exploits

There are 150 repositories under exploits topic.

• h4cker

  The-Art-of-Hacking / h4cker

  This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.

  hackingpenetration-testinghacking-seriescybersecurityethical-hackinghackerexploitexploitsexploit-developmentvulnerabilityvulnerability-assessmentvulnerability-managementvulnerability-identificationawesome-listsawesome-listtraininghackersaiartificial-intelligenceai-security
  Language:Jupyter Notebook 23947

• threat9 / routersploit

  Exploitation Framework for Embedded Devices

  bruteforcecredsdictionary-attackembeddedexploitsinfosecpythonrouterrouter-exploitation-frameworkroutersploitroutersploit-frameworkscannersecurity
  Language:Python 12806

• projectdiscovery / nuclei-templates

  Community curated list of templates for the nuclei engine to find security vulnerabilities.

  bugbountyexploit-developmentexploitsfingerprinthacktoberfestnucleinuclei-checksnuclei-templatessecurityvulnerability-detection
  Language:JavaScript 11297

• The-Z-Labs / linux-exploit-suggester

  Linux privilege escalation auditing tool

  applicable-exploitsexploitshacking-toolkernel-exploitationlinux-exploitslinux-kernelprivilege-escalation-exploitspublished-exploitssecurity-tools
  Language:Shell 6239

• cdk-team / CDK

  📦 Make security testing of K8s, Docker, and Containerd easier.

  penetrationpenetration-testing-toolskubernetesdockerhacktoolsk8s-penetration-toolkitk8slinuxexploitscloud-nativeblackhathitbcloud-native-securitycontainercontainer-escapecontainer-securitykernel-exploitationkubernetes-securityprivilege-escalationvulnerabilities
  Language:Go 4444

• x0rz / EQGRP

  Decrypted content of eqgrp-auction-file.tar.xz

  equationgroupexploitshackingnsashadowbrokerstao
  Language:Perl 4179

• ysrc / xunfeng

  巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

  securitypentestinginfosecexploitssecurity-auditvulnerability-detectionscannervulnerability-assessmentvulnerability-scanners
  Language:Python 3586

• Ascotbe / Kernelhub

  :palm_tree:Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)

  cvecve-2021-26868cve-2021-33739cve-2021-34486cve-2021-36934cve-2021-40444cve-2021-40449cve-2021-42278cve-2021-42287cve-2022-21882cve-2022-26937cve-2022-30206cve-2022-33679cve-2022-34718exploitskernellinuxpentesttoolwindows
  Language:C 3173

• the-akira / Computer-Science-Resources

  Collection of resources spanning key areas of Computer Science

  artificial-intelligenceassemblyawesome-listcloud-computingcomputercomputervisioncryptographycybersecuritydatabaseexploitsjavascriptmachine-learningmathematicsnetworkingoperating-systemphysicsprogramming-languagepythonquantum-computingregular-expression
  2689
• SUDO_KILLER

  TH3xACE / SUDO_KILLER

  A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.

  sudo-exploitationabuse-sudoctfexploitscvepentestpentest-toolprivilege-escalationsudolinux-exploitsmisconfigurationoscposcp-toolsoscp-journeyoscp-prep
  Language:Shell 2389

• AabyssZG / SpringBoot-Scan

  针对SpringBoot的开源渗透框架，以及Spring相关高危漏洞利用工具

  cve-2018-1273cve-2021-21234cve-2022-22947cve-2022-22963cve-2022-22965cve-2024-37084cve-2025-41243exploitexploitssecuritysecurity-toolsspringspring-bootspring-vulnerabilityspringbootvul
  Language:Python 2126

• anouarbensaad / vulnx

  vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.

  auto-exploiterbotcloudflare-detectioncms-detectorcrawlerdetects-vulnerabilitiesdorksexploitshackinginformation-gatheringpentestsecurity-toolsshell-injectionsubdomains-gatheringvulnerabilityvulnerability-assessmentvulnerability-detectionvulnerability-exploitwebsite-vulnerability-scannerwp-scanner
  Language:Python 1996

• 1N3 / Findsploit

  Find exploits in local and online databases instantly

  exploitsmetasploitnmappentesthackersexploitdbfindsearchbugbounty
  Language:Shell 1778

• adysec / nuclei_poc

  Nuclei POC，每日更新 | 自动整合全网Nuclei的漏洞POC，实时同步更新最新POC，保存已被删除的POC。通过批量克隆Github项目，获取Nuclei POC，并将POC按类别分类存放，使用Github Action实现。已有19w+POC，已校验格式的有效性并去重（验证的是格式的有效性）

  dailyexploitexploitsfingerprinthack-toolshackerhackingnucleinuclei-templatespocscannersecuritysecurity-scanner
  Language:Python 1678

