Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Exploit
Exploit refers to a piece of code or technique that takes advantage of a security vulnerability in a system, application, or network to cause unintended behavior. Exploits can be used by attackers to gain unauthorized access, escalate privileges, execute arbitrary code, or cause a denial of service. This topic covers the various types of exploits, such as zero-day exploits, remote code execution, and privilege escalation. It also explores the lifecycle of an exploit, from discovery and development to deployment and mitigation, and highlights the importance of vulnerability management and patching in preventing exploits.
- GitHub: https://github.com/topics/exploit
- Wikipedia: https://en.wikipedia.org/wiki/Exploit_(computer_security)
- Created by: The cybersecurity community
- Related Topics: hacking, cybersecurity, penetration-testing, vulnerability-assessment,
- Aliases: exploits, vulnerability-exploit,
- Last updated: 2025-01-27 00:10:00 UTC
- JSON Representation
https://github.com/n3m1sys/CVE-2023-22809-sudoedit-privesc
A script to automate privilege escalation with CVE-2023-22809 vulnerability
cve cve-2023-22809 exploit privesc script sudo sudoedit vulnerability
Last synced: 02 Jan 2025
https://github.com/hook-s3c/blueborne-scanner
Bluetooth scanner for local devices that may be vulnerable to Blueborne exploit
ble blueborne bluetooth bluetooth-low-energy exploit python scanner
Last synced: 14 Dec 2024
https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc
A script to automate privilege escalation with CVE-2023-22809 vulnerability
cve cve-2023-22809 exploit privesc script sudo sudoedit vulnerability
Last synced: 25 Oct 2024
https://github.com/mgeeky/exploit-development-tools
A bunch of my exploit development helper tools, collected in one place.
Last synced: 29 Oct 2024
https://github.com/ajayrandhawa/cryptolocker
CryptoLocker is open source files encrypt-er. Crypto is developed in Visual C++. It has features encrypt all file, lock down the system and send keys back to the server. Multi-threaded functionality helps to this tool make encryption faster.
blackcat crypto exploit exploit-development hacking-tools ransomware ransomware-detection wannacry
Last synced: 22 Jan 2025
https://github.com/dracula-hack/c-hacks
All social Media hacking with information gathering
exploit facebook-cracker hacking information-gathering ip-lookup phishing termux virus-creator whatsapp whatsapp-web
Last synced: 26 Dec 2024
https://github.com/bishopfox/pwn-pulse
Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
cve exploit infosec penetration-testing pentest-scripts pentesting red-team security-tools
Last synced: 16 Nov 2024
https://github.com/bcoles/local-exploits
Various local exploits
exploit linux local local-exploits root
Last synced: 29 Oct 2024
https://github.com/tijme/amd-ryzen-master-driver-v17-exploit
Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
adversary-simulation beacon bof cobalt-strike cve-2020-12928 exploit kernel red-teaming
Last synced: 10 Nov 2024
https://github.com/cr4sh/uefi_boot_script_expl
CHIPSEC module that exploits UEFI boot script table vulnerability
dma exploit firmware intel smm uefi vulnerability
Last synced: 23 Nov 2024
https://github.com/hugsy/pwn--
pwn++ is a Windows & Linux library oriented for exploit dev but mostly used to play with modern C++ features (17->26)
backdoor cpp cpp20 ctf exploit linux-exploits modern-cpp pwn windows-exploits
Last synced: 27 Jan 2025
https://github.com/dobin/yookiterm-slides
Exploitation and Mitigation Slides
buffer-overflow exploit exploitation slides
Last synced: 23 Jan 2025
https://github.com/hook-s3c/cve-2018-11776-python-poc
Working Python test and PoC for CVE-2018-11776, includes Docker lab
cve-2018-11776 exploit java poc struts2
Last synced: 03 Dec 2024
https://github.com/tuxsh/universal-otherapp
Userland -> Kernel11 -> Arm9 otherapp for 3DS system versions 1.0 to <= 11.15
Last synced: 29 Nov 2024
https://github.com/bo0om/safiler
Safari local file reader
exploit macos safari vulnerability
Last synced: 14 Nov 2024
https://github.com/r3li4nt/articulos
Artículos relacionados a la Ciberseguridad y Hacking.
