exploit

There are 286 repositories under exploit topic.

h4cker
The-Art-of-Hacking / h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
ai ai-security artificial-intelligence awesome-list awesome-lists cybersecurity ethical-hacking exploit exploit-development exploits hacker hackers hacking hacking-series penetration-testing training vulnerability vulnerability-assessment vulnerability-identification vulnerability-management
Language:Jupyter Notebook 18442
vitalysim / Awesome-Hacking-Resources
A collection of hacking / penetration testing resources to make you better!
buffer-overflow ctf exploit hacking malware mitm owasp penetration-testing privilege-escalation privilege-escalation-linux reverse-engineering windows-privilege-escalation
15206
Gallopsled / pwntools
CTF framework and exploit development library
assembly bsd capture-the-flag ctf ctf-framework defcon exploit hacktoberfest linux pwnable pwntools python python2 python3 rop shellcode shellcode-development shellcoding wargame
Language:Python 11971
SecWiki / windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
windows kernel exploit tool collections pentest
Language:C 8060
ysoserial
frohoff / ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
deserialization exploit gadget java javadeser jvm poc serialization vulnerability
Language:Java 7672
edoardottt / awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
awesome awesome-list hacking search-engine osint awesome-lists dns hacking-tools exploit security security-tools vulnerability wifi-network bugbounty osint-tool vulnerabilities redteam redteaming cve hacktoberfest
Language:Shell 7539
gef
hugsy / gef
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
binary-ninja ctf debugging discord exploit exploit-development gdb gef ida-pro linux malware-analysis mips powerpc pwn pwntools python python-api reverse-engineering sparc
Language:Python 6872
traitor
liamg / traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
gtfobins exploit privesc privilege-escalation hackthebox infosec redteam-tools security-tools cve-2021-3560 dirtypipe cve-2022-0847
Language:Go 6621
Mr-xn / Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
authentication-bypass bypass cobalt-strike csrf csrf-webshell cve cve-cms exploit getshell oa-getshell penetration-testing penetration-testing-poc php-bypass poc poc-exp rce sql-getshell sql-poc thinkphp
Language:HTML 6541
yaklang / yakit
Cyber Security ALL-IN-ONE Platform
redteam redteam-tools hacking-tools scanner burpsuite pentest golang blueteam exploit hacking security
Language:TypeScript 6533
trickest / cve
Gather and update all available and newest CVEs with their PoC.
cve cve-poc exploit hacking infosec latest-cve penetration-testing pentesting poc red-team security security-tools software-security software-vulnerabilities software-vulnerability vulnerabilities vulnerability
Language:HTML 6483
nomi-sec / PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
cve exploit poc security vulnerability
6447
K8tools
k8gege / K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
0day apt brute-force bypass crack database exploit getshell hacking netscan password pentest poc privilege-escalation scanner
Language:PowerShell 5788
ihebski / DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
infosec default-password pentesting bugbounty pentest credentials-gathering cheatsheet cybersecurity blueteam offensive-security exploit
Language:Python 5568
xairy / linux-kernel-exploitation
A collection of links related to Linux kernel security and exploitation
exploit kernel-exploitation linux-kernel privilege-escalation security
5563
SecWiki / linux-kernel-exploits
linux-kernel-exploits Linux平台提权漏洞集合
linux kernel exploit tool collection awesome pentest
Language:C 5252
NullArray / AutoSploit
Automated Mass Exploiter
automation exploit exploitation metasploit offsec python security security-tools
Language:Python 5014
Ladon
k8gege / Ladon
Ladon大型内网渗透工具，可PowerShell模块化、可CS插件化、可内存加载，无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息，高危漏洞检测16个含MS17010、Zimbra、Exchange
