https://github.com/enansari/exploits
I push my simple exploits in this repository
exploit hack kali-linux python
Last synced: 09 Jan 2025
https://github.com/oppsec/zaber
🕵️ Yet another CVE-2019-9670 exploit, but in Golang.
blueteam cve cve-2019-9670 exploit go golang redteam vulnerability zimbra
Last synced: 08 Nov 2024
