Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Exploit

Exploit refers to a piece of code or technique that takes advantage of a security vulnerability in a system, application, or network to cause unintended behavior. Exploits can be used by attackers to gain unauthorized access, escalate privileges, execute arbitrary code, or cause a denial of service. This topic covers the various types of exploits, such as zero-day exploits, remote code execution, and privilege escalation. It also explores the lifecycle of an exploit, from discovery and development to deployment and mitigation, and highlights the importance of vulnerability management and patching in preventing exploits.

https://github.com/drdataye/drxploit

DrXploit is a powerful and open-source penetration testing and exploitation tool for web applications. This tool is designed to automate the process of discovering and exploiting vulnerabilities, saving time and effort for security researchers.

bugbounty exploit exploit-db hacking hacking-tool hackweb python3 scanning

Last synced: 08 Jul 2025

https://github.com/gill-singh-a/docker-api-remote-root-shell-exploit

A Simple Python Program that uses Docker Module to communicate with Docker API and gets a Remote Root Shell on the Target Device

docker exploit python ssh

Last synced: 05 Jul 2025

https://github.com/arpsyndicate/euvd-scores

VEDAS Score Aggregator for EUVDs

euvd exploit exploit-maturity vedas vulnerability

Last synced: 28 Oct 2025

https://github.com/m3ssap0/wordpress_cve-2018-6389

Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service.

cve-2018-6389 exploit security security-tools vulnerability vulnerability-scanners wordpress

Last synced: 02 Mar 2025

https://github.com/masasron/chameleondump

Dump RFID tag IDs from ChameleonUltra devices

ble chameleonultra exploit

Last synced: 14 Jul 2025

https://github.com/randomrobbiebf/cve-2024-0679

ColorMag <= 3.1.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation

cve-2024-0679 exploit wordpress

Last synced: 29 Dec 2025

https://github.com/evantesecond/zoom-in-cloaker

when zoomed in to at least 150%, the overlapping content disappears. this is useful for cloaking content

cloak cloaker cloakers cloaking cloaks exploit game games school

Last synced: 25 Mar 2025

https://github.com/9dl/websploit

Advanced reconnaissance tool for identifying web vulnerabilities through crowd-sourced data collection

cybersecurity exploit poc proof-of-concept vulnerable

Last synced: 18 Jan 2026

https://github.com/trigii/cve-2023-42860

Exploit for CVE-2023-42860

apple exploit fda macos root sip tcc

Last synced: 15 Jun 2025

https://github.com/sleepytariq/php-8.1.0-dev-backdoor-rce

PHP 8.1.0-dev User-Agentt Backdoor Exploit

exploit php python3

Last synced: 08 Jul 2025

https://github.com/sertrafurr/discord-video-quest-skipper

This script allows you to make video playback on Discord almost instant by speeding up the playback rate by over 19x faster. Ideal for those who want to skip through videos quickly without wasting time, this script ensures your Discord video quests are completed almost immediately!

betterdiscord discord exploit glitch javascript js quest script vencord

Last synced: 01 Jul 2025

https://github.com/kaanaryoverflow/ipfire-2-25-auth-rce

ipfire 2.25 authenticated remote code execution

exploit ipfire rce

Last synced: 19 Oct 2025

https://github.com/kernelerr/vlc-cve-2008-4654-exploit

An EXP could run on Windows x64 against CVE-2008-4654.

cve exploit out-of-memory vlc vlc-media-player

Last synced: 02 Aug 2025

https://github.com/muhammadwaseem29/cve-2025-1661

HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion (LFI)

bugbounty cve-2025-1661 cyber-security exploit

Last synced: 11 Jan 2026

https://github.com/xiaomingx/ysoserial-plus

ysoserial 最早在 AppSecCali 2015 演讲 "Marshalling Pickles: how deserializing objects will ruin your day" 中发布,包含适用于 Apache Commons Collections (3.x 和 4.x)、Spring Beans/Core (4.x) 和 Groovy (2.3.x) 的 gadget 链。后续版本增加了对 JRE <= 1.7u21 和其他常见 Java 库的支持。

