Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Exploit
Exploit refers to a piece of code or technique that takes advantage of a security vulnerability in a system, application, or network to cause unintended behavior. Exploits can be used by attackers to gain unauthorized access, escalate privileges, execute arbitrary code, or cause a denial of service. This topic covers the various types of exploits, such as zero-day exploits, remote code execution, and privilege escalation. It also explores the lifecycle of an exploit, from discovery and development to deployment and mitigation, and highlights the importance of vulnerability management and patching in preventing exploits.
- GitHub: https://github.com/topics/exploit
- Wikipedia: https://en.wikipedia.org/wiki/Exploit_(computer_security)
- Created by: The cybersecurity community
- Related Topics: hacking, cybersecurity, penetration-testing, vulnerability-assessment,
- Aliases: exploits, vulnerability-exploit,
- Last updated: 2025-02-05 00:10:12 UTC
- JSON Representation
https://github.com/alexandre-bartel/cve-2018-20343
PoC for CVE-2018-20343
build-engine cve exploit vulnerability
Last synced: 01 Dec 2024
https://github.com/x0reaxeax/exec-prot-bypass
Bypassing Linux Executable Space Protection using 20+ years old tools (CVE-2022-25265).
cve-2022-25265 dep-bypass exploit linux noexec
Last synced: 10 Nov 2024
https://github.com/teemsploit/situationadmin.lua
A console admin script built for synapseX & Script-Ware may not work on other executors.
admin exploit lua luau rlua roblox roblox-cheat roblox-hack roblox-script robloxlua script-ware synapsex teemsploit
Last synced: 23 Jan 2025
https://github.com/cybersecsi/blueborne-dockerized
Repo code for the related post on SecSI Blog: https://secsi.io/blog/blueborne-kill-chain-on-dockerized-android
android aslr aslr-bypass blueborne bluetooth container docker exploit secsi
Last synced: 22 Nov 2024
https://github.com/oppsec/zaber
🕵️ Yet another CVE-2019-9670 exploit, but in Golang.
blueteam cve cve-2019-9670 exploit go golang redteam vulnerability zimbra
Last synced: 08 Nov 2024
https://github.com/nerdsinspace/nocom-http
The No Comment web application backend.
api exploit java minecraft spring spring-boot
Last synced: 07 Nov 2024
https://github.com/slluxx/windows-reverse-shell
Reverse-shell payloads and scripts
2021 exploit hacking powershell reverse-shell script undetected windows working
Last synced: 11 Jan 2025
https://github.com/0xbitx/dedsec_malware_dropper
linux based super-stealthy Dropper, that can create a fully undetected linux malware executable.
custom-payload dropper exploit fud fud-backdoor linux-tool malware rat undetectable-malware
Last synced: 14 Jan 2025
https://github.com/siddhant385/flask-phishing
PHISHING FRAMEWORK BUILT OVER FLASK AND COULD BE DEPLOYED OVER WEB TO SHOW THE RISKS OF PHISHING OVER THE WEB WITH PASSWORD FETCH OVER TELEGRAM
brute-force exploit flask flask-login flask-phishing flask-web instagram iplogger ngrok phishing phishing-attacks phishing-kit phishing-page phishing-script phishing-tool portforward web zphisher
Last synced: 16 Nov 2024
https://github.com/randomrobbiebf/cve-2024-22145
InstaWP Connect <= 0.1.0.8 - Missing Authorization to Arbitrary Options Update (Subscriber+)
cve-2024-22145 exploit instawp-connect wordpress
Last synced: 21 Jan 2025
https://github.com/dreadl0ck/osx-root-installer
OSX ElCapitan Privilege Escalation Proof Of Concept
exploit osx osx-security security
Last synced: 06 Nov 2024
https://github.com/samkg/flush-reload-sidechannel
A demonstration of a sidechannel vulnerability that exploits cache timings using Flush Reload to communicate information over a covert channel
covert-channel exploit intel linux
