Exploit
Exploit refers to a piece of code or technique that takes advantage of a security vulnerability in a system, application, or network to cause unintended behavior. Exploits can be used by attackers to gain unauthorized access, escalate privileges, execute arbitrary code, or cause a denial of service. This topic covers the various types of exploits, such as zero-day exploits, remote code execution, and privilege escalation. It also explores the lifecycle of an exploit, from discovery and development to deployment and mitigation, and highlights the importance of vulnerability management and patching in preventing exploits.
- GitHub: https://github.com/topics/exploit
- Wikipedia: https://en.wikipedia.org/wiki/Exploit_(computer_security)
- Created by: The cybersecurity community
- Related Topics: hacking, cybersecurity, penetration-testing, vulnerability-assessment,
- Aliases: exploits, vulnerability-exploit,
- Last updated: 2026-06-14 00:10:34 UTC
- JSON Representation
https://github.com/Josexv1/CVE-2022-27925
Zimbra CVE-2022-27925 PoC
cve cve-2022-27925 exploit poc zimbra
Last synced: 10 Mar 2025
https://github.com/thewhiteh4t/thewhiteh4t.github.io
thewhiteh4t's Blog
blog blogging exploit exploitation framework hacking mitigation security tips-and-tricks
Last synced: 05 Mar 2025
https://github.com/err0r-ica/whatspayloadrce
Whatsapp Automatic Payload Generator [CVE-2019-11932]
cve exploit hacking hacking-tools linux payload termux whatsapp whatsapp-chat
Last synced: 12 Apr 2025
https://github.com/xh4h/loki
The Dependency Confusion vulnerability scanner and autoexploitation tool to help identifying and mitigating supply chain attacks
attacks chain confusion dependency exploit migitation poc supply vulnerability-scanners
Last synced: 13 Aug 2025
https://github.com/leadroyal/cve-2024-37051-exp
CVE-2024-37051 poc and exploit
cve-2024-37051 exploit payload
Last synced: 04 Feb 2026
https://github.com/d3ext/xdebug-exploit
xdebug 2.5.5 RCE exploit
black-hat ctf exploit hacker hacking hackthebox kali mrrobot offensive-security oscp owasp php python rce vuln vulnerability xdebug xdebug-exploit
Last synced: 19 Jul 2025
https://github.com/r3dxpl0it/CVE-2018-4407
IOS/MAC Denial-Of-Service [POC/EXPLOIT FOR MASSIVE ATTACK TO IOS/MAC IN NETWORK]
attack blueteam cve cyber-security cybersecurity denial-of-service exploit hacking hacking-tool ios macos network penetration-testing poc redteam security
Last synced: 22 Apr 2025
https://github.com/DErDYAST1R/EACBypass-CR3ReadyDrv
This is my EAC Bypass (Setup) Driver that offers an undetected communication and callback handler/hooking system through IOCTL.
anti bypass cheat cr3 driver eac easy easy-anti-cheat exploit ioctl kernel read undetected write
Last synced: 08 May 2025
https://github.com/scipag/attacktoolkit
Open-source Exploiting Framework
exploit exploitation exploitation-framework exploiting-vulnerabilities exploiting-windows penetration-testing vulnerability-assessment vulnerability-detection vulnerability-identification vulnerability-scanners
Last synced: 31 Jan 2026
https://github.com/xenomega/xsymlink
Xbox One Symbolic Link Exploit: Access restricted/encrypted volumes using the Xbox File Explorer.
csharp exploit hack reverse-engineering symbolic-links vulnerability xbox
Last synced: 14 Oct 2025
https://github.com/dubniczky/vpn-detect
VPN Detection in the browser using JavaScript
deanonymization exploit javascript vpn-detection
Last synced: 15 Oct 2025
https://github.com/sliper-100uo/roblox-ky
๐ฎ Reverse engineering Roblox account creation.
