rce-exploit

There are 6 repositories under rce-exploit topic.

• b2git / WPS-0DAY-20230809

  WPS-Office 1-Click RCE exp 202308091546

  1-clickrce-exploitvulnerabilitywps-office
  Language:Python 143

• nollium / CVE-2024-9264

  Exploit for Grafana arbitrary file-read and RCE (CVE-2024-9264)

  authenticatedcveexploitfile-read-vulnerabilitygrafanapocrcerce-exploitcve-2024-9264securityvulnerability
  Language:Python 127

• Malayke / CVE-2023-33246_RocketMQ_RCE_EXPLOIT

  CVE-2023-33246 RocketMQ RCE Detect By Version and Exploit

  rce-exploitrocketmqcve-2023-33246
  Language:Python 102

• AabyssZG / Chrome-RCE-Poc

  Chrome-RCE-Poc

  chromechrome-rceexploitsrce-exploitremote-code-execution
  Language:HTML 89

• Err0r-ICA / SCANter

  Websites Vulnerability Scanner

  rcerce-exploitrce-scannerscannerserver-side-template-injectionsql-injectionsql-scannersqlisstissti-payloadsxssxss-attacksxss-detectionxss-exploitationxss-scannerxss-vulnerability
  Language:Python 73
• Thunderstorm

  JoelGMSec / Thunderstorm

  Modular framework to exploit UPS devices

  exploitrcerce-exploitrce-scannerups
  Language:Python 66

• Ruulian / wconsole_extractor

  WConsole Extractor is a python library which automatically exploits a Werkzeug development server in debug mode. You just have to write a python function that leaks a file content and you have your shell :)

  ctf-toolsflaskpentest-toolpython3rcerce-exploitwerkzeugwerkzeug-exploit
  Language:Python 61

• Mr-xn / CVE-2025-54424

  CVE-2025-54424：1Panel 客户端证书绕过RCE漏洞 一体化工具 (扫描+利用)

  1panelexploitrcerce-exploitrce-scanner
  Language:Python 53

• khadafigans / Laravel-RCE-Exploitation-Toolkit

  Laravel RCE Exploitation Toolkit

  exploitexploitslaravellaravel-frameworkrcerce-exploitremote-code-executionremotecodeexecution
  Language:Python 48

• securelayer7 / CVE-2024-38856_Scanner

  Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)

  apacheapache-ofbizcve-scanningexploitexploitationrce-exploitrce-scanner
  Language:Python 45

• verylazytech / CVE-2024-10914

  POC - CVE-2024–10914- Command Injection Vulnerability in `name` parameter for D-Link NAS

  lfilfi-exploitationpocrce-exploitunauthenticated-rcecve-2024-10914d-link-nas
  Language:PowerShell 45

• verylazytech / CVE-2024-23692

  POC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692

  rce-exploitunauthenticated-rcecve-2024-23692rejetto-http-file-server
  Language:Shell 42

• 0xjessie21 / CVE-2025-24016

  CVE-2025-24016: Wazuh Unsafe Deserialization Remote Code Execution (RCE)

  wazuhremote-code-execution-in-wazuh-serverdeserializationdeserializeexploitrcerce-exploitremote-code-executioncve-2025-24016cve-2025-24016-poc
  Language:Python 41

• ZephrFish / CVE-2024-4577-PHP-RCE

  PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template

  cve-2024-4577pentestphppocrce-exploitredteam
  Language:Go 28

• Mr-xn / CVE-2024-32113

  Apache OFBIZ Path traversal leading to RCE POC[CVE-2024-32113 & CVE-2024-36104]

  apachecvecve-2024ofbizrcerce-exploitcve-2024-32113poccve-2024-36104
  27

• prodigiousMind / CVE-2023-41425

  WonderCMS Authenticated RCE - CVE-2023-41425

  cvecvesexploitrce-exploitwondercms
  Language:Python 25

• cxnturi0n / pivoting-tunneling-lab

  Compromise a web application and delve deeper into the network to access hosts that you cannot directly reach from your attack host using different approaches.

  burpsuitechiseldnscat2dockerkali-linuxligolo-ngpivotingport-forwardingrce-exploitsecurity-labsshtunneling
  Language:JavaScript 23

• A0WaQ4 / Dahua_sso_initsession_upload_rce

  大华智慧园区系统sso_initsession文件上传批量脚本

  python3rce-exploit
  Language:Python 21

• GB102 / VirtualEXploiter

  VFGadget locator to facilitate Counterfeit Object-Oriented Programming (COOP) and Loop-Oriented Programming (LOP) attacks to bypass advanced security protections like Intel CET and Control-Flow Guard (CFG) to achieve Remote Code Execution.

  buffer-overflowcode-reusecontrol-flow-guardcontrol-flow-integrityexploitexploit-developmentintel-cetroprop-gadgetsropgadgetsecurity-bypassuafuse-after-freecooplopbinary-exploitationcfgrcerce-exploitcet
  Language:Python 20

