Exploit
Exploit refers to a piece of code or technique that takes advantage of a security vulnerability in a system, application, or network to cause unintended behavior. Exploits can be used by attackers to gain unauthorized access, escalate privileges, execute arbitrary code, or cause a denial of service. This topic covers the various types of exploits, such as zero-day exploits, remote code execution, and privilege escalation. It also explores the lifecycle of an exploit, from discovery and development to deployment and mitigation, and highlights the importance of vulnerability management and patching in preventing exploits.
- GitHub: https://github.com/topics/exploit
- Wikipedia: https://en.wikipedia.org/wiki/Exploit_(computer_security)
- Created by: The cybersecurity community
- Related Topics: hacking, cybersecurity, penetration-testing, vulnerability-assessment,
- Aliases: exploits, vulnerability-exploit,
- Last updated: 2025-05-15 00:10:23 UTC
- JSON Representation
https://github.com/voidsec/tivoli-madness
Advisory for CVE-2020-28054 & stack based buffer overflow in IBM Tivoli Storage Manager
authorization-bypass buffer-overflow exploit ibm jamodat tivoli voidsec
Last synced: 09 Apr 2025
https://github.com/joe12387/safari-canvas-fingerprinting-exploit
An exploit for Safari 17.4 and lower that enables fingerprinting Safari users using OffscreenCanvas and SharedWorkers even if fingerprinting protections are enabled.
apple browser browser-fingerprint browser-fingerprinting exploit fingerprint fingerprinting ios javascript macos safari vulnerabilities vulnerability
Last synced: 14 May 2025
https://github.com/nerdsinspace/nocom-frontend
The No Comment web application frontend.
angular exploit javascript minecraft
Last synced: 13 Apr 2025
https://github.com/hansmach1ne/myexploits
Repo for discovered zero day vulnerabilities/exploits
bug-hunting cve exploit vulnerability
Last synced: 21 Nov 2024
https://github.com/kardespro/nosqlmap
NoSQLMap CLI Tool is a command-line interface (CLI) tool designed to test for NoSQL injection vulnerabilities using Node.js, TypeScript, and Axios. It supports both HTTP and HTTPS requests and works with all HTTP methods.
exploit mongodb mongodb-database mongoose nosqlmap pentesting scan-tool security security-tools sqlmap
Last synced: 09 Feb 2025
https://github.com/abdullah2993/zong-wifi
exploit hack unlock unlocker vulnerability zong
Last synced: 21 Feb 2025
https://github.com/r3li4nt/ctf-retos
Retos de Captura la bandera (CTF) resueltos en español.
ctf easy escalate-privilages exploit hacking hard kali linux medium pentesting redteam root-me security vulnerability vulnhub wifi
Last synced: 04 Dec 2024
https://github.com/xsscx/ios-arm-binaries
UPDATED: All the action is at https://github.com/xsscx/srd
arm development discovery exploit ios vulnerability
Last synced: 26 Feb 2025
https://github.com/0x00-0x00/cve-2016-10033
PHPMailer < 5.2.18 Remote Code Execution Exploit
2016-10033 cve exploit php phpmailer
Last synced: 22 Nov 2024
https://github.com/giacomoferretti/janus-toolkit
A collection of tools for the Janus exploit [CVE-2017-13156].
android cve-2017-13156 exploit go golang janus janus-poc janus-toolkit python python3
Last synced: 15 Dec 2024
https://github.com/ibnusyawall/mytools
commandline-interface exploit nodejs npm tools-engineering vulnerability
Last synced: 04 Dec 2024
https://github.com/elijahhx/dead1ock-h4ck
"Dead1ock-h4ck" is an open-source project dedicated to exploring cybersecurity and ethical hacking techniques. The project aims to provide resources and tools for learning about network security, cryptography, and penetration testing.
cyber-defense cybersecurity cybersecurity-research dead1ock-h4ck exploit github hacking hacktivism infosec malware pentesting programming ransomware security technology vulnerability
Last synced: 23 Apr 2025
https://github.com/paulveillard/cybersecurity-exploits
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Software Exploits in Cybersecurity.
