Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Exploit
Exploit refers to a piece of code or technique that takes advantage of a security vulnerability in a system, application, or network to cause unintended behavior. Exploits can be used by attackers to gain unauthorized access, escalate privileges, execute arbitrary code, or cause a denial of service. This topic covers the various types of exploits, such as zero-day exploits, remote code execution, and privilege escalation. It also explores the lifecycle of an exploit, from discovery and development to deployment and mitigation, and highlights the importance of vulnerability management and patching in preventing exploits.
- GitHub: https://github.com/topics/exploit
- Wikipedia: https://en.wikipedia.org/wiki/Exploit_(computer_security)
- Created by: The cybersecurity community
- Related Topics: hacking, cybersecurity, penetration-testing, vulnerability-assessment,
- Aliases: exploits, vulnerability-exploit,
- Last updated: 2025-01-29 00:10:03 UTC
- JSON Representation
https://github.com/krisnova/hack
Kubernetes security and vulnerability tools and utilities.
exploit hack kubernetes research security tools vector vulnerability
Last synced: 30 Dec 2024
https://github.com/adrianbzg/twitter-follow-exploit
Automated Twitter mass account creation and follow using Selenium and Tor VPN
exploit mass-account-creation open-source twitter twitter-account-creation twitter-automation twitter-followers
Last synced: 17 Nov 2024
https://github.com/preco21/destiny-macros
A collection of Destiny 2 macros built with AutoHotKey
ahk autohotkey automation destiny2 exploit game macro wtf
Last synced: 06 Jan 2025
https://github.com/r3k1ng/xattacker
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
auto-exploiter drupal exploit exploitation hacking hacking-tool joomla lokomedia pentest prestashop scanner security-scanner security-tools vulnerability-assessment vulnerability-detection vulnerability-exploit vulnerability-scanner website-vulnerability-scanner wordpress wp-scanner
Last synced: 10 Oct 2024
https://github.com/k2/scripting
PS / Bash / Python / Other scripts For FUN!
bash binary-analysis detection dfir exploit incident-response integrity-assurance integrity-monitoring malware-detection memory memory-hacking powershell powershell-scripts python visualization volatility volatility-framework volatility-plugins
Last synced: 08 Nov 2024
https://github.com/gosecure/break-fast-serial
A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
exploit java security serialization tool vulnerability
Last synced: 05 Nov 2024
https://github.com/moloch--/cve-2016-1764
Extraction of iMessage Data via XSS
cve exploit imessage security vulnerability xss
Last synced: 08 Nov 2024
https://github.com/ForceFledgling/CVE-2023-22518
Improper Authorization Vulnerability in Confluence Data Center and Server + bonus 🔥
atlassian atlassian-confluence attack backdoor confluence critical cve exploit exploiting hacking hacking-tool improper python shell vulnerabilities vulnerability
Last synced: 11 Nov 2024
https://github.com/jpiechowka/jenkins-cve-2016-0792
Exploit for Jenkins serialization vulnerability - CVE-2016-0792
cve cve-2016-0792 deserialization exploit jenkins-serialization-vulnerability python serialization vulnerability vulnerability-detection
Last synced: 21 Nov 2024
https://github.com/mariuszskon/autorop
Automated solver of classic CTF pwn challenges, with flexibility in mind.
capture-the-flag ctf exploit hacktoberfest linux pwnable pwntools rop wargame
Last synced: 23 Oct 2024
https://github.com/hexhive/evocatio
bug-capability exploit fuzzing patch-testing program-analysis sanitizer security severity
Last synced: 12 Nov 2024
https://github.com/x64dbg/x64dbgpylib
Port of windbglib to x64dbgpy, in an effort to support mona.py in x64dbg.