Last synced: 21 Jan 2025
https://github.com/codeb0ss/cve-2023-0255-poc
Mass Exploit - CVE-2023-0255 < WordPress < Enable Media+Plugin < Unauthenticated Arbitrary File Upload / Webshell Upload
codeb0ss codeboss cve-2023-0225-exp cve-2023-0225-exploit cve-2023-0225-poc exploit wordpress
Last synced: 12 Jan 2025
https://github.com/loneicewolf/vulnserver-bof
My approach to the VulnServer BOF (Windows 10 - SYSTEM gained)
exploit loneicewolf oscp oscp-prep oscp-tools vulnserver william-martens
Last synced: 06 Nov 2024
https://github.com/sebastian-mora/cve-2020-27358-27359
CVE-2020-27358 and CVE-2020-27359
cve cve-2020-27358 cve-2020-27359 exploit
Last synced: 23 Oct 2024
https://github.com/fear2o/shellkill
an advanced python-based web shell uploader
bypass-shell bypass-waf cli cybersecurity exploit hacking payload penetration-testing python python-tool python3 rce rce-exploit security security-tool web-shell web-shell-upload
Last synced: 26 Jan 2025
https://github.com/volkansah/sqlp-edu
Example Python script that demonstrates a simple example of a Cross-Site Scripting (XSS) exploit for educational purposes only. This script is intended to be used responsibly, for learning and understanding the security implications of XSS attacks, and should not be used for any illegal or unethical activities.
bypass cross-site-scripting ehtical-hacking-tools exploit exploitation explotation hacking hacking-tool hacking-tools penetration-testing pentesting phishing python security sql-xss vulnerability xss xss-attacks xss-exploitation xss-injection
Last synced: 04 Feb 2025
https://github.com/b2r2-org/poe
PoE (Proof-of-Exploit) is a language designed specifically for writing an exploit.
ctf exploit fsharp hacking poe programming-language
Last synced: 31 Dec 2024
https://github.com/baum1810/anonxss
this is a xss exploit for the popular filehoster anonfiles its been around for some while but i have edit it a bit
anofiles anonfiles-xss api baum1810 ethical-hacking ethical-hacking-tools exploit flask flask-server grabber ip ipgrabber python replit requests xss
Last synced: 17 Dec 2024
https://github.com/scipag/browserrecon-asp
Advanced Web Browser Fingerprinting
browser exploit exploitation fingerprint fingerprinting security-vulnerability vulnerability vulnerability-detection vulnerability-identification vulnerability-scanners
Last synced: 05 Jan 2025
https://github.com/demining/bitcoin-lightning-wallet-vulnerability
How to find a private key in binary code from Bitcoin Lightning Wallet Vulnerability in Quasar Framework
bitcoin bitcoin-wallet blockchain exploit hack hacking metasploit metasploit-framework privatekey vulnerability vulnerable
Last synced: 22 Jan 2025
https://github.com/undacmic/heartbleed-proof-of-concept
Proof of concept for exploiting the Heartbeat Extension bug detailed in the CVE-2014-0160. :old_key: :unlock:
cve-2014-0160 exploit heartbeat heartbleed proof-of-concept tls vulnerability
Last synced: 31 Dec 2024
https://github.com/z3n70/CVE-2021-41277
simple program for exploit metabase
bugbounty cybersecurity exploit metabase ruby
Last synced: 23 Oct 2024
https://github.com/mauricelambert/cve-2021-31166
CVE-2021-31166: exploitation with Powershell, Python, Ruby, NMAP and Metasploit.
bluescreen crash cve cve-2021-31166 denial-of-service dos exploit iis metasploit microsoft nmap payload powershell python3 ruby vulnerability webserver
Last synced: 14 Nov 2024
https://github.com/chaitanyarahalkar/spectre-poc
Proof of Concept - Spectre
c exploit meltdown poc proof-of-concept spectre
Last synced: 17 Dec 2024
https://github.com/paulveillard/cybersecurity-hack-value
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Hack Value in Cybersecurity.