admin adonis-loader compiler csharp exploit framework library rbxl rbxlx rbxm roblox-executor roblox-ts roblox-ui-lib thirdperson
Last synced: 07 May 2025
https://github.com/xaviermilgo/Chimay-Red-tiny
This is a minified exploit for mikrotik routers. It does not require any aditional modules to run.
chimay-red exploit mikrotik mikrotik-router vulnerability wikileaks
Last synced: 25 Mar 2025
https://github.com/scipag/AttackToolKit
Open-source Exploiting Framework
exploit exploitation exploitation-framework exploiting-vulnerabilities exploiting-windows penetration-testing vulnerability-assessment vulnerability-detection vulnerability-identification vulnerability-scanners
Last synced: 28 Sep 2025
https://github.com/cr4sh/prl_guest_to_host
Guest to host VM escape exploit for Parallels Desktop
0day exploit hypervisor not-a-bug vulnerability
Last synced: 09 Apr 2025
https://github.com/egebalci/ticketbleed
This is a tool for exploiting Ticketbleed (CVE-2016-9244) vulnerability.
Last synced: 12 May 2025
https://github.com/0xAsuka/shu-shell
Webshell Jumping Edition
exploit file-manager symlink webshell
Last synced: 11 May 2025
https://github.com/farisv/appledos
Messing Apple devices on the network with CVE-2018-4407 (heap overflow in bad packet handling)
Last synced: 10 Apr 2025
https://github.com/cawfree/sameorigin
๐ค ๐งช Masquerade as if you were their own frontend.
axios blur bypass cloudflare cors exploit marketplace nft opensea puppeteer
Last synced: 10 Apr 2025
https://github.com/knqyf263/cve-2020-10749
CVE-2020-10749 PoC (Kubernetes MitM attacks via IPv6 rogue router advertisements)
exploit ipv6 kubernetes vulnerability
Last synced: 11 Apr 2025
https://github.com/dylanmeca/labsecurity
Labsecurity is a tool that bundles ethical hacking python scripts into a single tool with cli interface.
exploit hacking hacking-tool hacking-tools information-gathering kali-linux kali-linux-hacking linux-tool linux-tools pentesting python scanner security security-audit security-scanner security-scanners security-tool security-tools vulnerability-detection vulnerability-scanners
Last synced: 12 Jul 2025
https://github.com/johnoseni1/router-hacker-exploit-and-extract-user-and-password-
This is a python wifi (router) hacker , having ability to search for mikrotic devices around you and get their <MAC> address then extract their user and password
exploit hacking ipaddress macaddress mikrotik port python safety
Last synced: 13 Jun 2025
https://github.com/nullarray/shellshocker
A Bash script to test a list of URLs for the shellshock vulnerability.
bash exploit pentest pentesting shell shellshock-vulnerability
Last synced: 02 Jul 2025
https://github.com/inndy/formatstring-exploit
Dead simple format string exploit payload generator
Last synced: 25 Apr 2025
https://github.com/000pp/WSOB
๐ญ WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.
cve-2022-29464 exploit python wso2
Last synced: 17 Apr 2025
https://github.com/demining/blockchain-attack-vectors
Blockchain Attack Vectors & Vulnerabilities to Smart Contracts
attack attacker attacks bitcoin blockchain blockchain-technology cryptocurrency ethereum exploit exploiting exploiting-vulnerabilities hack hacking smart-contracts vulnerabilities vulnerability vulnerability-scanners
Last synced: 25 Jun 2025
https://github.com/mauricelambert/cve-2022-21907
CVE-2022-21907: detection, protection, exploitation and demonstration. Exploitation: Powershell, Python, Ruby, NMAP and Metasploit. Detection and protection: Powershell. Demonstration: Youtube.
bluescreen crash cve cve-2022-21907 denial-of-service detection dos exploit iis metasploit microsoft nmap payload powershell protection python3 ruby vulnerability webserver
Last synced: 12 Mar 2026
https://github.com/jcubic/jsh.php
Terminal like php shell (PHP+jQuery WebShell)
exploit jquery jquery-plugin shell terminal-app vulnerability web-shell web-terminal
Last synced: 14 Apr 2025
https://github.com/software-engineering-and-security/inspector-gadget
Inspector-gadget (a.k.a. PSHAPE - Practical Support for Half-Automated Program Exploitation) is an open source tool which assists analysts in exploit development. It discovers gadgets, chains gadgets together, and ensures that side effects such as register dereferences do not crash the program.