• themmokhtar / CVE-2020-0022

  A fully public exploit of the CVE-2020-0022 BlueFrag Android RCE Vulnerability (tested on Pixel 3 XL)

  aarch64androidarm64attackbluetoothbluetooth-low-energybluezexploitexploitationrcerce-exploitresearchsecurityvulnerability
  Language:C 20

• Mr-xn / tongda_OfficeTask_RCE

  通达OA OfficeTask udp 2397 端口远程代码执行RCE检测工具

  rcerce-exploittongda-rcetongdaoa
  18

• mrmtwoj / CVE-2024-38077

  CVE-2024-38077: Remote Code Execution Vulnerability in Windows Remote Desktop Licensing Service

  licensing-servicepocrcerce-exploitremote-coderemote-code-executionvulnerabilitycve-2024-38077cve-2024-38077pocwindows-remote-desktop
  Language:Python 17

• skilfoy / CVE-2024-4323-Exploit-POC

  This proof-of-concept script demonstrates how to exploit CVE-2024-4323, a memory corruption vulnerability in Fluent Bit, enabling remote code execution.

  exploitexploit-poccve-2024-4323cve-2024-4323-exploit-pocfluent-bitrce-exploit
  Language:Python 14

• so1icitx / CVE-2024-25600

  Unauthenticated RCE exploit for CVE-2024-25600 in WordPress Bricks Builder <= 1.9.6. Executes arbitrary code remotely.

  bricks-builderbricksbuildercve-2024-25600exploithackingpentestingpython-3python3rcerce-exploitremote-code-executionsecurity-researchsecurity-researchervulnerabilitywordpresswordpress-plugin
  Language:Python 12

• techghoshal / Python_dependency_confusion_attacks

  Python package dependency confusion vulnerability POC. Impact this vulnerability is Remote code execution (RCE)

  bugbountybugbountytipsdependency-injectionpythonrce-exploitdependency-confusion-attackdependency-confusion-vulnerabilitypython-package-dependency-confusion-vulnerability
  Language:Python 12

• MorDavid / CVE-2023-38831-Winrar-Exploit-Generator-POC

  This is a POC for the CVE-2023-3883 exploit targeting WinRAR up to 6.22. Modified some existing internet-sourced POCs by introducing greater dynamism and incorporated additional try-except blocks within the code.

  cve-2023-38831winrararchiveexploitrcerce-exploitremote-code-execution
  Language:Python 11

• K3ysTr0K3R / CVE-2020-13945-EXPLOIT

  A PoC exploit for CVE-2020-13945 - Apache APISIX Remote Code Execution (RCE)

  apacheapache-apisixexploitexploitationhackingrcerce-exploitrce-scannerremote-code-executionvulnerability
  Language:Python 10

• K3ysTr0K3R / CVE-2024-4577-EXPLOIT

  A PoC exploit for CVE-2024-4577 - PHP CGI Argument Injection Remote Code Execution (RCE)

  argumentcode-injectioncve-2024-4577exploitphpphp-cgipocproof-of-conceptrcerce-exploitrce-scannerremote-code-executionxamp
  Language:Python 9
• ShellKill

  ezyrockstar / ShellKill

  an advanced python-based web shell uploader

  bypass-shellbypass-wafclicybersecurityexploithackingpayloadpenetration-testingpythonpython-toolpython3rcerce-exploitsecuritysecurity-toolweb-shellweb-shell-upload
  Language:Python 8

• kh4sh3i / CVE-2023-38646

  Metabase Pre-auth RCE (CVE-2023-38646)

  cvecve2023exploitmetabasemetabase-apipreauth-rcepythonrcerce-exploitscanner0day0day-exploitcve-2023-38646zeroday
  Language:Python 8

• verylazytech / CVE-2024-50623

  CVE-2024-50623 POC - Cleo Unrestricted file upload and download

  cleofile-uploadlfi-exploitationrce-exploitcve-2024-50623
  Language:Shell 8

• geniuszly / CVE-2022-46080

  it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.

  buffer-overflowcvecybersecurityethical-hackingexploitexploit-developmentlinuxpenetration-testingpocrcerce-exploitroutersecuritytelnetvulnerabilityvulnerability-researchcve-2022-46080nexxtnexxt-router
  Language:Python 7

• entroychang / CodiMD-RCE

  This is a exploitation for CodiMD.

  exploitrcerce-exploitcve-2023-35936
  Language:Python 6

• M507 / CVE-2024-32002

  local poc for CVE-2024-32002

  cvecve-2024-32002gitproof-of-conceptrcerce-exploit
  Language:Shell 6

• ThatNotEasy / CVE-2023-32315

  Perform With Massive Openfire Unauthenticated Users

  openfirerce-exploitunauthenticated
  Language:Python 6

• verylazytech / cve-2024-21534

  POC - CVE-2024-21534 Jsonpath-plus vulnerable to Remote Code Execution (RCE) due to improper input sanitization

  jsonpathrcerce-exploitremote-code-executionsanitizationcve-2024-21534
  Language:Shell 5