cybersecurity exploit exploits-finder exploits-scripts hacking hacking-code hacking-framework hacking-tools security-tools vulnerability vulnerability-assessment vulnerability-detection vulnerability-scanners
Last synced: 02 Feb 2025
https://github.com/FOGSEC/routersploit
The Router Exploitation Framework
802-11 controller exploit exploitation-framework framework network-analysis network-security python router scanner scanning switch wifi wifi-security wpa wpa2 wps
Last synced: 04 Nov 2024
https://github.com/cokebeer/logi
Logi is a LDAP/MySQL server focusing on pingback deserialize recon and exploit.
commons-beanutils custom cve-2020-14644 deserialize exploit gadget go java jdbc jndi ldap log4j mysql probe server wordlist
Last synced: 24 Nov 2024
https://github.com/krishpranav/autosploit
A simple ruby tool to automate metasploit modules
bash exploit exploiter metasploit metasploit-modules msfs ruby shell
Last synced: 15 Oct 2024
https://github.com/vexontop-py/vanishraider
Vanish raid tool - easy server nuke with no efforts!
discord discord-account-generator discord-banner discord-exploit discord-py discord-raid-tool discord-raider discord-token-generator exploit mass-dm mass-mention mass-report py ratelimit-bypass spammer
Last synced: 12 Oct 2024
https://github.com/mython-dev/mythical-payload
Payload Creator for Operating Systems and Programming Language
android bash exploit hacker hacking hacking-tool hacking-tools kalil linux metasploit metasploit-framework payload payload-generator payloads programming python script ubuntu widnows
Last synced: 22 Nov 2024
https://github.com/nguyenmg/roblox-synapse
Roblox Synapse Executor is a top-tier script execution tool for Roblox, valued for its advanced features and stability, enabling seamless Lua scripting for game modifications and customization.
bloxfruit-script bloxfruits-autofarm-script bloxfruits-hack-script bloxfruits-script exploit gui lua roblox roblox-lua roblox-script roblox-scripts roblox-synapse robloxscript robloxscripts
Last synced: 23 Dec 2024
https://github.com/fssay/dall-e
Free DALL-E text-to-image generator using exploit in a third-party service
ai dall-e dalle exploit rust-lang tauri text-to-image
Last synced: 02 Feb 2025
https://github.com/francescodisalesgithub/simpleviruswriting
An example of basic virus writing in C
c exploit fallocate fork-bomb hacking hide-messages kernel linux passwords shadowfile timebomb virus-writing
Last synced: 29 Nov 2024
https://github.com/jsmoreira02/sar2html_exploit
Exploit the Sar2HTML RCE vulnerability and also perform a Shell Upload on the target
cybersecurity exploit hacking python3 reverse-shell vulnerability web-exploitation
Last synced: 19 Jan 2025
https://github.com/danucosukosuko/rfsrcexploit
Un nuevo exploit de ChatGPT o una alternativa a D.A.N. Las siglas de RFSR son RE.FU.SE.R. Que se salta la política de OpenAI.
Last synced: 25 Jan 2025
https://github.com/hupe1980/gopherfy
Tool to generate gopher links for exploiting SSRF
exploit fastcgi gopher http mysql postgresql smtp ssrf
Last synced: 20 Dec 2024
https://github.com/totekuh/shellcrafter
Scripts, tools and code snippets for exploit development/assembly/shellcoding
assembly exploit exploit-development keystone pip python3 shellcode
Last synced: 16 Oct 2024
https://github.com/synap5e/razor-eop-xiao
Razor installer elevation of privilege trigger + automation with Seeeduino XIAO
circuitpython eop exploit micropython privesc razor
Last synced: 08 Nov 2024
https://github.com/ebrasha/cve-2024-28000
LiteSpeed Cache Privilege Escalation PoC - CVE-2024-28000
abdal cve-2024-28000 ebrasha exploit litespeed-cache-privilege poc privilege-escalation-poc wordpress
Last synced: 10 Oct 2024
https://github.com/acceis/exploit-cve-2022-0482
Easy!Appointments < 1.4.3 - Unauthenticated PII (events) disclosure
cve cve-2022-0482 disclosure exploit pii
Last synced: 06 Nov 2024
https://github.com/edoardottt/edoardottt
Hey! I'm edoardottt! 🏴☠️👹
coding computer-science computing cybersecurity edoardottt exploit hacking internet linux mathematics open-source operating-system osint reconnaissance science security security-tools security-toolset technology university
Last synced: 01 Feb 2025
https://github.com/al1ex/cve-2021-3317
CVE-2021-3317
cve-2021-3317 exploit klogserver
Last synced: 24 Nov 2024
https://github.com/nyawox/nixtendo-switch
NixOS module with useful features for hacked nintendo switch
cve-2018-6242 exploit hekate nintendo-switch nix-flake nixos nixos-module usb
Last synced: 15 Nov 2024
https://github.com/codeb0ss/webshell_executor
Advanced Software To Scan Webshells With The Best Features - For SEO Webshells/SEO Companies.