exploit gadget-chain gadgets inspector-gadget pshape register vulnerability
Last synced: 01 Sep 2025
https://github.com/limbenjamin/LogServiceCrash
POC code to crash Windows Event Logger Service
crash eventlog exploit windows
Last synced: 11 Jul 2025
https://github.com/matheuzsecurity/exploit-cve-2025-24799
CVE-2025-24799 Exploit: GLPI - Unauthenticated SQL Injection
cve cve-2025-24799 exploit glpi
Last synced: 03 Mar 2026
https://github.com/karthikuj/cve-2022-31101
Exploit for PrestaShop bockwishlist module 2.1.0 SQLi (CVE-2022-31101)
blockwishlist cve-2022-31101 exploit prestashop
Last synced: 08 Sep 2025
https://github.com/knqyf263/CVE-2020-10749
CVE-2020-10749 PoC (Kubernetes MitM attacks via IPv6 rogue router advertisements)
exploit ipv6 kubernetes vulnerability
Last synced: 11 May 2025
https://github.com/m3ssap0/gitlab_rce_cve-2022-2884
Exploits GitLab authenticated RCE vulnerability known as CVE-2022-2884.
cve-2022-2884 exploit gitlab security security-tools vulnerability vulnerability-scanners
Last synced: 25 Jun 2025
https://github.com/notselwyn/exploits
Custom exploits
exploit linux proof-of-concept
Last synced: 30 Aug 2025
https://github.com/3ndg4me/cve-2020-3452-exploit
Just basic scanner abusing CVE-2020-3452 to enumerate the standard files accessible in the Web Directory of the CISCO ASA applicances.
bash cisco cve cve-2020-3452 exploit hacktoberfest shell vulnerability
Last synced: 25 Mar 2025
https://github.com/adamyordan/offbyslash-django-dumper
A proof of concept to dump Django website's source code affected by NGINX's off-by-slash alias directive misconfiguration.
django dumper exploit nginx poc security source-code vulnerability web-security
Last synced: 29 Jun 2025
https://github.com/yak0d3/anyform
Anyform is a lightweight form brute-forcing tool.
auto-exploiter brute brute-force brute-force-algorithm brute-force-attack-on brute-force-attacks brute-force-passwords bruteforce bruteforce-attacks bruteforce-password-cracker bruteforcer bruteforcing cracking exploit exploit-kit exploitation form-exploitation password-cracker weak-passwords
Last synced: 02 Aug 2025
https://github.com/nullarray/shellware
Persistent bind shell via pythonic shellcode execution, and registry tampering.
exploit pentest pentesting-windows persistence shellcode
Last synced: 13 Apr 2025
https://github.com/simonuvarov/expdev
Vulnerable software and exploits used for OSCP/OSCE preparation
Last synced: 13 May 2025
https://github.com/iricartb/advanced-sql-injection-scanner
Ivan Ricart Borges - Test for didactic purposes of web pages vulnerables to SQL injection using dbo database user with xp_cmdshell execution permissions. Using patterns from Internet search engines to extract potentially vulnerable web addresses and test them by changing the GET parameters using invalid Transact-SQL conversion function to cause through unhandled errors by IIS web server to show critical information. If certain features are given and using advanced injection techniques a malicious attacker could gain control of the entire system by executing shell commands in the SQL database engine.
c-sharp database dbo exploit iis injection microsoft rce scanner search-engine sqlserver transact-sql visual-studio vulnerability webserver xp-cmdshell
Last synced: 10 Apr 2025
https://github.com/byt3n33dl3/camhoundad
Automated Exploit scanners for public Camera, CCTV's, and Capture Devices.