Last synced: 28 Mar 2025
https://github.com/noraj/fuelcms-rce
Fuel CMS 1.4 - Remote Code Execution
cve-2018-16763 exploit fuel-cms poc rce remote-code-execution
Last synced: 12 Apr 2025
https://github.com/aw-junaid/security-and-hacking
Explore ethical hacking and security: penetration testing, vulnerability scanning, and exploit development. Includes tools, scripts, and hands-on labs.
ethical-hacking exploit hacking penetration-testing security vulnerabilities vulnerability-scanners
Last synced: 28 Mar 2025
https://github.com/synap5e/razor-eop-xiao
Razor installer elevation of privilege trigger + automation with Seeeduino XIAO
circuitpython eop exploit micropython privesc razor
Last synced: 15 Apr 2025
https://github.com/vulnsphere/ai_infra_vuln_pocs
This is the PoC repository of LLM service. Updating...
exploit llm ml nuclei nuclei-templates poc security vulnerability
Last synced: 01 Apr 2025
https://github.com/geniuszly/cve-2022-46080
it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.
buffer-overflow cve cve-2022-46080 cybersecurity ethical-hacking exploit exploit-development linux nexxt nexxt-router penetration-testing poc rce rce-exploit router security telnet vulnerability vulnerability-research
Last synced: 11 Apr 2025
https://github.com/n132/dec-safe-linking
A general way to Recover Safe linking protected value/pointer
Last synced: 28 Nov 2024
https://github.com/crllect/zorro
Frontend-only game and unblock website with a pretty big lib. Only a fun side-project, dont expect daily updates
Last synced: 27 Feb 2025
https://github.com/iosdec/sandbox-escape-poc-ios-13.4.1-and-lower
This is a POC of a sandbox escape by found by Siguza. Works up to iOS 13.4.1.
exploit ios objective-c sandbox-escape
Last synced: 14 Apr 2025
https://github.com/kuduxaaa/exploits-parser
CVE Exploits Parser from cvedetails.com [ the ultimate security vulnerability datasource ]
cve cve-details-scraper exploit parser
Last synced: 30 Apr 2025
https://github.com/typicalmodmaker/cve-2024-4956
Proof-Of-Concept (POC) for CVE-2024-4956
cve cve-2024-4956 exploit poc proof-of-concept proofofconcept vulnerability
Last synced: 10 Apr 2025
https://github.com/rxzyx/ps3d-ultimate-client
The best hacks for Pixel Strike 3D (PS3D) you can find.
3d aws exploit game hack mod pixel pixelstrike pixelstrike3d playfab ps3d python strike
Last synced: 01 Apr 2025
https://github.com/team0se7en/cve-2020-8816
Pi-hole ( <= 4.3.2) authenticated remote code execution.
cve-2020-8811 exploit golang pi-hole privesc rce
Last synced: 09 Feb 2025
https://github.com/geniuszly/CVE-2022-46080
it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.
buffer-overflow cve cve-2022-46080 cybersecurity ethical-hacking exploit exploit-development linux nexxt nexxt-router penetration-testing poc rce rce-exploit router security telnet vulnerability vulnerability-research
Last synced: 07 May 2025
https://github.com/0xapt/evil-xmlrpc
evil-xmlrpc is a tool that I created to help me bruteforce Wordpress user accounts using xmlrpc.php while bypassing iThemes Security preventing lockouts
exploit ithemes-security python wordpress
Last synced: 02 Jan 2025
https://github.com/francescodisalesgithub/simpleviruswriting
An example of basic virus writing in C
c exploit fallocate fork-bomb hacking hide-messages kernel linux passwords shadowfile timebomb virus-writing
Last synced: 28 Apr 2025
https://github.com/k3rnel-dev/winrarexploit
CVE-2023-38831-WINRAR-EXPLOIT GENERATOR
Last synced: 13 May 2025
https://github.com/lucabarile/cve-2023-23396
Exploit and report for CVE-2023-23396.