• XiphosResearch / exploits

  Miscellaneous exploit code

  exploitspythonpocrcephpsecurityhackingwindowsbypasstr-064
  Language:Python 1564
• openclarity

  openclarity / openclarity

  OpenClarity is an open source platform built to enhance security and observability of cloud native applications and infrastructure

  cloudexploitskubernetesleaked-secretsmalwarerootkitssbomscannersecuritysupply-chainvirtual-machinevulnerabilities
  Language:Go 1432
• deepce

  stealthcopter / deepce

  Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)

  deepcedocker-enumerationenumerationexploitscontainer-escapeprivilege-escalationprivilege-escalation-exploits
  Language:Shell 1403

• jxy-s / herpaderping

  Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

  exploitwindowssecurityprocess-herpaderpingvulnerabilitysecurity-vulnerabilityexploitationexploitsexploit-developmentexploit-frameworkwindows-10windows-7windows-defenderantivirusantivirus-evasionprocess-migrationprocess-hollowingprocess-doppelganging
  Language:C++ 1167

• topscoder / nuclei-wordfence-cve

  60k+ WordPress Nuclei templates, updated daily from Wordfence intel—filter by severity/tags/CVE and scan in one line. 🚀🔒

  cvenucleinuclei-templateswordfencebugbountyexploitsprojectdiscoverysecuritywordpresspentestingscannervulnerabilityvulnerability-scanningawesome-listcybersecurityethical-hackinghackervulnerability-managementnuclei-scan
  Language:Python 1136

• nccgroup / featherduster

  An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

  cryptanalysiscryptocryptographyencryptionexploitexploitationexploitation-frameworkexploitspythonsecurity
  Language:Python 1114

• dark-lbp / isf

  ISF(Industrial Control System Exploitation Framework)，a exploitation framework based on Python

  icsics-expics-pocscapyisfmodbusexploitsscadaplc
  Language:Python 1081

• rastating / wordpress-exploit-framework

  A Ruby framework designed to aid in the penetration testing of WordPress systems.

  wordpress-exploit-frameworksecuritysecurity-auditexploitswordpress
  Language:Ruby 1036

• rfunix / Pompem

  Find exploit tool

  exploit-databasepythonpentest-toolexploitssecurity-tools
  Language:Python 1019

• 1N3 / PrivEsc

  A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

  bugbountyexploitshackinglinuxmysqlpentestingprivescsqlwindows
  Language:C 976

• toolswatch / vFeed

  The Correlated CVE Vulnerability And Threat Intelligence Database API

  cveovalthreat-intelligence-databasepythonvfeedcwecapecscapvulnerability-databasesvulnerability-detectionvulnerability-database-entryvulnerability-identificationthreatintelligence-gatheringexploitsvulnerabilityvulnerability-scannerscommon-vulnerability-exposurethreat-intelligencethreatintel
  Language:Python 944

• sundaysec / Android-Exploits

  A collection of android Exploits and Hacks

  androidandroid-architecturehackingexploitexploitsdos
  Language:HTML 932

• tenable / routeros

  RouterOS Security Research Tooling and Proof of Concepts

  bughuntingexploitshoneypotpocrouterosscanner
  Language:C++ 893

• pedrib / PoC

  Advisories, proof of concept files and exploits that have been made public by @pedrib.

  vulnerabilitiesexploitsmetasploithackingadvisories
  Language:Ruby 849

• googleprojectzero / 0days-in-the-wild

  Repository for information about 0-days exploited in-the-wild.

  0dayexploitsvulnerabilities
  Language:HTML 831
• HiveNightmare

  GossiTheDog / HiveNightmare

  Exploit allowing you to read registry hives as non-admin on Windows 10 and 11

  securitycybersecurityexploits
  Language:C++ 776

• hackerschoice / THC-Archive

  All releases of the security research group (a.k.a. hackers) The Hacker's Choice

  exploitexploitshackhacker-choicehackinghacking-toolhacking-toolshackshpahpavipv6magazinepenetration-testingpentestpentest-toolpentestingpentesting-networksphreakingthcthc-hydra
  Language:HTML 734

• StarCrossPortal / scalpel

  scalpel是一款命令行漏洞扫描工具，支持深度参数注入，拥有一个强大的数据解析和变异算法，可以将常见的数据格式（json, xml, form等）解析为树结构，然后根据poc中的规则，对树进行变异，包括对叶子节点和树结构 的变异。变异完成之后，将树结构还原为原始的数据格式。

  cveexploitspocvulnerabilitiesvulnerabilityfuzzingscanner
  734

• spencerdodd / kernelpop

  kernel privilege escalation enumeration and exploitation framework

  enumerationkernelexploitsvulnerabilitiessecuritytools
  Language:Python 697

• 0xdea / exploits

  A handy collection of my public exploits, all in one place.

  exploitsbuffer-overflowsolarislinuxaixmysqlopenbsdoraclezyxel
  Language:C 669

• smallcham / sec-admin

  分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

  securityscannervulnerability-scannersinfosecexploitssecurity-auditpython
  Language:Python 614
• mec

  jm33-m0 / mec

  for mass exploiting

  hacking-toolrceweblogicgoogle-searchbaidu-searchzoomeyemasscanparallelizationexploitspythonadapted-exploitslinuxcensysssh-bruteforceprompt-toolkitmec
  Language:Python 608