camera cctv exploit surveillance trust-attack
Last synced: 24 Jul 2025
https://github.com/p1ckzi/cve-2022-22965
spring4shell | CVE-2022-22965
cve cve-2022-22965 exploit pentesting spring-framework tomcat
Last synced: 28 Oct 2025
https://github.com/bl4ck44/articulos
Artรญculos relacionados a la Ciberseguridad, Hacking y al Anรกlisis de Malware.
android auditorias ciberseguridad cracking criptografia esteganografia exploit hacking linux malware malware-analysis programacion redes seguridad tools virus vulnerabilidades web windows wireless
Last synced: 12 Jul 2025
https://github.com/p1ckzi/CVE-2022-22965
spring4shell | CVE-2022-22965
cve cve-2022-22965 exploit pentesting spring-framework tomcat
Last synced: 10 Mar 2025
https://github.com/machine1337/fudransome
Generate FUD Ransomeware For Windows, Linux and MAC OS
antivirus-evasion applehacking cybersecurity encryption evasions exploit hacking linuxransomeware machine1337 malware obfuscation python ransomware windowsransomeware
Last synced: 25 Apr 2025
https://github.com/k8gege/jbossexploit
MSF moudle jboss invoke deploy getshell Exploit & Jboss jmx-console getshell exploit
exp exploit getshell jboss metasploit msf poc rce
Last synced: 03 May 2025
https://github.com/davidbuchanan314/wifi-sdcf
Reverse Engineering notes on the Dxingtek/Keytech(?) WiFi@SDCF card
exploit iot reverse-engineering
Last synced: 12 Apr 2025
https://github.com/paulveillard/cybersecurity-exploit-development
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Exploit Development.
code-execution developer developer-experience developer-tools development development-tools exploit exploitation exploitation-framework exploitation-frameworks exploitation-menu vulnerability-detection
Last synced: 07 Jan 2026
https://github.com/kkent030315/anyelevate
x64 Windows privilege elevation using anycall
code-execution exploit kernel privilege-elevation privilege-escalation privilege-escalation-exploits windows windows-10
Last synced: 28 Oct 2025
https://github.com/jm33-m0/cve-2018-7750
an RCE (remote command execution) approach of CVE-2018-7750
Last synced: 08 Apr 2025
https://github.com/sectool/python-shellcode-buffer-overflow
Shellcode / Buffer Overflow ๐ฃ
buffer-overflow buffer-overflow-attack exploit exploit-code exploit-kit exploitation exploits linux-exploits linux-solaris penetration-testing python shell shell-script shell-scripting shell-scripts shellcode shellcode-loader shellscript solaris solaris-system
Last synced: 15 Apr 2025
https://github.com/deepsyx/vote-buster
Capcha+Email confirmation bypass script
bot bypass captcha cookie exploit recognization smtp-server tesseract
Last synced: 19 Apr 2025
https://github.com/tatapinhighcone74/roblox-synapse
Roblox Synapse Executor is a top-tier script execution tool for Roblox, valued for its advanced features and stability, enabling seamless Lua scripting for game modifications and customization.
authentication bloxfruit-script bloxfruits-autofarm-script executer exploit game gui hack lua nexus-roblox roblox roblox-lua roblox-script roblox-scriptbloxfruits-autofarm-script roblox-scripts roblox-synapse robloxscripts script-hub supported whitelist
Last synced: 13 Jun 2025
https://github.com/kia87v73/roblox-bunni-executor
Bunni is a premier Roblox exploiting platform, renowned for its cutting-edge tools, rapid updates, and robust support. Developed by experienced professionals, it ensures maximum efficiency, security, and a seamless user experience with features like HWID spoofer and extensive script support.
cheats code developer exploit gaming github hacking injector lua modding open-source programming project
Last synced: 29 Jun 2025
https://github.com/yak0d3/ddumper
dDumper is a Drupal Vulnerability Scanner & an Auto Exploiter.