android auditorias ciberseguridad cracking criptografia esteganografia exploit hacking linux malware mitm pentesting programacion redes seguridad tools vulnerabilidades web windows wireless
Last synced: 27 Jan 2025
https://github.com/Patrowl/PatrowlHearsData
Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds
cpe cve cve-scanning cwe exploit vulnerabilities vulnerability-identification
Last synced: 18 Jan 2025
https://github.com/forrest-orr/exploits
A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.
asm browser c cve cve-2019-17026 cve-2020-0674 exploit firefox ie ionmonkey js jscript ms12-037 ms13-008 ms14-051 poc shellcode uaf windows wpad
Last synced: 16 Oct 2024
https://github.com/yardenshafir/CVE-2020-1034
PoC demonstrating the use of cve-2020-1034 for privilege escalation
cve exploit poc privilege-escalation vulnerability windows
Last synced: 21 Nov 2024
https://github.com/yardenshafir/cve-2020-1034
PoC demonstrating the use of cve-2020-1034 for privilege escalation
cve exploit poc privilege-escalation vulnerability windows
Last synced: 16 Nov 2024
https://github.com/riz-ve/xeno
Xeno: An external script executor for Roblox made entirely in C++. It uses a working but detected method of overwriting the bytecode of a corescript to manage script execution
cpp cpp-httplib csharp executors-for-roblox exploit exploit-development httplib learning-resources lua luau roblox roblox-executer visual-studio xxhash zstd
Last synced: 21 Jan 2025
https://github.com/ignis-sec/cve-2023-38831-rarce
An easy to install and easy to run tool for generating exploit payloads for CVE-2023-38831, WinRAR RCE before versions 6.23
archive exploit exploit-development rce security winrar
Last synced: 13 Nov 2024
https://github.com/tijme/cmstplua-uac-bypass
Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.
beacon bof cobalt-strike exploit red-teaming uac-bypass
Last synced: 10 Nov 2024
https://github.com/pcaversaccio/malleable-signatures
This repository implements a simplified PoC that demonstrates how signature malleability attacks using compact signatures can be executed.
ecdsa eip2098 exploit malleability signature-malleability
Last synced: 20 Jan 2025
https://github.com/p0dalirius/cve-2022-36446-webmin-software-package-updates-rce
A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997.
cve-2022-36446 exploit package rce software update webmin
Last synced: 30 Dec 2024
https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell
Webmin <=1.984, CVE-2022-0824 Post-Auth Reverse Shell PoC
cve exploit proof-of-concept vulnerability
Last synced: 21 Nov 2024
https://github.com/garyodernichts/bluubomb
Exploits the Wii U's bluetooth stack to gain IOSU kernel access via bluetooth
bluetooth exploit hacking wiiu
Last synced: 24 Nov 2024
https://github.com/spicesouls/reosploit
A Tool that Finds, Enumerates, and Exploits Reolink Cameras.
camera cybersecurity enumerates enumeration exploit exploitation exploits forthebadge hack hacking hacking-tool ip-camera ip-cameras photo python reolink reolink-api reolink-client security tool
Last synced: 31 Oct 2024
https://github.com/tweedge/springcore-0day-en
Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.
0day deserialization-vulnerability exploit java spring4shell springcore
Last synced: 05 Nov 2024
https://github.com/oxagast/ansvif
A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.