0day china codeb0ss codeboss cve exploit high-da lufix olux rce-exploit shell shell-exploit webshell webshell-backdoor webshell-detect webshell-exploit wso xleet
Last synced: 12 Jan 2025
https://github.com/xewdy444/netgrave
A tool for retrieving login credentials from Netwave IP cameras using a memory dump vulnerability (CVE-2018-17240)
camera exploit netwave security vulnerability
Last synced: 18 Oct 2024
https://github.com/voidsec/virit-explorer-lpe-arbitrary-code-execution
VirIT Explorer v.8.1.68 Local Privilege Escalation (System)/Arbitrary Code Execution
Last synced: 24 Jan 2025
https://github.com/hunthubspace/exploit-tracker
A script designed to automatically discover new exploits and save results to a file or integrate with your Discord server. Also search for exploits related to specific CVEs of your choice.
bugbounty cve ethical-hacking exploit penetration-testing-tools web
Last synced: 31 Jan 2025
https://github.com/krishpranav/pyssh
A simple python tool to get ssh password of a target machine when they connect to the pySSH server
exploit pip pip3 python python3 ssh ssh-server
Last synced: 06 Dec 2024
https://github.com/onuratakan/haimgard
Haimgard is an environment for writing, testing and using exploit code.
cybersecurity environment exploit hacking hacktool module modules python3 testing whitehat
Last synced: 01 Jan 2025
https://github.com/kube-tarian/kubetak
KubeTaK - Kube Attack. Exploit your K8s cluster and workloads running in it. PenTest K8s. Inspired by the concept of kubesploit by CyberArk and StackHawk.
application-bug application-security bug-fixing exploit kubernetes-attack kubernetes-exploiting penetration-testing pentest pentest-tool pentesting
Last synced: 11 Jan 2025
https://github.com/passort/uac-bypass-fud
UAC bypass, Elevate, Persistence methods
administrator-privileges bypass-uac dll-hijacking exploit fodhelperbypass fud hacking uac-bypass uacme user-account-control windows
Last synced: 21 Jan 2025
https://github.com/Acceis/exploit-CVE-2022-0482
Easy!Appointments < 1.4.3 - Unauthenticated PII (events) disclosure
cve cve-2022-0482 disclosure exploit pii
Last synced: 23 Oct 2024
https://github.com/0xtas/cve-2012-2982
An exploit for CVE-2012-2982 implemented in Rust
cve-2012-2982 exploit poc rust tryhackme
Last synced: 11 Jan 2025
https://github.com/hyeonjun17/cve-2022-2590-analysis
Dirty COW restricted to shmem in linux kernel
1-day analysis cve-2022-2590 dirty-cow exploit linux linux-kernel memory-management race-condition security shared-memory userfaultfd vulnerability
Last synced: 12 Oct 2024
https://github.com/demining/defi-attacks
DeFi Attacks & Exploits all the biggest cryptocurrency thefts from 2021 to 2022
attack attacks attacks-threats-vulnerabilites bitcoin bitcoin-wallet blockchain defi defichain ethereum exploit exploits
Last synced: 12 Nov 2024
https://github.com/siddhant385/karavas
A remote acess tool without port forwarding. An Evil Os implementation for windows
byob evilosx evilwindows exploit flask fud fud-rat karavas payload payload-generator post-exploitation python3 rat remote-access-tool remote-access-trojan reverse-shell simple
Last synced: 16 Nov 2024
https://github.com/eee-n/scratch-commenter-plus
A tool for posting comments on scratch.mit.edu! created by iw131, Scratch Hacks
bookmarklet edge-extension exploit exploitation extension extension-chrome extensions firefox-extension safari-extension scratch scratch-extension scratch-implementation scratch3
Last synced: 25 Jan 2025
https://github.com/lucadibello/weaponizedping
🔫 A weaponized ping implementation that includes concealed data in the packet payload.