auto-exploiter deface drupal drupal-7 drupal-8 drupal8 exploit exploit-kit exploiting-vulnerabilities exploits mass-exploitation-scanner shell vulnerabilities vulnerability-detection vulnerability-scanners
Last synced: 26 Oct 2025
https://github.com/sgabe/cve-2019-1253
AppXSvc Arbitrary File Security Descriptor Overwrite EoP
elevation-of-privilege eop exploit proof-of-concept vulnerability windows10
Last synced: 13 Aug 2025
https://github.com/xsscx/cve-2017-5638
Example PoC Code for CVE-2017-5638 | Apache Struts Exploit
apache code content-type cve-2017-5638 exploit poc python struts2
Last synced: 26 Apr 2025
https://github.com/vs4vijay/exploits
Exploits R&D
blueducky bluekeep buffer-overflow c99 cve exploit exploits heap-overflow heartbleed infosec lpe pentest pentesting poc rce red-team security shell stack-overflow
Last synced: 29 Apr 2025
https://github.com/warflop/iot-mqtt-exploit
An tool for search IOT MQTT vulnerable with shodan
Last synced: 13 Aug 2025
https://github.com/mustafadalga/multi-client-reverse-shell
A multi-client reverse shell that allows multiple connections from target computers || Hedef bilgisayarlardan gelen birden fazla baฤlantฤฑya izin veren รงoklu istemcili reverse shell.
exploit hack hacking hacking-attack-tools hacking-code hacking-tool hacking-tools multi-reverse-shell python-for-hacking python-for-security python-reverse-shell python3 reverse-shell shell shell-script shell-scripts shellcode shellscript
Last synced: 03 Aug 2025
https://github.com/thewhiteh4t/cve-2020-9375
TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field.
cve cve-2020-9375 exploit tp-link tplink
Last synced: 12 Apr 2025
https://github.com/mustafadalga/code-injector
Aynฤฑ aฤ iรงerisinde , ARP Spoofing saldฤฑrฤฑsฤฑ yapฤฑlmฤฑล hedef bilgisayarฤฑn ziyaret ettiฤi , HTTP protokolรผnรผ kullanan web sitelerine kod enjekte ederek manipรผle etmenize yarayan bir script.
code-injection cyber-security cyber-threat-intelligence cybersecurity exploit hacker hacking hacking-code hacking-tool hacking-tools hackingtools python python-3 python-script python3 web-hackathon web-hacking website-hacking
Last synced: 30 Apr 2025
https://github.com/1n3/ctf-writeups
CTF Writeups
ctf ctf-writeups ctfs exploit exploits solutions writeups
Last synced: 26 Feb 2026
https://github.com/Warflop/IOT-MQTT-Exploit
An tool for search IOT MQTT vulnerable with shodan
Last synced: 10 May 2025
https://github.com/camiloczz/scriptware
Scriptware Executor is a premium Roblox tool for Windows and macOS, renowned for its ability to execute Lua scripts efficiently, offering robust features for advanced game modifications and seamless gameplay enhancements.
backup borgbackup delayless exploit fe fluxus hack http krnl lua netbypass netless reanimate rest-api roblox rust script scriptware synapse tauri
Last synced: 12 Apr 2025
https://github.com/owlinux1000/arm_exploit
ARM Exploit ้็บใฎใใใฎใใฌใผใใณใฐใชใใธใใช
Last synced: 09 May 2025
https://github.com/0xinfection/epscalate
Exploit for elevation of privilege vulnerability in QuickHeal's Seqrite EPS (CVE-2023-31497).