development exploit mona python x64dbg
Last synced: 26 Oct 2024
https://github.com/gquere/cve-2020-7931
Hacking Artifactory with server side template injection
artifactory cve-2020-7931 exploit hacking pentest rce
Last synced: 11 Nov 2024
https://github.com/gquere/CVE-2020-7931
Hacking Artifactory with server side template injection
artifactory cve-2020-7931 exploit hacking pentest rce
Last synced: 21 Nov 2024
https://github.com/jamesmoriarty/gomem
A Go library for manipulating Windows processes.
dll dll-injection exploit external go golang hack kernel32 kernel32-dll reverse-engineering security windows
Last synced: 07 Nov 2024
https://github.com/k2/languagebackdoors
Compiler exploits and exploitable non-obvious source code back doors.
attack backdoor compiler exploit undefined-behavior
Last synced: 19 Dec 2024
https://github.com/cokebeer/pyyso
pyyso is a Python package that generate java serialized poc. Including CommonsCollections1-7, JDK7u21, JDK8u20, ldap for jndi, shiro-550, CommonsBeanutils1 no cc, JRMPClient, high version JDK Bypass, Fake MySQL for JDBC attack
exploit gadget java jdbc jdk7u21 jdk8u20 jndi jrmp ldap mysql poc python rmi serialization shiro
Last synced: 02 Dec 2024
https://github.com/k8gege/kaliladon
Ladon for Linux (Kali), Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password
bruteforce detection exploit hacking hacking-tool kali ladon ms17010 pentest-tool poc portscanner scanner security-tools
Last synced: 12 Jan 2025
https://github.com/kljunowsky/CVE-2022-42889-text4shell
Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.
apache bug-bounty bug-bounty-hunting bugbounty bugbounty-tool commons-text cve-2022-42889 exploit oneliner security security-tools
Last synced: 21 Nov 2024
https://github.com/ihack4falafel/subrosa
Basic tool to automate backdooring PE files
backdoor backdooring backdoorpython exploit exploit-development exploitation osce shellcoding
Last synced: 21 Nov 2024
https://github.com/vah13/SAP_vulnerabilities
DoS PoC's for SAP products
buffer-overflow denial-of-service exploit hacking hana overflow rce sap vulnerability
Last synced: 21 Nov 2024
https://github.com/k8gege/KaliLadon
Ladon for Linux (Kali), Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password
bruteforce detection exploit hacking hacking-tool kali ladon ms17010 pentest-tool poc portscanner scanner security-tools
Last synced: 21 Nov 2024
https://github.com/flast101/php-8.1.0-dev-backdoor-rce
PHP 8.1.0-dev Backdoor System Shell Script
backdoor code code-injection exploit exploit-development pentest pentest-tool php-810-dev php8 php810-dev python python3 rce remote-code-execution security shell shell-script shell-scripts user-agent user-agentt
Last synced: 16 Oct 2024
https://github.com/hook-s3c/cve-2018-18852
CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.
0day cerio cve-2018-18852 exploit rce router
Last synced: 14 Dec 2024
https://github.com/hook-s3c/cve-2019-0708-poc
proof of concept exploit for Microsoft Windows 7 and Server 2008 RDP vulnerability
cve-2019-0708 exploit rdp windows
Last synced: 14 Dec 2024
https://github.com/cr4sh/secretnet_expl
LPE exploits for Secret Net and Secret Net Studio
0day crapware driver exploit fakeav idiots kernel lpe russian-imbiciles security vulnerability windows
Last synced: 23 Nov 2024
https://github.com/p0dalirius/remotemouse-3.008-exploit
This exploit allows to connect to the remote RemoteMouse 3.008 service to virtually press arbitrary keys and execute code on the machine.
