Awesome Open Source
Awesome Open Source
Combined Topics
poc x
Advertising 📦 9
All Projects
Application Programming Interfaces 📦 120
Applications 📦 181
Artificial Intelligence 📦 72
Blockchain 📦 70
Build Tools 📦 111
Cloud Computing 📦 79
Code Quality 📦 28
Collaboration 📦 30
Command Line Interface 📦 48
Community 📦 81
Companies 📦 60
Compilers 📦 60
Computer Science 📦 74
Configuration Management 📦 39
Content Management 📦 167
Control Flow 📦 197
Data Formats 📦 77
Data Processing 📦 266
Data Storage 📦 132
Economics 📦 60
Frameworks 📦 198
Games 📦 122
Graphics 📦 103
Hardware 📦 148
Integrated Development Environments 📦 47
Learning Resources 📦 147
Legal 📦 28
Libraries 📦 119
Lists Of Projects 📦 21
Machine Learning 📦 336
Mapping 📦 61
Marketing 📦 15
Mathematics 📦 55
Media 📦 228
Messaging 📦 97
Networking 📦 304
Operating Systems 📦 84
Operations 📦 120
Package Managers 📦 52
Programming Languages 📦 229
Runtime Environments 📦 96
Science 📦 42
Security 📦 375
Social Media 📦 26
Software Architecture 📦 70
Software Development 📦 68
Software Performance 📦 57
Software Quality 📦 127
Text Editors 📦 45
Text Processing 📦 131
User Interface 📦 310
User Interface Components 📦 465
Version Control 📦 29
Virtualization 📦 68
Web Browsers 📦 38
Web Servers 📦 25
Web User Interface 📦 194

The Top 595 Poc Open Source Projects on Github

Categories > Security > Poc
Xray ⭐ 6,155
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Ysoserial ⭐ 4,663
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
K8tools ⭐ 4,046
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Penetration_testing_poc ⭐ 3,808
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Ladon ⭐ 2,817
大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Awesome Cve Poc ⭐ 2,565
✍️ A curated list of CVE PoCs.
Exphub ⭐ 2,458
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
1earn ⭐ 2,328
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Medusa ⭐ 1,310
🐈Medusa是一个红队武器库平台,目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能,持续开发中
Angelsword ⭐ 1,241
Python3编写的CMS漏洞检测框架
Exploits ⭐ 1,177
Miscellaneous exploit code
Poc ⭐ 911
Proof of Concepts
Cve 2020 0796 ⭐ 874
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
Poclist ⭐ 828
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE
Peiqi Wiki Poc ⭐ 770
鹿不在侧,鲸不予游🐋
Pocassist ⭐ 769
全新的开源漏洞测试框架,实现poc在线编辑、运行、批量测试。使用文档:
Charles Hacking ⭐ 744
Hacking Charles Web Debugging Proxy
K8cscan ⭐ 724
K8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Bylibrary ⭐ 678
白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目
Fastjsonexploit ⭐ 660
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
Satansword ⭐ 599
红队综合渗透框架
Ladongo ⭐ 568
Ladon Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Am I Affected By Meltdown ⭐ 547
Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.
Cmspoc ⭐ 530
CMS渗透测试框架-A CMS Exploit Framework
Routeros ⭐ 523
RouterOS Security Research Tooling and Proof of Concepts
Drupalgeddon2 ⭐ 475
Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)
Osprey ⭐ 446
Cve 2017 0785 ⭐ 436
Blueborne CVE-2017-0785 Android information leak vulnerability
Hacking ⭐ 423
hacker, ready for more of our story ! 🚀
Javadeserh2hc ⭐ 385
Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
Vulscan ⭐ 382
vulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Cve 2019 0708 ⭐ 351
3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)
Poc Exp ⭐ 349
poc or exp of android vulnerability
Cve 2018 7600 ⭐ 331
💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002
Deepfakehttp ⭐ 328
DeepfakeHTTP is a web server that uses HTTP dumps as a source for responses.
Tentacle ⭐ 313
Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform bulk vulnerability verification for multiple targets.
Poccollect ⭐ 292
a plenty of poc based on python
Commodity Injection Signatures ⭐ 288
Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Some_pocsuite ⭐ 281
用于漏洞排查的pocsuite3验证POC代码
Wordpress Xmlrpc Brute Force Exploit ⭐ 275
Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield
Pocorexp_in_github ⭐ 256
聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
Cve 2019 1003000 Jenkins Rce Poc ⭐ 254
Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
Spectrepoc ⭐ 249
Proof of concept code for the Spectre CPU exploit.