exploit fuzz-testing fuzzer fuzzing pentesting quality-control vulnerability
Last synced: 11 Jan 2025
https://github.com/k8gege/cve-2019-0604
cve-2019-0604 SharePoint RCE exploit
cve-2019-0604 exp exploit hacking k8cscan pentest sharepoint
Last synced: 13 Nov 2024
https://github.com/chainski/forceadmin
Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
autoit3 autoit3-script batchfile blueteam-tools exploit forceadmin hacking hta malware payload pentesting post-exploitation powershell powershell-payload privilege-escalation redteam-tools uac windows windows-exploitation
Last synced: 21 Jan 2025
https://github.com/elmerikh/keres
Persistent Powershell backdoor tool {😈}
backdoor-attacks bypass-antivirus exploit payload-generator payload-injector powershell-payload powershell-script red-team-tools reverse-shell
Last synced: 11 Oct 2024
https://github.com/maxkrivich/slowloris
Asynchronous Python implementation of SlowLoris DoS attack
apache cyber-security cybersecurity denial-of-service dos dos-tool exploit hacker-scripts hacking hacking-tool information-security python3 security slow-requests slowloris vulnerability
Last synced: 22 Jan 2025
https://github.com/htrgouvea/spellbook
Framework for rapid development of offensive security tools
bugbounty ctf exploit framework offensive-security pentest perl security security-tools
Last synced: 30 Dec 2024
https://github.com/oranav/i9300_emmc_toolbox
Samsung Galaxy S3 GT-I9300 eMMC toolbox
Last synced: 16 Oct 2024
https://github.com/wizardforcel/sploitfun-linux-x86-exp-tut-zh
:book: [译] SploitFun Linux x86 Exploit 开发系列教程
exploit linux sploit-fun tutorial
Last synced: 12 Nov 2024
https://github.com/jbaines-r7/badblood
SonicWall SMA-100 Unauth RCE Exploit (CVE-2021-20038)
Last synced: 21 Nov 2024
https://github.com/Chainski/ForceAdmin
Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
autoit3 autoit3-script batchfile blueteam-tools exploit forceadmin hacking hta malware payload pentesting post-exploitation powershell powershell-payload privilege-escalation redteam-tools uac windows windows-exploitation
Last synced: 13 Nov 2024
https://github.com/kljunowsky/CVE-2022-41040-POC
CVE-2022-41040 - Server Side Request Forgery (SSRF) in Microsoft Exchange Server
bug-bounty bugbounty cve-2022-41040 exploit hacking microsoft microsoft-exchange poc proof-of-concept security ssrf
Last synced: 21 Nov 2024
https://github.com/lofiCafe/PoC-Bank
Focus on cybersecurity | collection of PoC and Exploits
Last synced: 18 Nov 2024
https://github.com/nollium/cve-2024-9264
Exploit for Grafana arbitrary file-read and RCE (CVE-2024-9264)
authenticated cve cve-2024-9264 exploit file-read-vulnerability grafana poc rce rce-exploit security vulnerability
Last synced: 21 Jan 2025
https://github.com/aigptcode/wordpress-auto-admin-account-and-reverse-shell-cve-2024-27956
WordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries
android backdoor backdoors cve exploit hack hacking html nuclei nuclei-templates php ransomware rce reverse-shell shell website windows wordpress wordpress-plugin
Last synced: 25 Nov 2024
https://github.com/assetnote/jira-mobile-ssrf-exploit
Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135)
cve-2022-26135 exploit jira ssrf
Last synced: 10 Nov 2024
https://github.com/wuhan005/CVE-2022-30781
🍵 Gitea repository migration remote command execution exploit.
cve cve-2022-30781 exploit gitea
Last synced: 23 Oct 2024
https://github.com/wuhan005/cve-2022-30781
🍵 Gitea repository migration remote command execution exploit.
cve cve-2022-30781 exploit gitea
Last synced: 29 Dec 2024
https://github.com/udit-thakkur/AdvancedKeyHacks
API Key/Token Exploitation Made easy.
apikey bugbounty bugbounty-tool exploit hacking-tool infosec pentesters
Last synced: 21 Nov 2024
https://github.com/hakankokcu/birdy-roblox-place-explorer
Basically i tried to recreate DEX
dex exploit lua roblox roblox-hack roblox-lua roblox-script
Last synced: 08 Jan 2025
https://github.com/k2/admmutate
Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I hope nobody uses signatures for anything (virus / malware scanners included).
exploit penetration-testing polymorphic shellcode
Last synced: 16 Oct 2024
https://github.com/Nickguitar/YAPS
Yet Another PHP Shell - The most complete PHP reverse shell
backdoor bugbounty ctf-tools cve-2021-4034 exploit hacking netcat netcat-reverse penetration-testing pentest pentest-script pentest-tool pentesting php rat reverse-shell reverse-tcp web-shell webhacking
Last synced: 21 Nov 2024
https://github.com/tijme/kernel-mii
Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.