exploit java security

Last synced: 22 Jun 2025

https://github.com/0x00-0x00/cve-2015-3224

Modification of Metasploit module for RCE in Ruby-On-Rails Console CVE-2015-3224

console cve exploit rails ruby

Last synced: 25 Aug 2025

https://github.com/javierolmedo/check-ms17-010

🐞 Simple script in powershell to check ms17-010 vulnerability exploited by ransomware WannaCry

exploit ms17-010 powershell powershell-script script vulnerability wannacry

Last synced: 29 Oct 2025

https://github.com/codeb0ss/cve-2024-1698-poc

Mass Exploit CVE-2024-1698 - Wordpress NotificationX <= 2.8.2 - SQL Injection

codeb0ss codeboss cve-2024 cve-2024-1698 cve-2024-1698-exp cve-2024-1698-poc exploit wordpress

Last synced: 03 May 2025

https://github.com/p0dalirius/rpccoercetemplatecpp

A template of C++ code to call a Remote Procedure on a windows machine to coerce an authentication

authentication coerce cpp exploit path rpc smb template unc

Last synced: 16 Aug 2025

https://github.com/sarperavci/exploitme

A collection of containerized security vulnerabilities including privilege escalation CVEs and SUID exploits for hands-on penetration testing practice.

ctf cybersecurity docker exploit penetration-testing privilege-escalation security security-training suid vagrant vulnerable

Last synced: 08 Jul 2025

https://github.com/tigerclips1/ps4jb_update_downloader_usb

What this script does is auto download ps4JB updates that you choose to your USB automation for linux only

automation exploit firmware guide linux ps4 ps4-jailbreak python python-script python3 tigerclips1

Last synced: 16 Oct 2025

https://github.com/zeyad-azima/opayforme

CVE-2021-43150 Exploit for `opay` android app webview

android exploit flask webview

Last synced: 12 Jul 2025

https://github.com/whokilleddb/CVE-2019-15107

CVE-2019-15107 Webmin Exploit in C

cve exploit poc vulnerability

Last synced: 10 Mar 2025

https://github.com/hackingyseguridad/CVE-2021-4034

CVE-2021-4034, exploit para escalado de privilegios en SO Linux a root

cve elevar exploit linux privilegios root vuln

Last synced: 10 Mar 2025

https://github.com/vandycknick/gitlab-cve-2020-10977

GitLab Arbitrary File Read Exploit

cve-2020-10977 exploit gitlab lfi python rce

Last synced: 17 Mar 2025

https://github.com/codingchili/cve-2020-14368

Interactive RCE exploit demo for Eclipse CHE

eclipse-che exploit proof-of-concept vulnerability

Last synced: 06 Apr 2025

https://github.com/mar-ket-vector/metamorpheus

A metamorphic shellcode obfuscator capable of generating more unique shellcodes than there are atoms in the OBSERVABLE UNIVERSE and designed for shellcodes/implants that need to run in W^X memory.

av-evasion backdoor c2 code-mutation exploit implant metamorphic obfuscator polymorphic shellcode

Last synced: 13 May 2025

https://github.com/franckferman/glpi-htmlawed-cve-2022_35914-poc

Automatic scanning (Shodan) and exploitation (PoC) script for the GLPI htmLawed vulnerability (CVE-2022_35914).

bash exploit glpi poc proof-of-concept python python3 remediation shell shodan vuln vulnerabilities vulnerability vulnerability-detection vulnerability-scanning

Last synced: 12 Mar 2025

https://github.com/kissssu/ftp-exploit-vsftpd-2.3.4-backdoor

Python script for exploiting a specific vulnerability in vsFTPd 2.3.4.

exploit python3

Last synced: 28 Oct 2025

https://github.com/waived/cve-2024-3393

PAN-OS: Firewall Denial-of-Service exploit via malicious DNS query

cve-2024-3393 denial-of-service dns-attack exploit palo-alto-networks pan-os proof-of-concept python3

Last synced: 13 Jul 2025

https://github.com/pandh4cker/pandagik

Image Magick Exploit for CVE-2016–3714

exploit imagemagick python3 rce

Last synced: 25 Dec 2025

https://github.com/enty8080/droppers

Droppers written in assembly to drop executables on the compromised computer system.