exploit icmp-tunnel ping pinger python3
Last synced: 11 Nov 2024
https://github.com/mykhis/discord-image-logger-stealer
Ephemeral discourse is embodied by the likes of Messenger Sessions, the digital portraits of Accounts, and the enigmatic Token
cve cve-2021-44228 cve-scanning exploit exploit-code exploit-database exploit-development exploit-exercises exploit-kit exploitation exploitation-framework slient-doc-exploit slient-exploit slient-exploit-builder slient-hta-exploit slient-jpg-exploit slient-pdf-exploit slient-png-exploit slient-url-exploit
Last synced: 28 Jan 2025
https://github.com/masasron/chameleondump
Dump RFID tag IDs from ChameleonUltra devices
Last synced: 22 Nov 2024
https://github.com/codeb0ss/cve-2023-20073-
Mass Exploit - CVE-2023-20073 - Cisco VPN Routers - [Unauthenticated Arbitrary File Upload and Stored XSS]
0day bug bugbounty cisco codeb0ss codeboss cve cve-2023-20073 exploit hackerone mass mass-exploit uncodeboss vpn-router
Last synced: 12 Jan 2025
https://github.com/eqstlab/cve-2024-48914
PoC for CVE-2024-48914
cve exploit poc proof-of-concept security typescript vulnerability
Last synced: 02 Dec 2024
https://github.com/techgaun/exploit-db-search
Search exploit database
exploit offensive-security shell
Last synced: 19 Dec 2024
https://github.com/alwalxed/juicyurls
A CLI tool to scan suspicious URLs by keywords, extensions, paths and hidden files.
automation bugbounty cli cybersecurity detection exploit golang malware open-source osint penetration-testing projectdiscovery recon reconnaissance scanner scanning security urlscan vulnerabilities
Last synced: 15 Nov 2024
https://github.com/drdataye/drxploit
DrXploit is a powerful and open-source penetration testing and exploitation tool for web applications. This tool is designed to automate the process of discovering and exploiting vulnerabilities, saving time and effort for security researchers.
bugbounty exploit exploit-db hacking hacking-tool hackweb python3 scanning
Last synced: 20 Nov 2024
https://github.com/p1ckzi/CVE-2012-5519
cups-root-file-read.sh | CVE-2012-5519
cups-root-file-read cve cve-2012-5519 cves exploit hacking pentesting-tools
Last synced: 23 Oct 2024
https://github.com/codeb0ss/cve-2023-1112-exp
CVE-2023-1112 Auto Exploiter
codeb0ss codeboss cve cve-2023 cve-2023-1112 cve-2023-1112-exp cve-2023-1112-exploiter cve-2023-1112-wp exploit uncodeboss wordpress wordpress0day wordpressexploit
Last synced: 12 Jan 2025
https://github.com/hunthubspace/cve-2024-0757-exploit
A PoC Exploit for CVE-2024-0757 - Insert or Embed Articulate Content into WordPress Remote Code Execution (RCE)
bugbounty cve ethical-hacking exploit penetration-testing web
Last synced: 31 Jan 2025
https://github.com/hackingyseguridad/CVE-2021-4034
CVE-2021-4034, exploit para escalado de privilegios en SO Linux a root
cve elevar exploit linux privilegios root vuln
Last synced: 23 Oct 2024
https://github.com/a0zhar/ps4payloadloader
This repository will be maintained by me. Super simple to use! It has everything needed to build Your own MiraLoader or Payload Launcher refrenced in the PS4JB Repo by Sleirsgoevy
c exploit freebsd playstation4 ps4 ps4-jailbreak ps4-payload ps4exploit ps4jb ps4payload
Last synced: 20 Jan 2025
https://github.com/piotrbania/apple_exploit_talos-2016-0088
apple exploit TALOS-2016-0088
apple exploit hacking macos null-pointer-dereferences
Last synced: 21 Jan 2025
https://github.com/m3ssap0/wordpress_cve-2018-6389
Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service.