cve-2023-31497 endpoint-security exploit privilege-escalation
Last synced: 19 Jul 2025
https://github.com/yallxe/hogg
Common vulnerability scanning on steroids โ๏ธ
dns exploit network proxy rust rust-lang scanner secrets security sniffer vulnerabilities webscanner
Last synced: 19 Jul 2025
https://github.com/hugsy/gef-legacy
Legacy version of GEF running for GDB+Python2
ctf debugging exploit exploit-development gdb gdb-python2 linux malware-analysis pwn python reverse-engineering
Last synced: 10 Apr 2025
https://github.com/000pp/pwnfaces
๐ Primefaces 5.X EL Injection Exploit (CVE-2017-1000486)
cve cve-2017-1000486 elinjection exploit golang linux primefaces redteam
Last synced: 24 Apr 2025
https://github.com/rxzyx/popcat-hack
The best hack for popcat.click
exploit game hack javascript popcat popcat-bot popcat-cheat popcat-hack popcatautoclick popcatscript
Last synced: 01 Apr 2025
https://github.com/demining/dao-exploit
Cryptanalysis of the DAO exploit & Multi-Stage Attack
attack cryptanalysis crypto cryptocurrency cryptography dao ethereum ethereum-contract exploit exploit-development hacking
Last synced: 26 Jun 2025
https://github.com/thewhiteh4t/cve-2021-31630
Python script for exploiting command injection in Open PLC Webserver v3
Last synced: 12 Apr 2025
https://github.com/egebalci/msf-self-defence
Self defense post module for metasploit
anti-detection defense exploit
Last synced: 12 May 2025
https://github.com/mlgmxyysd/f21proinjector
Exploit the vulnerability to install arbitrary applications in k61v1 without ROOT
android exploit exploitation hacking hacktoberfest php
Last synced: 07 May 2025
https://github.com/LukeBob-zz/C2-Pwn
Uses Shodan API to pull down C2 servers to run known exploits on them.
c2 exploit python rat shodan-api
Last synced: 10 May 2025
https://github.com/electr0lulz/Mass-exploit-CVE-2022-29464
Mass Exploit for CVE 2022-29464 on Carbon
0day auto-exploiter bash carbon cve cve-2022-29464 exploit massexploit python shodan
Last synced: 10 May 2025
https://github.com/m3ssap0/wordpress-really-simple-security-authn-bypass-exploit
Exploits Really Simple Security < 9.1.2 authentication bypass (CVE-2024-10924).
cve-2024-10924 exploit really-simple-security security security-tools vulnerability vulnerability-scan wordpress
Last synced: 31 Jul 2025
https://github.com/aydinnyunus/cve-2024-24576-exploit
CVE-2024-24576 Proof of Concept
Last synced: 29 Apr 2025
https://github.com/bcoles/serenity-exploits
Various exploits for SerenityOS
Last synced: 25 Mar 2025
https://github.com/p0dalirius/cve-2022-30780-lighttpd-denial-of-service
CVE-2022-30780 - lighttpd remote denial of service
cve cve-2022-30780 denial exploit lighttpd pentest remote service
Last synced: 07 Oct 2025
https://github.com/ait-testbed/attackmate
AttackMate is an attack orchestration tool that executes full attack-chains based on playbooks.
api attack automation automation-framework cybersecurity exploit metasploit orchestration pentest python redteam rootkit security sliver testbed training
Last synced: 22 Apr 2025
https://github.com/edoardottt/nuclei-cve-gpt
[experiment] Generate Nuclei templates for CVEs using chatGPT
chatgpt cve cve-exploit cve-search exploit gpt nuclei nuclei-templates openai projectdiscovery red-team security security-tools
Last synced: 23 Mar 2025
https://github.com/nyawox/nixtendo-switch
NixOS module with some useful features for hacked nintendo switch
cve-2018-6242 exploit hekate nintendo-switch nix-flake nixos nixos-module usb
Last synced: 01 Nov 2025
https://github.com/m8sec/eaprimer
C# project to Reflectively load .Net assemblies in memory
amsi csharp executing-assemblies exploit net-assemblies pentesting powershell windows
Last synced: 26 Mar 2025
https://github.com/hktalent/weblogic_java_des
weblogic T3 collections java InvokerTransformer Transformer InvokerTransformer weblogic.jndi.WLInitialContextFactory
collections deserialization exploit hacker hacking-tool invokertransformer java rce remote-control remote-execution tools transformer weblogic
Last synced: 14 May 2025