cve-2023-23396 denial-of-service disclosure excel-exploit exploit full-disclosure kb5002356 kb5002362 microsoft-excel office-365 paper poc proof-of-concept report vulnerability vulnerability-disclosure white-paper write-up writeup
Last synced: 20 Feb 2025
https://github.com/siddhant385/flask-phishing
PHISHING FRAMEWORK BUILT OVER FLASK AND COULD BE DEPLOYED OVER WEB TO SHOW THE RISKS OF PHISHING OVER THE WEB WITH PASSWORD FETCH OVER TELEGRAM
brute-force exploit flask flask-login flask-phishing flask-web instagram iplogger ngrok phishing phishing-attacks phishing-kit phishing-page phishing-script phishing-tool portforward web zphisher
Last synced: 14 Apr 2025
https://github.com/acceis/exploit-cve-2022-24780
iTop < 2.7.6 - (Authenticated) Remote command execution
cve cve-2022-24780 exploit rce ssti
Last synced: 08 Apr 2025
https://github.com/codercooke/osx-thumbnails
Reassemble thumbnails from osx quicklook thumbnail cache
exploit forensics mac macos osx quicklook thumbnails
Last synced: 13 Mar 2025
https://github.com/darkcodersc/slae32-polymophism
SLAE32 Assignment N°6 - Create up to three polymorphic version of shellcodes.
exploit polymorphism slae32 slae32-assignments
Last synced: 12 Feb 2025
https://github.com/cokebeer/logi
Logi is a LDAP/MySQL server focusing on pingback deserialize recon and exploit.
commons-beanutils custom cve-2020-14644 deserialize exploit gadget go java jdbc jndi ldap log4j mysql probe server wordlist
Last synced: 09 Apr 2025
https://github.com/padsalatushal/cve-2018-16763
Fuel CMS 1.4.1 - Remote Code Execution
cve cve-2018-16763 exploit fuelcms python
Last synced: 14 Jan 2025
https://github.com/siddhant385/karavas
A remote acess tool without port forwarding. An Evil Os implementation for windows
byob evilosx evilwindows exploit flask fud fud-rat karavas payload payload-generator post-exploitation python3 rat remote-access-tool remote-access-trojan reverse-shell simple
Last synced: 14 Apr 2025
https://github.com/sgabe/cve-2019-1476
AppXSvc Arbitrary File Overwrite DoS
dos-attack exploit proof-of-concept vulnerability windows10
Last synced: 14 Dec 2024
https://github.com/slluxx/windows-reverse-shell
Reverse-shell payloads and scripts
2021 exploit hacking powershell reverse-shell script undetected windows working
Last synced: 11 Jan 2025
https://github.com/geniuszly/gendecryptauthme
A Python tool for decrypting passwords hashed with the AuthMe SHA256 algorithm. Ideal for penetration testing and security audits on Minecraft servers using the AuthMe authentication plugin.
authentication-bypass authme authme-sha256 cybersecurity decryption ethical-hacking exploit gendecryptauthme minecraft password-decryption penetration-testing python reverse-engineering security-tools sha256 sha256-hash
Last synced: 13 Apr 2025
https://github.com/geniuszly/CVE-2022-45701
it is script designed to exploit certain vulnerabilities in routers by sending payloads through SNMP (Simple Network Management Protocol). The script automates the process of authorization, payload generation, and execution, allowing for remote command execution on the target device.
arris arris-modem arris-router buffer-overflow cve cve-2022-45701 cybersecurity ethical-hacking exploit exploit-development linux penetration-testing poc python security snmp vulnerability vulnerability-research
Last synced: 07 May 2025
https://github.com/jcs090218/reverse_shell
Reverse shell implementation using Python
exploit microservice reverse-shell vulnerability
Last synced: 23 Feb 2025
https://github.com/teemsploit/situationadmin.lua
A console admin script built for synapseX & Script-Ware may not work on other executors.