cve-2018-6389 exploit security security-tools vulnerability vulnerability-scanners wordpress
Last synced: 12 Jan 2025
https://github.com/piotrbania/smb2_exploit_release_ms09-050
smb2 remote exploit for MS09-050
exploit exploitation hacking samba smb2 windows
Last synced: 21 Jan 2025
https://github.com/sarperavci/exploitme
A collection of containerized security vulnerabilities including privilege escalation CVEs and SUID exploits for hands-on penetration testing practice.
ctf cybersecurity docker exploit penetration-testing privilege-escalation security security-training suid vagrant vulnerable
Last synced: 17 Jan 2025
https://github.com/vandycknick/gitlab-cve-2020-10977
GitLab Arbitrary File Read Exploit
cve-2020-10977 exploit gitlab lfi python rce
Last synced: 24 Jan 2025
https://github.com/examplest/uac-bypass-fud
UAC bypass, Elevate, Persistence methods
administrator-privileges bypass-uac dll-hijacking exploit fodhelperbypass fud hacking uac-bypass uacme user-account-control windows
Last synced: 08 Dec 2024
https://github.com/p1ckzi/cve-2022-35513
CVE-2022-35513 | blink1-pass-decrypt
blink1-pass-decrypt blink1control2 cve cve-2022-35513 exploit
Last synced: 30 Jan 2025
https://github.com/r-teamdev/rcheat-injector
exploit game-haking injector lua rcheat-injector roblox roblox-lua roblox-script scripts
Last synced: 14 Oct 2024
https://github.com/lynk4/cve-2011-2523
Python exploit for vsftpd 2.3.4 - Backdoor Command Execution
cve cve-2011-2523 exploit metasploitable metasploitable-2 metasploitable-3 python vsftpd-exploit
Last synced: 01 Jan 2025
https://github.com/5amu/pocbrowser
Scrape websites to find PoCs for CVEs
crystal crystal-lang cve cybersecurity exploit pentesting proof-of-concept scraping security-tool security-tools vulnerability-assessment
Last synced: 13 Dec 2024
https://github.com/m3hu1/speedtyperexploit
speedtyper.dev exploit written in python
Last synced: 15 Jan 2025
https://github.com/kernelerr/vlc-cve-2008-4654-exploit
An EXP could run on Windows x64 against CVE-2008-4654.
cve exploit out-of-memory vlc vlc-media-player
Last synced: 19 Jan 2025
https://github.com/kaanaryoverflow/ipfire-2-25-auth-rce
ipfire 2.25 authenticated remote code execution
Last synced: 05 Feb 2025
https://github.com/n3rada/zero-effort
Exploiting CVE-2020-1472 vulnerability (a.k.a Zerologon) without effort.
active-directory cve-2020-1472 evil-winrm exploit impacket-secretsdump windows zerologon
Last synced: 28 Dec 2024
https://github.com/codeb0ss/cve-2024-1698-poc
Mass Exploit CVE-2024-1698 - Wordpress NotificationX <= 2.8.2 - SQL Injection
codeb0ss codeboss cve-2024 cve-2024-1698 cve-2024-1698-exp cve-2024-1698-poc exploit wordpress
Last synced: 13 Nov 2024
https://github.com/typicalmodmaker/cve-2024-4956
Proof-Of-Concept (POC) for CVE-2024-4956
cve cve-2024-4956 exploit poc proof-of-concept proofofconcept vulnerability
Last synced: 07 Nov 2024
https://github.com/x86-512/vxpp
A VFGadget finder script to facilitate Counterfeit Object-Oriented Programming (COOP) and Loop-Oriented Programming (LOP) attacks to bypass advanced security protections like CET and CFG.
binary-exploitation buffer-overflow code-reuse control-flow-guard control-flow-integrity coop exploit exploit-development intel-cet lop rop rop-gadgets ropgadget security-bypass uaf use-after-free
Last synced: 11 Nov 2024