beacon bof cobalt-strike cve-2021-21551 exploit kernel red-teaming
Last synced: 10 Nov 2024
https://github.com/vuldb/cyber_threat_intelligence
Cyber Threat Intelligence Data, Indicators, and Analysis
cti cyber-threat-intelligence cyber-threats exploit indicator-of-compromise indicators-of-compromise ioa ioc malware threat-intelligence
Last synced: 26 Jan 2025
https://github.com/p0dalirius/cve-2021-43008-adminerread
Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability
adminer bugbounty cve cve-2021-43008 exploit file hacking pentest read tool vulnerability
Last synced: 30 Dec 2024
https://github.com/scmanjarrez/CVEScannerV2
Nmap script that scans for probable vulnerabilities based on services discovered in open ports.
exploit exploit-db metasploit nmap nmap-scan nmap-scan-script nmap-script nmap-scripts nse nsescript penetration-testing security security-audit security-scanner vulnerability vulnerability-databases vulnerability-detection vulnerability-identification vulnerability-scanners vulnerability-scanning
Last synced: 21 Nov 2024
https://github.com/flyfishsec/rsgen
rsGen is a Reverse Shell Payload Generator for hacking.
anonymous-reverse-shell exploit hack-tool pentesting pentesting-tools red-team-tools reverse-shell reverse-shell-generator tcp-tunnel vulnerability
Last synced: 20 Nov 2024
https://github.com/i32-sudo/pdfwkrnlmapper
An Unsigned Driver Mapper for Windows 10 22H2 -> Windows 11 23H2 that uses PdFwKrnl to exploit the Read/Write IOCTL Calls to disable DSE & PG to map the unsigned driver.
battleye be disable driver dse eac exploit gdrv latest load loader loading map mapper mapping pdfwkrnl sys undetected unsigned
Last synced: 15 Jan 2025
https://github.com/acceis/exploit-cve-2023-23752
Joomla! < 4.2.8 - Unauthenticated information disclosure
cve cve-2023-23752 exploit information-disclosure joomla vulnerability
Last synced: 06 Nov 2024
https://github.com/jflyup/goMS17-010
Simple program for detecting if host(s) are vulnerable to SMB exploit(MS17-010)
android exploit go ms17-010 python ransomware wannacry
Last synced: 21 Nov 2024
https://github.com/OpenL2D/moc3ingbird
MOC3ingbird Exploit for Live2D (CVE-2023-27566)
exploit live2d live2d-cubism live2d-cubism-sdk moc3 security-vulnerability
Last synced: 05 Nov 2024
https://github.com/billythegoat356/rage
Rage allows you to execute any file in a Microsoft Office document.
excel exploit inject macros microsoft microsoft-macros microsoft-office powerpoint word
Last synced: 10 Nov 2024
https://github.com/davidbuchanan314/fusee-nano
A minimalist re-implementation of the Fusée Gelée exploit, designed to run on embedded Linux devices. (Zero dependencies)
cve-2018-6242 embedded-linux exploit linux nintendo-switch usb
Last synced: 22 Jan 2025
https://github.com/ronin-rb/ronin-exploits
A Ruby micro-framework for writing and running exploits
ctf-tools exploit exploit-development exploitation-framework hacking-tools hacktoberfest infosec ruby security security-tools
Last synced: 24 Nov 2024
https://github.com/cyberxml/log4j-poc
A Docker based LDAP RCE exploit demo for CVE-2021-44228 Log4Shell
cve-2021-44228 exploit log4j log4shell poc
Last synced: 08 Nov 2024
https://github.com/mufeedvh/cve-2019-8449
CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
cve cve-2019-8449 cve-exploit exploit exploit-code exploit-database exploitdb exploiting-vulnerabilities exploits jira jira-api jira-issue jira-rest-api vulnerability
Last synced: 22 Oct 2024
https://github.com/jamesmoriarty/gohack
Experimental Go language CSGO exploit.