exploit pentest remote-control remotemouse
Last synced: 30 Dec 2024
https://github.com/agustingianni/memrepl
Memory inspection REPL interface
debug debugger engineering exploit exploitation frida hacking memory re repl reverse vulndev
Last synced: 07 Dec 2024
https://github.com/p0dalirius/cve-2022-45771-pwndoc-lfi-to-rce
Pwndoc local file inclusion to remote code execution of Node.js code on the server
cve-2022-45771 exploit pwndoc rce
Last synced: 30 Dec 2024
https://github.com/davidbuchanan314/wampage
WAMpage - A WebOS root LPE exploit chain (CVE-2022-23731)
arm cve-2022-23731 exploit javascript lg-webos lg-webos-tv lpe python v8 webos webos-tv
Last synced: 07 Nov 2024
https://github.com/S1lkys/CVE-2020-15906
Writeup of CVE-2020-15906
cve cve-2020-15906 exploit exploitation
Last synced: 21 Nov 2024
https://github.com/hwvs/invoke-gptobfuscation
Powershell implementation of a novel technique. Invoke-GPTObfuscation is a PowerShell Obfuscator that utilizes OpenAI (and other APIs) to obfuscate your PowerShell penetration testing code, malware, or any other sensitive script.
exploit exploitation-framework malware-research powershell powershell-module windows-desktop
Last synced: 01 Dec 2024
https://github.com/s1lkys/cve-2020-15906
Writeup of CVE-2020-15906
cve cve-2020-15906 exploit exploitation
Last synced: 14 Dec 2024
https://github.com/k8gege/ms17010exp
Ladon Moudle MS17010 Exploit for PowerShell
exp exploit hacking hacking-tool ladon ladon-poc ms17010 pentest
Last synced: 13 Nov 2024
https://github.com/HackerDev-Felix/Phoenix-Framework
Phoenix Framework Project
cve exploit exploits infosec poc vulnerabilities vulnerability vulnerability-scanners
Last synced: 21 Nov 2024
https://github.com/scipag/browserrecon-php
Advanced Web Browser Fingerprinting
browser exploit exploitation fingerprint fingerprinting security-vulnerability vulnerability vulnerability-detection vulnerability-identification vulnerability-scanners
Last synced: 09 Nov 2024
https://github.com/err0r-ica/venomsploit
Meterpreter payload for all platforms
exploit hacking-tools kali kali-linux linux metasploit metasploit-framework meterpreter mrt payload termux termux-hacking termux-tool
Last synced: 09 Nov 2024
https://github.com/err0r-ica/atmsfe
Termux Auto-Metasploit
exploit hacking-tool hacking-tools linux metasploit metasploit-framework meterpreter msfconsole msfvenom msfvenom-backdoor-android msfvenom-payload msfvenom-payload-creator payload termux termux-hacking termux-tool termux-tools
Last synced: 09 Nov 2024
https://github.com/farisv/prestashop-cve-2018-19126
PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)
exploit prestashop web-security
Last synced: 10 Oct 2024
https://github.com/saelo/feuerfuchs
Files for the "feuerfuchs" challenge of 33C3 CTF. See the greeting message in server.py for more information about the challenge
Last synced: 20 Nov 2024
https://github.com/inspiringz/CVE-2021-3493
CVE-2021-3493 Ubuntu OverlayFS Local Privesc (Interactive Bash Shell & Execute Command Entered)
cve-2021-3493 exploit linux privesc ubuntu
Last synced: 21 Nov 2024
https://github.com/xsscx/xnuimagefuzzer
XNU Image Fuzzer - iOS App for Fuzzing Images with Objective-C Code covering 12 CGCreateBitmap & CGColorSpace Functions working with Raw Data and String Injection.
crash debugging exploit file fuzz fuzzing graphics image imagefuzzer interposing ios iosonmac macos objective-c research security utt xcode xnu
Last synced: 12 Oct 2024
https://github.com/k8gege/phpstudydoor
PhpStudy 2016 & 2018 BackDoor Exploit
backdoor exploit hacking k8cscan pentest pentest-tool phpstudy security
Last synced: 13 Nov 2024
https://github.com/k8gege/k8badusb
BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit
badusb downexec exploit hacking pentest powershell security tennsy
Last synced: 13 Nov 2024
https://github.com/nerdsinspace/nocom-viewer
High memory usage reference implementation.