admin exploit lua luau rlua roblox roblox-cheat roblox-hack roblox-script robloxlua script-ware synapsex teemsploit
Last synced: 23 Jan 2025
https://github.com/demining/cold-and-hot-wallets
Cold Wallets and Hot Wallets how to find vulnerabilities and eliminate various attacks on the Blockchain
attack attacker attacks bitcoin bitcoin-transaction bitcoin-wallet blockchain coldwallet coldwaters cryptocurrency exploit exploits hack hacking vulnerabilities vulnerability
Last synced: 01 Mar 2025
https://github.com/0xmachos/cve-2019-8561
Proof of concept exploit for CVE-2019-8561 discovered by @jbradley89
exploit macos poc proof-of-concept
Last synced: 22 Nov 2024
https://github.com/nerdsinspace/nocom-http
The No Comment web application backend.
api exploit java minecraft spring spring-boot
Last synced: 13 Apr 2025
https://github.com/bl4ck44/ctf-desafios
CTF Retos de Captura la bandera resueltos.
ctf ctf-challenges exploit hacking hackthebox hard kali kali-linux pentesting security vulnhub
Last synced: 16 Mar 2025
https://github.com/0xnonames/croissanted.py
A Python script exploiting Discord's authorization token.
Last synced: 30 Nov 2024
https://github.com/alexandre-bartel/cve-2018-20343
PoC for CVE-2018-20343
build-engine cve exploit vulnerability
Last synced: 01 Dec 2024
https://github.com/z3n70/CVE-2021-43798
Simple program for exploit grafana
bugbounty cybersecurity exploit grafana pentesting
Last synced: 10 Mar 2025
https://github.com/geniuszly/cve-2022-44149
it is script designed to interact with a router by sending a payload to its system tools. The script retrieves the router's configuration from environment variables to ensure security. It includes functions for generating an authorization header, sending a payload, and logging the process.
cve cve-2022-44149 cybersecurity ethical-hacking exploit exploit-development linux payload penetration-testing poc privilege-escalation security vulnerability vulnerability-research
Last synced: 11 Apr 2025
https://github.com/0xbitx/dedsec_malware_dropper
linux based super-stealthy Dropper, that can create a fully undetected linux malware executable.
custom-payload dropper exploit fud fud-backdoor linux-tool malware rat undetectable-malware
Last synced: 04 Mar 2025
https://github.com/al1ex/cve-2020-35729
CVE-2020-35729
cve-2020-35729 exploit klogserver
Last synced: 11 Apr 2025
https://github.com/geniuszly/cve-2022-45701
it is script designed to exploit certain vulnerabilities in routers by sending payloads through SNMP (Simple Network Management Protocol). The script automates the process of authorization, payload generation, and execution, allowing for remote command execution on the target device.
arris arris-modem arris-router buffer-overflow cve cve-2022-45701 cybersecurity ethical-hacking exploit exploit-development linux penetration-testing poc python security snmp vulnerability vulnerability-research
Last synced: 11 Apr 2025
https://github.com/cybersecsi/blueborne-dockerized
Repo code for the related post on SecSI Blog: https://secsi.io/blog/blueborne-kill-chain-on-dockerized-android
android aslr aslr-bypass blueborne bluetooth container docker exploit secsi
Last synced: 22 Nov 2024
https://github.com/voidsec/mona-ropshell
For all loaded modules (DLLs), fetch ROP gadgets querying Ropshell DB
corelan exploit exploitation mona rop ropgadget ropshell voidsec
Last synced: 09 Apr 2025
https://github.com/enansari/exploits
I push my simple exploits in this repository
exploit hack kali-linux python
Last synced: 26 Feb 2025
https://github.com/lucabarile/dll-hijacking
DLL Hijacking using DLL Proxying technique
cve dll-hijacking dll-proxying elevation-of-privilege exploit exported-functions hijacking local-privilege-escalation mingw-w64 poc pop-a-shell privilege-escalation proof-of-concept vulnerability windows-privilege-escalation
Last synced: 20 Feb 2025
https://github.com/undacmic/heartbleed-proof-of-concept
Proof of concept for exploiting the Heartbeat Extension bug detailed in the CVE-2014-0160. :old_key: :unlock:
cve-2014-0160 exploit heartbeat heartbleed proof-of-concept tls vulnerability
Last synced: 20 Feb 2025
https://github.com/mauricelambert/cve-2021-31166
CVE-2021-31166: exploitation with Powershell, Python, Ruby, NMAP and Metasploit.
