0day

There are 69 repositories under 0day topic.

• K8tools

  k8gege / K8tools

  K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

  exploitapt0daypocgetshellpentesthackingscannerprivilege-escalationbypasscracknetscanbrute-forcepassworddatabase
  Language:PowerShell 5648

• GhostTroops / scan4all

  Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

  attackautogolanghackertoolsnucleibugbountybugbounty-toolshacktoolspentest-tool0daybrute-forcenmapsshvulnerabilities-scanreconsecurity-scannersecurity-toolsvulnerability-detectionvulnerability-scanners
  Language:Go 5277

• PeiQi0 / PeiQi-WIKI-Book

  面向网络安全从业者的知识文库🍃

  cve1day0dayvulnredteampeiqi-wiki
  3507

• veo / vscan

  开源、轻量、快速、跨平台 的网站漏洞扫描工具，帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)

  portscanfingerprintbrutesecurityredteamfuzzing0day
  Language:Go 1364

• W01fh4cker / Serein

  【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。

  guibatch0daycve-2022-26134cve-2022-22980cve-2022-29464cve-2022-22954cve-2022-25078cve-2022-8515cve-2018-13379cve-2019-5418cve-2021-34473cve-2021-43734cve-2022-23337cve-2022-29303cve-2021-30461cve-2022-30525cve-2022-1119cve-2022-33891
  Language:Python 1132

• OWASP / joomscan

  OWASP Joomla Vulnerability Scanner Project https://www.secologist.com/

  owaspjoomlajoomla-cmsjoomscanvunerabilityscannervulnerability-scannersexploit0day
  Language:Raku 1020

• hacktoolspack / hack-tools

  hack tools

  0day2020exploithackhackinghacking-toolhacksinjectionjavajavascriptperlpythonsqlinjectiontoolsvulnerabilityvulnerability-databasesvulnerability-scannersvulnerability-webzeroday
  Language:Python 989

• klezVirus / CVE-2021-40444

  CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit

  cve-2021-40444mswordoffice0dayrceremote-code-execution
  Language:HTML 784

• b1tg / CVE-2023-38831-winrar-exploit

  CVE-2023-38831 winrar exploit generator

  0dayexploitcve
  Language:Python 769

• googleprojectzero / 0days-in-the-wild

  Repository for information about 0-days exploited in-the-wild.

  exploitsvulnerabilities0day
  Language:HTML 716

• Cr4sh / ThinkPwn

  Started as arbitrary System Management Mode code execution exploit for Lenovo ThinkPad model line, ended as exploit for industry-wide 0day vulnerability in machines of many vendors

  0dayexploitfirmwareintelsmmuefivulnerability
  Language:C 655

• jas502n / 0day-security-software-vulnerability-analysis-technology

  0day安全_软件漏洞分析技术

  hack0daysecuritysoftwarebinaryvulnerability
  Language:C 602

• Ostorlab / KEV

  Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.

  0daycisacisa-kevexploitsvulnerability
  490

• 1N3 / Wordpress-XMLRPC-Brute-Force-Exploit

  Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield

  0dayexploitpocwordpresswordpress-xmlrpcxml-rpc
  Language:Python 439

• illusionofchaos / ios-gamed-0day

  iOS gamed exploit (fixed in 15.0.2)

  iosswift0dayios15
  Language:Objective-C 439

• Bo0oM / PHP_imap_open_exploit

  Bypassing disabled exec functions in PHP (c) CRLF

  0dayexploitphpbypassimap
  Language:PHP 400

• hktalent / spring-spel-0day-poc

  spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963

  rcepoc0dayexpspringspring-cloud-functionjavaspelcve-2022-22963
  354

• ZeroMemoryEx / APT38-0day-Stealer

  APT38 Tactic PoC for Stealing 0days from security professionals

  win32apircemalwarevisual-studiolazarusmalware-researchred-team0day0day-stealerapt-38north-korean-aptlateral-movement
  Language:C++ 256

• VoidSec / Exploit-Development

  Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

  exploitpocwindowsshellcoderop-exploitationroprop-gadgetsrop-chainaslraslr-bypasslpeeoprce0daykernel
  Language:Python 204

• 1N3 / Exploits

  Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity

  0day1n3bug-bountiescrowdshieldctfcveexploitspoc
  Language:Python 194

• W01fh4cker / CVE-2023-46747-RCE

  exploit for f5-big-ip RCE cve-2023-46747

  0daycve-2023-46747exploitf5redteam
  Language:Python 188
• no-sandbox

  sickcodes / no-sandbox

  No Sandbox - Applications That Run Chromium and Chrome Without The Sandbox. TL;DR exploits in these browser based applications are already sandboxed escaped: https://no-sandbox.io/

  chromechromiumexploitrce0dayresearchbugbountybug
  177

• illusionofchaos / ios-analyticsd-pre14.7-exploit

  iOS exploit (fixed in 14.7)

  iosswift0day
  Language:Swift 175

• illusionofchaos / ios-nehelper-wifi-info-0day

  iOS 15 0-day exploit (still works in 15.0.2)

  iosswift0dayios15
  Language:Swift 171

• illusionofchaos / ios-nehelper-enum-apps-0day

  iOS 15 0-day exploit (still works in 15.0.2)

  iosswift0dayios15
  Language:Swift 167

• k8gege / CiscoExploit

  Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

  ciscoexploitpocexpgetshellrce0day
  Language:Python 130

• p0wershe11 / ProxyLogon

  ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)

  proxylogoncve-2021-26855cve-2021-26855-ssrfcve-2021-27065exploitmicrosoft-exchangemicrosoft-exchange-proxylogonmicrosoft-exchange-server0dayzeroday
  Language:Python 120

• W01fh4cker / CVE-2024-27198-RCE

  CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4

  jetbrainsredteamteamcitycve-2024-27198cve-2024-271990dayauthexploitrce
  Language:Python 119

• tweedge / springcore-0day-en

  Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.

  spring4shellspringcorejavadeserialization-vulnerabilityexploit0day
  Language:Python 104

• V-i-x-x / AMSI-BYPASS

  "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS

  0dayamsi-bypassamsi-evasionamsi-patchavavbypassedr-bypasspentestpentestingvulnerability
  Language:PowerShell 99

• DrunkenShells / Disclosures

  Public Disclosures

  cvecves0day0-daysecurity
  Language:HTML 88

• k8gege / ZimbraExploit

  Zimbra邮件系统漏洞 XXE/RCE/SSRF/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)

  zimbraxxercessrfuploadgetshellexploitcve-2019-9621poc0dayk8cscan
  Language:Ruby 74

• zadewg / LIVEBOX-0DAY

  CVE-2018-20377; 20575; 20576; 20577 Multiple security vulnerabilities affecting latest firmware release on ORANGE Livebox modems.

  0daycsrfprivacyrouter
  Language:HTML 74

• jas502n / Ubuntu-0day

  all 4.4 ubuntu aws instances are vulnerable

  0dayubuntuhacktoolsroot
  Language:C 66

• Cr4sh / Aptiocalypsis

  Arbitrary SMM code execution exploit for industry-wide 0day vulnerability in AMI Aptio based firmwares

  0dayamiexploitfirmwareintelsmmuefivulnerability
  Language:Python 58
• PPT

  k8gege / PPT

  PPT教程

  pentesthackingsecurityexploit0daypptk8tool
  57