2b2t exploit golang heatmap heatmap-visualization leaflet minecraft nocom nocomment
Last synced: 07 Nov 2024
https://github.com/machine1337/pyfud
CROSS PLATFORM REMOTE ACCESS TROJAN (RAT)
antivirus-evasion cross-platform-rat crypter cybersecurity exploit fud fudrat hacking linux-shell machine1337 multi-clients multiclientsrat offensive-scripts persistent-shell python3 rat red-teaming reverse-shell windows-shell
Last synced: 10 Nov 2024
https://github.com/kovart/forta-attack-simulation
🦠🔬 Forta bot that detects deployment of smart contracts containing an exploit function
agent attack blockchain bot ethereum exploit forta prevention simulation
Last synced: 16 Nov 2024
https://github.com/yuriisanin/CVE-2022-24342
PoC for CVE-2022-24342: account takeover via CSRF in GitHub authentication
csrf cve cve-2022-24342 exploit jetbrains teamcity vulnerability
Last synced: 23 Oct 2024
https://github.com/merrychap/poc-exploits
:unlock: Vulnerability Research and Proof of Concept exploits for various targets
cve exploit exploitation poc proof-of-concept pwn vulnerabilities vulnerability
Last synced: 21 Jan 2025
https://github.com/rwfpl/rewolf-pcausa-exploit
PCAUSA Rawether for Windows Local Privilege Escalation
exploit pcausa privilege-escalation rawether reverse-engineering
Last synced: 06 Nov 2024
https://github.com/vah13/OracleCVE
Vulnerabilities which found in Oracle products
cve-2017-10147 cve-2017-10148 cve-2017-10366 cve-2017-10409 cve-2017-10410 cve-2017-10411 cve-2017-10412 cve-2017-10413 cve-2017-10414 cve-2017-10415 cve-2017-10416 cve-2017-10417 cwe-117 cwe-306 exploit oracle patch vulnerability
Last synced: 21 Nov 2024
https://github.com/tyoxlx/roblox-synapse
Roblox Synapse Executor is a top-tier script execution tool for Roblox, valued for its advanced features and stability, enabling seamless Lua scripting for game modifications and customization.
authentication bloxfruit-script bloxfruits-autofarm-script bloxfruits-hack-script executer exploit game gui hack lua nexus-roblox roblox roblox-lua roblox-script roblox-scripts roblox-synapse robloxscripts script-hub supported whitelist
Last synced: 23 Dec 2024
https://github.com/err0r-ica/whatspayloadrce
Whatsapp Automatic Payload Generator [CVE-2019-11932]
cve exploit hacking hacking-tools linux payload termux whatsapp whatsapp-chat
Last synced: 14 Oct 2024
https://github.com/xh4h/loki
The Dependency Confusion vulnerability scanner and autoexploitation tool to help identifying and mitigating supply chain attacks
attacks chain confusion dependency exploit migitation poc supply vulnerability-scanners
Last synced: 14 Dec 2024
https://github.com/Josexv1/CVE-2022-27925
Zimbra CVE-2022-27925 PoC
cve cve-2022-27925 exploit poc zimbra
Last synced: 23 Oct 2024
https://github.com/thewhiteh4t/thewhiteh4t.github.io
thewhiteh4t's Blog
blog blogging exploit exploitation framework hacking mitigation security tips-and-tricks
Last synced: 15 Jan 2025
https://github.com/i32-sudo/eacbypass-cr3readydrv
This is my EAC Bypass (Setup) Driver that offers an undetected communication and callback handler/hooking system through IOCTL.