bluescreen crash cve cve-2021-31166 denial-of-service dos exploit iis metasploit microsoft nmap payload powershell python3 ruby vulnerability webserver
Last synced: 11 Apr 2025
https://github.com/mustafadalga/dictionary-attack
Bir hedef web sitesi veya ip adresine giriş için sözlük saldırısı yapan bir script.
cyber-security cyber-threat-intelligence cybersecurity dictionary-attack exploit hackathon hacker hacking hacking-tool hacking-tools python python-3 python-script python3 python3-script web-hackathon web-hacking website-hacking
Last synced: 30 Apr 2025
https://github.com/danucosukosuko/rfsrcexploit
Un nuevo exploit de ChatGPT o una alternativa a D.A.N. Las siglas de RFSR son RE.FU.SE.R. Que se salta la política de OpenAI.
Last synced: 19 Mar 2025
https://github.com/krishpranav/autosploit
A simple ruby tool to automate metasploit modules
bash exploit exploiter metasploit metasploit-modules msfs ruby shell
Last synced: 15 Apr 2025
https://github.com/xewdy444/netgrave
A tool for retrieving login credentials from Netwave IP cameras using a memory dump vulnerability (CVE-2018-17240)
camera exploit netwave security vulnerability
Last synced: 19 Apr 2025
https://github.com/z3n70/CVE-2021-41277
simple program for exploit metabase
bugbounty cybersecurity exploit metabase ruby
Last synced: 10 Mar 2025
https://github.com/sebastian-mora/cve-2020-27358-27359
CVE-2020-27358 and CVE-2020-27359
cve cve-2020-27358 cve-2020-27359 exploit
Last synced: 10 Mar 2025
https://github.com/demining/bitcoin-lightning-wallet-vulnerability
How to find a private key in binary code from Bitcoin Lightning Wallet Vulnerability in Quasar Framework
bitcoin bitcoin-wallet blockchain exploit hack hacking metasploit metasploit-framework privatekey vulnerability vulnerable
Last synced: 15 Mar 2025
https://github.com/nhas/cve-2024-45337-poc
Proof of concept (POC) for CVE-2024-45337
cve cve-2024-45337 exploit golang hack pentesting poc proof-of-concept ssh
Last synced: 09 Apr 2025
https://github.com/codeb0ss/cve-2023-0255-poc
Mass Exploit - CVE-2023-0255 < WordPress < Enable Media+Plugin < Unauthenticated Arbitrary File Upload / Webshell Upload
codeb0ss codeboss cve-2023-0225-exp cve-2023-0225-exploit cve-2023-0225-poc exploit wordpress
Last synced: 12 Jan 2025
https://github.com/FOGSEC/routersploit
The Router Exploitation Framework
802-11 controller exploit exploitation-framework framework network-analysis network-security python router scanner scanning switch wifi wifi-security wpa wpa2 wps
Last synced: 04 Apr 2025
https://github.com/b2r2-org/poe
PoE (Proof-of-Exploit) is a language designed specifically for writing an exploit.