cheat csgo csgo-cheat dll dll-injection exploit external game-hacking go golang hazedumper kernel32-dll reverse-engineering user32-dll
Last synced: 28 Oct 2024
https://github.com/noraj/umbraco-rce
Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution
exploit poc proof-of-concept rce remote-code-execution umbraco umbraco-cms umbraco-v7 umbraco7
Last synced: 07 Nov 2024
https://github.com/luijait/pwnkit-exploit
Proof of Concept (PoC) CVE-2021-4034
base64 c cve cve-2021-4034 exploit hacking linux offensive-security offsec pentesting poc polkit proof-of-concept pwnkit security
Last synced: 07 Nov 2024
https://github.com/sec-tools/litefuzz
A multi-platform fuzzer for poking at userland binaries, network clients and servers
exploit fuzzing fuzzing-framework security vulnerability
Last synced: 09 Nov 2024
https://github.com/luijait/PwnKit-Exploit
Proof of Concept (PoC) CVE-2021-4034
base64 c cve cve-2021-4034 exploit hacking linux offensive-security offsec pentesting poc polkit proof-of-concept pwnkit security
Last synced: 23 Oct 2024
https://github.com/chocapikk/cve-2023-22515
CVE-2023-22515: Confluence Broken Access Control Exploit
broken-access-control confluence cve-2023-22515 exploit infosec privilege-escalation security vulnerability
Last synced: 12 Dec 2024
https://github.com/cr4sh/aptiocalypsis
Arbitrary SMM code execution exploit for industry-wide 0day vulnerability in AMI Aptio based firmwares
0day ami exploit firmware intel smm uefi vulnerability
Last synced: 23 Nov 2024
https://github.com/OracleNep/Nday-Exploit-Plan
历史漏洞的细节以及利用方法汇总收集
cve-2021 cve-2022 cve-2023 cve-2024 exploit security vulnerability
Last synced: 02 Jan 2025
https://github.com/aziz0x48/xsmtp
xSMTP 🦟 Lightning fast, multithreaded smtp scanner targeting open-relay and unsecured servers in multiple network ranges.
bot crawler exploit exploit-scanner multithreading networking pentest-tool pentesting pentesting-tools portscan portscanner python python-exploits scanner-web security security-tools smtp smtp-cracker
Last synced: 16 Dec 2024
https://github.com/venerasf/Venera
A modular exploitation framework extensible with Lua
exploit lua pentest pentest-tool qa-automation scanner security security-tools testing venera
Last synced: 18 Jan 2025
https://github.com/radenvodka/pentol
PENTOL - Pentester Toolkit for Fiddler2
bugbounty exploit exploiting-vulnerabilities fiddler-extension fiddler2 kitploit pentest-tool pentesting security security-tools tools
Last synced: 17 Nov 2024
https://github.com/mgeeky/hevd_kernel_exploit
Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.
education exploit kernel windows
Last synced: 29 Oct 2024
https://github.com/JoelGMSec/Thunderstorm
Modular framework to exploit UPS devices
exploit rce rce-exploit rce-scanner ups
Last synced: 21 Nov 2024
https://github.com/joelgmsec/thunderstorm
Modular framework to exploit UPS devices
exploit rce rce-exploit rce-scanner ups
Last synced: 18 Nov 2024
https://github.com/getdrive/PoC
PoC. Severity critical.
citrix cve-2023-1671 cve-2023-22515 cve-2023-23333 cve-2023-26469 cve-2023-27350 cve-2023-28121 cve-2023-2868 cve-2023-28771 cve-2023-34124 cve-2023-34960 cve-2023-3519 cve-2023-35885 cve-2023-38646 cve-2023-40044 cve-2023-4596 exploit ivanti poc sonicwall
Last synced: 18 Jan 2025
https://github.com/chocapikk/cve-2023-6553
Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution
cve cve-2023-6553 cybersecurity exploit hacking infosec php python rce security security-research vulnerability wordpress
Last synced: 12 Dec 2024
https://github.com/Cr4sh/Aptiocalypsis
Arbitrary SMM code execution exploit for industry-wide 0day vulnerability in AMI Aptio based firmwares
0day ami exploit firmware intel smm uefi vulnerability
Last synced: 18 Nov 2024
https://github.com/Aditya-dom/moonwalk-back
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
exploit linux security testing
Last synced: 06 Nov 2024