anti bypass cheat cr3 driver eac easy easy-anti-cheat exploit ioctl kernel read undetected write
Last synced: 15 Nov 2024
https://github.com/r3dxpl0it/CVE-2018-4407
IOS/MAC Denial-Of-Service [POC/EXPLOIT FOR MASSIVE ATTACK TO IOS/MAC IN NETWORK]
attack blueteam cve cyber-security cybersecurity denial-of-service exploit hacking hacking-tool ios macos network penetration-testing poc redteam security
Last synced: 10 Nov 2024
https://github.com/d3ext/xdebug-exploit
xdebug 2.5.5 RCE exploit
black-hat ctf exploit hacker hacking hackthebox kali mrrobot offensive-security oscp owasp php python rce vuln vulnerability xdebug xdebug-exploit
Last synced: 14 Nov 2024
https://github.com/xaviermilgo/Chimay-Red-tiny
This is a minified exploit for mikrotik routers. It does not require any aditional modules to run.
chimay-red exploit mikrotik mikrotik-router vulnerability wikileaks
Last synced: 29 Oct 2024
https://github.com/reivhax/Chimay-Red-tiny
This is a minified exploit for mikrotik routers. It does not require any aditional modules to run.
chimay-red exploit mikrotik mikrotik-router vulnerability wikileaks
Last synced: 05 Dec 2024
https://github.com/leadroyal/cve-2024-37051-exp
CVE-2024-37051 poc and exploit
cve-2024-37051 exploit payload
Last synced: 11 Jan 2025
https://github.com/scipag/attacktoolkit
Open-source Exploiting Framework
exploit exploitation exploitation-framework exploiting-vulnerabilities exploiting-windows penetration-testing vulnerability-assessment vulnerability-detection vulnerability-identification vulnerability-scanners
Last synced: 05 Jan 2025
https://github.com/mobsf/mobsf-related-materials
MobSF related Presentations, Slides and Others.
exploit mobsf poc reversing scripts slides tools vulnerable
Last synced: 09 Nov 2024
https://github.com/scipag/AttackToolKit
Open-source Exploiting Framework
exploit exploitation exploitation-framework exploiting-vulnerabilities exploiting-windows penetration-testing vulnerability-assessment vulnerability-detection vulnerability-identification vulnerability-scanners
Last synced: 18 Jan 2025
https://github.com/eqstlab/cve-2024-5932
Proof-of-Concept for CVE-2024-5932
cve cve-2024-5932 exploit givewp object-injection php poc proof-of-concept security vulnerability
Last synced: 02 Dec 2024
https://github.com/egebalci/ticketbleed
This is a tool for exploiting Ticketbleed (CVE-2016-9244) vulnerability.
Last synced: 18 Nov 2024
https://github.com/cr4sh/prl_guest_to_host
Guest to host VM escape exploit for Parallels Desktop
0day exploit hypervisor not-a-bug vulnerability
Last synced: 23 Nov 2024
https://github.com/knqyf263/CVE-2020-10749
CVE-2020-10749 PoC (Kubernetes MitM attacks via IPv6 rogue router advertisements)
exploit ipv6 kubernetes vulnerability
Last synced: 17 Nov 2024
https://github.com/knqyf263/cve-2020-10749
CVE-2020-10749 PoC (Kubernetes MitM attacks via IPv6 rogue router advertisements)
exploit ipv6 kubernetes vulnerability
Last synced: 13 Oct 2024
https://github.com/cawfree/sameorigin
🤖 🧪 Masquerade as if you were their own frontend.
axios blur bypass cloudflare cors exploit marketplace nft opensea puppeteer
Last synced: 12 Oct 2024
https://github.com/thewhiteh4t/warsend
Apache Tomcat Manager API WAR Shell Upload
apache exploit reverse-shell shell thewhiteh4t tomcat war
Last synced: 15 Nov 2024
https://github.com/nullarray/shellshocker
A Bash script to test a list of URLs for the shellshock vulnerability.
bash exploit pentest pentesting shell shellshock-vulnerability
Last synced: 14 Oct 2024
https://github.com/oppsec/wsob
😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.