scanner portscan pentest hacking security security-tools security-scanner poc getshell brute-force password netscan tools hack exp ladon ipscanner exploit
Language:PowerShell 4825
AzeemIdrisi / PhoneSploit-Pro
An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
adb android android-debug-bridge android-hacking collaborate cybersecurity exploit hack hacking hacking-script hacking-tool hacktoberfest metasploit-framework meterpreter penetration-testing pentest-tool pentesting phonesploit phonesploit-pro python
Language:Python 4647
bitsadmin / wesng
Windows Exploit Suggester - Next Generation
exploit microsoft patches suggester updates windows
Language:Python 4148
IAIK / meltdown
This repository contains several applications, demonstrating the Meltdown bug.
exploit proof-of-concept side-channel
Language:C 4110
firmianay / CTF-All-In-One
CTF竞赛权威指南
book crypto ctf exploit hacking misc pwn reverse-engineering security web
Language:C 4104
zhzyker / exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
cve-2020-10199 cve-2020-10204 cve-2020-11444 cve-2020-14882 cve-2020-1938 cve-2020-2551 cve-2020-2555 cve-2020-2883 cve-2020-5902 drupal exp exploit getshell nexus poc tomcat vulnerability weblogic webshell
Language:Python 4102
lcvvvv / kscan
Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹20000+，暴力破解协议10余种。
redteam scanner bruteforce brute-force pentest exploit red-team security webscan fingerprint
Language:Go 3886
Threekiii / Awesome-Redteam
一个攻防知识仓库 Red Teaming and Offensive Security
command-and-control execution exploit initial-access lateral-movement privilege-escalation reconnaissance red-teaming
Language:Python 3551
scipag / vulscan
Advanced vulnerability scanning with Nmap NSE
exploit lua lua-script nmap nmap-scan-script nmap-scripts nse nsescript penetration-testing security security-audit security-scanner vulnerability vulnerability-assessment vulnerability-database-entry vulnerability-databases vulnerability-detection vulnerability-identification vulnerability-scanners vulnerability-scanning
Language:Lua 3446
zhzyker / vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
exploit cve rce vulnerabilities cve-2016-4437 security security-tools pentesting pentest-tool cve-2020-14882 cve-2020-2555 cve-2020-2883 scanner cve-2020-13942 cve-2020-17518 cve-2021-21972 cve-2021-26855 cve-2021-27065 cve-2021-21975 cve-2021-3129
Language:Python 3372
karma9874 / AndroRAT
A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side
android backdoor python reverse-shell sockets interpreter androrat rat android-application exploit interpreter-commands java apk hacktoberfest android-rat
Language:Java 3049
Ghost
EntySec / Ghost
Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.
adb android-device android android-debug-bridge android-exploit post-exploitation exploit exploitation-framework android-hack android-hacking android-rat rat remote-access kali-linux hack hacking hacking-tools remote-shell backdoor entysec
Language:Python 2751
mgeeky / Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
cheatsheets exploit hacking networks penetration penetration-testing pentesting red-teaming redteam scripts security social-engineering testing tools
Language:PowerShell 2554
joaomatosf / jexboss
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
exploit exploiting-vulnerabilities deserialization javadeser gadget reverse-shell
Language:Python 2414
Notselwyn / CVE-2024-1086
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
cve cve-2024-1086 exploit lpe poc
Language:C 2251
RootMyTV.github.io
RootMyTV / RootMyTV.github.io
RootMyTV is a user-friendly exploit for rooting/jailbreaking LG webOS smart TVs.
cve-2020-9759 cve-2022-23727 exploit tv webos
Language:HTML 2209
david942j / one_gadget
The best tool for finding one gadget RCE in libc.so.6
ctf exploit gadget glibc libc one-gadget-rce pwn pwnable shell
Language:Ruby 2041
helloexp / 0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
exploit
Language:C 2015
pwn_jenkins
gquere / pwn_jenkins
Notes about attacking Jenkins servers
exploit hacking jenkins pentest rce
Language:Python 1948

Related Topics

cybersecurity hacking penetration-testing vulnerability-assessment