assembly exploit payload penetration-testing shellcode

Last synced: 21 Mar 2025

https://github.com/prvvv/chromeforensics

Different code samples for Chrome browser analysis & post exploitation

chrome chrome-devtools exploit forensic forensics forensics-tools hacking password post-exploitation

Last synced: 03 Jan 2026

https://github.com/vaibhavpandeyvpz/dtp-exploit-poc

Simple and single purpose PoC app built using React Native to demonstrate PII leak vulnerability in Delhi Traffic Police's notice payment website.

exploit information leak privacy security vulnerability

Last synced: 29 Jul 2025

https://github.com/langriklol/cve-2020-15227

CVE-2020-15227 exploit

exploit rce security vulnerability

Last synced: 29 Jul 2025

https://github.com/whokilleddb/cve-2019-17662

Exploit for CVE-2019-17662 (ThinVNC 1.0b1)

cve cve-2019-17662 exploit poc thinvnc

Last synced: 31 Jul 2025

https://github.com/momenbasel/naggets

old CTF I've made sharing it publicly.

ctf ctf-challenges ctf-platform ctf-playground cve exploit nagios

Last synced: 03 Aug 2025

https://github.com/mauricelambert/cve-2021-42013

These Nmap, Python and Ruby scripts detects and exploits CVE-2021-42013 with RCE and local file disclosure.

cve cve-2021-42013 detection exploit metasploit nmap python3 rce ruby scanner vulnerability

Last synced: 04 Mar 2025

https://github.com/mauricelambert/cve-2021-41773

These Metasploit, Nmap, Python and Ruby scripts detects and exploits CVE-2021-41773 with RCE and local file disclosure.

cve cve-2021-41773 detection exploit metasploit nmap python3 rce ruby scanner vulnerability

Last synced: 04 Mar 2025

https://github.com/mauricelambert/pywcgishell

This package implement a WebShell for CGI and WSGI server.

cgi-script exploit pypi-package python3 web-attacks webshell wsgi-server

Last synced: 04 Mar 2025

https://github.com/devvyyxyz/devvyys-scripts

Roblox exploit scripts by Devvyyxyz

exploit roblox-cheat roblox-executor roblox-hack script

Last synced: 04 Apr 2025

https://github.com/netgian/tiktok-shares

Send automatic shares to your favourites tiktok videos!

exploit hacking http python python3 requests tiktok

Last synced: 22 Feb 2025

https://github.com/shamo0/CVE-2022-1388

BIG-IP iControl REST vulnerability CVE-2022-1388 PoC

1388 2022 bash bigip cve cve-2022-1388 exploit f5 icontrol python rest script shell vulnerabilit

Last synced: 10 Mar 2025

https://github.com/l0nax/CVE-2019-15053

(FAB-2019-00156) Vulnerability discoverd by me CVE-2019-15053

cve cve-2019-15053 exploit poc proof-of-concept vulnerability

Last synced: 10 Mar 2025

https://github.com/whokilleddb/CVE-2019-17662

Exploit for CVE-2019-17662 (ThinVNC 1.0b1)

cve cve-2019-17662 exploit poc thinvnc

Last synced: 10 Mar 2025

https://github.com/SherlockSec/CVE-2020-0601

A Windows Crypto Exploit

cve cve-2020-0601 exploit windows

Last synced: 10 Mar 2025

https://github.com/natthasath/cms-detect-exploit-whatcms

CMS Detection and Exploit Kit based on Whatcms.org API

cms detect exploit joomla wordpress

Last synced: 26 Feb 2025

https://github.com/natthasath/cms-detect-exploit-cmseek

CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs

cms detect exploit joomla wordpress

Last synced: 26 Feb 2025

https://github.com/faisalfs10x/Cisco-CVE-2020-3452-shodan-scanner

simple bash script of CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability checker

cve-2020-3452 exploit poc shodan-dorks

Last synced: 10 May 2025

https://github.com/faisalfs10x/F5-BIG-IP-CVE-2020-5902-shodan-scanner

simple bash script of F5 BIG-IP TMUI Vulnerability CVE-2020-5902 checker

bigip cve-2020-5902 exploit poc

Last synced: 10 May 2025

https://github.com/mauricelambert/webscriptswebshell

Install a WebShell on hardened and deployed WebScripts (using Apache and mod_wsgi).