ctf exploit fsharp hacking poe programming-language
Last synced: 31 Dec 2024
https://github.com/hupe1980/gopherfy
Tool to generate gopher links for exploiting SSRF
exploit fastcgi gopher http mysql postgresql smtp ssrf
Last synced: 06 Apr 2025
https://github.com/chaitanyarahalkar/spectre-poc
Proof of Concept - Spectre
c exploit meltdown poc proof-of-concept spectre
Last synced: 17 Dec 2024
https://github.com/baum1810/anonxss
this is a xss exploit for the popular filehoster anonfiles its been around for some while but i have edit it a bit
anofiles anonfiles-xss api baum1810 ethical-hacking ethical-hacking-tools exploit flask flask-server grabber ip ipgrabber python replit requests xss
Last synced: 17 Dec 2024
https://github.com/darkcodersc/slae32-egghunters
SLAE32 Assignment 3 : Egg Hunters
egg exploit hunter shellcode slae32 slae32-assignments
Last synced: 12 Feb 2025
https://github.com/dreadl0ck/osx-root-installer
OSX ElCapitan Privilege Escalation Proof Of Concept
exploit osx osx-security security
Last synced: 08 Apr 2025
https://github.com/totekuh/shellcrafter
Scripts, tools and code snippets for exploit development/assembly/shellcoding
assembly exploit exploit-development keystone pip python3 shellcode
Last synced: 15 Apr 2025
https://github.com/paulveillard/cybersecurity-hack-value
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Hack Value in Cybersecurity.
cybersecurity exploit exploits-finder exploits-scripts hacking hacking-code hacking-framework hacking-tools security-tools vulnerability vulnerability-assessment vulnerability-detection vulnerability-scanners
Last synced: 28 Mar 2025
https://github.com/helidem/cve-2025-24054-poc
Proof of Concept for the NTLM Hash Leak via .library-ms CVE-2025-24054
cve cve-2025-24054 cve-2025-24071 exploit library-ms ntlm ntlm-hash phishing poc windows
Last synced: 25 Apr 2025
https://github.com/samkg/flush-reload-sidechannel
A demonstration of a sidechannel vulnerability that exploits cache timings using Flush Reload to communicate information over a covert channel
covert-channel exploit intel linux
Last synced: 13 Apr 2025
https://github.com/volkansah/sqlp-edu
Example Python script that demonstrates a simple example of a Cross-Site Scripting (XSS) exploit for educational purposes only. This script is intended to be used responsibly, for learning and understanding the security implications of XSS attacks, and should not be used for any illegal or unethical activities.
bypass cross-site-scripting ehtical-hacking-tools exploit exploitation explotation hacking hacking-tool hacking-tools penetration-testing pentesting phishing python security sql-xss vulnerability xss xss-attacks xss-exploitation xss-injection
Last synced: 29 Mar 2025
https://github.com/fear2o/shellkill
an advanced python-based web shell uploader
bypass-shell bypass-waf cli cybersecurity exploit hacking payload penetration-testing python python-tool python3 rce rce-exploit security security-tool web-shell web-shell-upload
Last synced: 26 Jan 2025
https://github.com/scipag/browserrecon-asp
Advanced Web Browser Fingerprinting
browser exploit exploitation fingerprint fingerprinting security-vulnerability vulnerability vulnerability-detection vulnerability-identification vulnerability-scanners
Last synced: 23 Feb 2025
https://github.com/vexontop-py/vanishraider
Vanish raid tool - easy server nuke with no efforts!
discord discord-account-generator discord-banner discord-exploit discord-py discord-raid-tool discord-raider discord-token-generator exploit mass-dm mass-mention mass-report py ratelimit-bypass spammer
Last synced: 09 Apr 2025
https://github.com/mython-dev/mythical-payload
Payload Creator for Operating Systems and Programming Language
android bash exploit hacker hacking hacking-tool hacking-tools kalil linux metasploit metasploit-framework payload payload-generator payloads programming python script ubuntu widnows
Last synced: 22 Nov 2024
https://github.com/randomrobbiebf/cve-2024-22145
InstaWP Connect <= 0.1.0.8 - Missing Authorization to Arbitrary Options Update (Subscriber+)
cve-2024-22145 exploit instawp-connect wordpress
Last synced: 13 Apr 2025
https://github.com/000pp/zaber
🕵️ Yet another CVE-2019-9670 exploit, but in Golang.
blueteam cve cve-2019-9670 exploit go golang redteam vulnerability zimbra
Last synced: 24 Apr 2025
https://github.com/renatoalencar/dlink-dir610-exploits
Exploits for CVE-2020-9376 and CVE-2020-9377
authentication-bypass dlink exploit remote-code-execution
Last synced: 12 Apr 2025