cve-2022-29464 exploit python wso2
Last synced: 08 Nov 2024
https://github.com/inndy/formatstring-exploit
Dead simple format string exploit payload generator
Last synced: 10 Nov 2024
https://github.com/karthikuj/cve-2022-31101
Exploit for PrestaShop bockwishlist module 2.1.0 SQLi (CVE-2022-31101)
blockwishlist cve-2022-31101 exploit prestashop
Last synced: 10 Oct 2024
https://github.com/mauricelambert/cve-2022-21907
CVE-2022-21907: detection, protection, exploitation and demonstration. Exploitation: Powershell, Python, Ruby, NMAP and Metasploit. Detection and protection: Powershell. Demonstration: Youtube.
bluescreen crash cve cve-2022-21907 denial-of-service detection dos exploit iis metasploit microsoft nmap payload powershell protection python3 ruby vulnerability webserver
Last synced: 14 Nov 2024
https://github.com/dylanmeca/labsecurity
Labsecurity is a tool that bundles ethical hacking python scripts into a single tool with cli interface.
exploit hacking hacking-tool hacking-tools information-gathering kali-linux kali-linux-hacking linux-tool linux-tools pentesting python scanner security security-audit security-scanner security-scanners security-tool security-tools vulnerability-detection vulnerability-scanners
Last synced: 22 Nov 2024
https://github.com/0xAsuka/shu-shell
Webshell Jumping Edition
exploit file-manager symlink webshell
Last synced: 17 Nov 2024
https://github.com/limbenjamin/LogServiceCrash
POC code to crash Windows Event Logger Service
crash eventlog exploit windows
Last synced: 21 Nov 2024
https://github.com/farisv/appledos
Messing Apple devices on the network with CVE-2018-4407 (heap overflow in bad packet handling)
Last synced: 24 Nov 2024
https://github.com/adamyordan/offbyslash-django-dumper
A proof of concept to dump Django website's source code affected by NGINX's off-by-slash alias directive misconfiguration.
django dumper exploit nginx poc security source-code vulnerability web-security
Last synced: 07 Nov 2024
https://github.com/jcubic/jsh.php
Terminal like php shell (PHP web terminal emulator)
exploit shell terminal-app vulnerability web-shell web-terminal
Last synced: 08 Nov 2024
https://github.com/3ndg4me/cve-2020-3452-exploit
Just basic scanner abusing CVE-2020-3452 to enumerate the standard files accessible in the Web Directory of the CISCO ASA applicances.
bash cisco cve cve-2020-3452 exploit hacktoberfest shell vulnerability
Last synced: 29 Oct 2024
https://github.com/r3li4nt/road-to-hacking
¿Quieres empezar en el mundo hacking? En esta revista te enseño a instalar Kali Linux desde cero y a manipular herramientas esenciales en el Hacking Ético.
cracking ebook espanol esteganografia exploit hacking hash kali-linux mitm mitm-attacks payload penetration-testing pentesting phishing privilege-escalation redes sniffing tor web wireless
Last synced: 04 Dec 2024
https://github.com/simonuvarov/expdev
Vulnerable software and exploits used for OSCP/OSCE preparation
Last synced: 18 Nov 2024
https://github.com/jm33-m0/cve-2018-7750
an RCE (remote command execution) approach of CVE-2018-7750
Last synced: 06 Nov 2024
https://github.com/demining/blockchain-attack-vectors
Blockchain Attack Vectors & Vulnerabilities to Smart Contracts
attack attacker attacks bitcoin blockchain blockchain-technology cryptocurrency ethereum exploit exploiting exploiting-vulnerabilities hack hacking smart-contracts vulnerabilities vulnerability vulnerability-scanners
Last synced: 11 Jan 2025
https://github.com/xenomega/xsymlink
Xbox One Symbolic Link Exploit: Access restricted/encrypted volumes using the Xbox File Explorer.
csharp exploit hack reverse-engineering symbolic-links vulnerability xbox
Last synced: 03 Oct 2024