apache exploit web-attacks webscripts webshell wsgi

Last synced: 20 Jul 2025

https://github.com/asmroyal/0x001829-b

0x001829-B is exploit tool for web servers & for home ip's

csharp csharp-code exploit exploitation exploitation-framework exploits net payload payloads

Last synced: 15 May 2025

https://github.com/mxlgv/toaruos-exploits

This is a repository with exploits for ToaruOS.

exploit privelegeescalation toaruos vuln

Last synced: 16 Jul 2025

https://github.com/ashtondavies/ltmeat-web

Freeze and bypass admin-forced extensions on managed Chromebooks

bypassi chromebook disable exploit extension hack

Last synced: 16 May 2025

https://github.com/hunthubspace/subscope

SubScope is a Python-based command-line tool that helps you manage domains and subdomains in workspaces using an SQLite database.

automation bugbounty bugbounty-tool database ethical-hacking exploit penetration-testing python sqlite web web-penetration-testing

Last synced: 01 Jul 2025

https://github.com/1s64/roblox-fps-gui

Roblox FPS Gui

exploit lua roblox script

Last synced: 16 May 2025

https://github.com/franckferman/cauchemar-apprendre_le_pwn

Référentiel exhaustif pour acquérir une compréhension approfondie des fondamentaux de l'exploitation de binaires. Fruit d'une démarche analytique rigoureuse, ce guide offre une pédagogie structurée, avec explications détaillées et exemples concrets, pour maîtriser pas à pas l'exploitation de binaires.

apprendre apprendre-les-bases apprendre-pwn binary-exploitation exploit exploit-development exploitation francais francaise france gdb heap-overflow learning pwn pwn-college pwn-course-practice pwndbg pwning reverse-engineering stack-overflow

Last synced: 07 Apr 2025

https://github.com/ramona-flower/discord-video-quest-skipper

This script allows you to make video playback on Discord almost instant by speeding up the playback rate by over 19x faster. Ideal for those who want to skip through videos quickly without wasting time, this script ensures your Discord video quests are completed almost immediately!

betterdiscord discord exploit glitch javascript js quest script vencord

Last synced: 24 Mar 2025

https://github.com/dubniczky/prototype-pollution

JavaScript Prototype Pollution Attack demo against a NodeJS Express server using Lodash

demo exploit javascript lodash prototype-pollution security yarn-berry

Last synced: 31 Mar 2025

https://github.com/dubniczky/remote-keylogger

A compiled keylogger written in python with logging to a remote host

exploit hack keylogger python server

Last synced: 31 Mar 2025

https://github.com/chikof/discord-opera

OperaGX really messed up with this one

discord discord-opera educational exploit opera

Last synced: 31 Mar 2025

https://github.com/evantesecond/krypton

cool tools for school i guess, use https://kryptontools.glitch.me/ if .pages.dev is blocked

bypass chrome chromebook evan exploit exploits games hack krypton school school-chromebook school-hacks school-tools

Last synced: 12 Mar 2025

https://github.com/ihsandevs/simplewebshell-php

The Simple Web Shell is a lightweight and user-friendly web-based interface for controlling a website using a single PHP file.

ethical-hacking ethical-hacking-tools exploit hacking php remote-code-execution shell webshell webshells

Last synced: 30 Mar 2025

Exploit Awesome Lists
Awesome-Hacking-Resources 261 awesome-hacker-search-engines 545 bluetoolkit 69 awesome-mcp-security 119 awesome-vm-exploit 35 awesome-MLSecOps 190 awesome-uefi-security 233 awesome-cryptocurrency-security 50 awesome-iot-security-resource 204
Exploit Categories
Uncategorized 674 Table of Contents 310 Threat Modeling 292 Vulnerability Writeup 255 Blogs 214 Blogs :newspaper: 102 Talks :speaker: 60 Install 59 MlSecOps pipeline 58 Open Source Security Tools 57 TODO List 50 📕 Articles, X threads and Blog Posts 49 Qemu 39 Tools :hammer: 38 Repositories 34 Firmware 26 🧑‍🚀 Tools and code 25 Community Resources 24 💾 MCP Security Servers 20 Blogs and Publications 20