Php7 Opcache Override ⭐ 244
Security-related PHP7 OPcache abuse tools and demo
Awsome Security Write Ups And Pocs ⭐ 238
Awesome Writeups and POCs
Burstcoin ⭐ 236
BRS - Burst Reference Software written in Java
Expbox ⭐ 228
Vulnerability Exploitation Code Collection Repository
Poc Collection ⭐ 225
poc-collection 是对 github 上公开的 PoC 进行收集的一个项目。
Pub ⭐ 222
Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb
Cve 2020 0796 Poc ⭐ 216
PoC for triggering buffer overflow via CVE-2020-0796
Awesome Csirt ⭐ 212
Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Poodle Poc ⭐ 186
🐩 Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566 🐩
Airdos ⭐ 182
💣 Remotely render any nearby iPhone or iPad unusable
Ofx ⭐ 180
漏洞批量扫描框架,0Day/1Day全网概念验证,~~刷洞,刷肉鸡用~~
Ary ⭐ 178
Ary 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Mysql Unsha1 ⭐ 174
Authenticate against a MySQL server without knowing the cleartext password
Deep Explorer ⭐ 170
Deep Explorer is a ( 1 day developed ) tool made in python which purpose is the search of hidden services in tor network, using Ahmia Browser and crawling the links obtained
Cod Exploits ⭐ 166
☠️ Call of Duty - Vulnerabilities and proof-of-concepts
Cry ⭐ 164
Cross platform PoC ransomware written in Go
Exploits ⭐ 160
Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity
Cve 2020 0796 Lpe Poc ⭐ 155
CVE-2020-0796 Local Privilege Escalation POC
Proof Of Concepts ⭐ 149
A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
Isf ⭐ 147
ISF(Industrial Security Exploitation Framework) is a exploitation framework based on Python.
Mtpwn ⭐ 146
PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)
Cve 2020 1472 ⭐ 134
Exploit Code for CVE-2020-1472 aka Zerologon
Poc Exploits ⭐ 133
Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.
Cve 2018 11776 Python Poc ⭐ 115
Working Python test and PoC for CVE-2018-11776, includes Docker lab
Pocsuite_poc_collect ⭐ 112
collection poc use pocsuite framework 收集一些 poc with pocsuite框架
Poc S ⭐ 104
POC-T强化版本 POC-S , 用于红蓝对抗中快速验证Web应用漏洞, 对功能进行强化以及脚本进行分类添加,自带dnslog等, 平台补充来自vulhub靶机及其他开源项目的高可用POC
Cazador_unr ⭐ 104
Hacking tools
Bughunter ⭐ 97
Tools for Bug Hunting
Hisilicon Dvr Telnet ⭐ 91
PoC materials for article https://habr.com/en/post/486856/
Revealin ⭐ 91
Uncover the full name of a target on Linkedin.
Cve 2019 0708 Tool ⭐ 89
A social experiment
Exprolog ⭐ 88
ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)
Krack Poc ⭐ 84
Krack POC
Cve 2020 0796 Poc ⭐ 83
CVE-2020-0796 Pre-Auth POC
Cve 2017 0781 ⭐ 79
Blueborne CVE-2017-0781 Android heap overflow vulnerability
Exploit Development ⭐ 78
Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
Dheater ⭐ 77
D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the DHE key exchange.
Nse Scripts ⭐ 74
NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Corona Sniffer ⭐ 73
Contact Tracing BLE sniffer PoC
Exploit Discord Cache System Poc ⭐ 73
Exploit Discord's cache system to remote upload payloads on Discord users machines
Poc Bank ⭐ 73
Focus on cybersecurity | collection of PoC and Exploits
Polkadots ⭐ 65
CVE-2021-3560 Local PrivEsc Exploit
Antihook ⭐ 63
PoC designed to evade userland-hooking anti-virus.
Defvul ⭐ 61
DSO-Lab 漏洞研究成果整理
Bitp0wn ⭐ 61
Algorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.
Modjoda ⭐ 55
Java Object Deserialization on Android
Bluetoothdpoc ⭐ 55
CVE-2018-4087 PoC
Umbraco Rce ⭐ 54
Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution
Docker Nginx Blue Green ⭐ 54
PoC: Blue-green deployment wih Docker Compose, Nginx, Consul and Registrator
Angularjs Github Info ⭐ 52
prove of concept using angularjs (1.x) accessing github api
Android Task Injection ⭐ 49
Task Hijacking in Android (somebody call it also StrandHogg vulnerability)
Cansecwest2017 ⭐ 49
Dreadnought ⭐ 47
PoC for detecting and dumping code injection (built and extended on UnRunPE)
Living Off The Land ⭐ 47
Fileless attack with persistence
Ciscoexploit ⭐ 47
Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)
Zimbraexploit ⭐ 46
Zimbra邮件系统漏洞 XXE/RCE/SSRF/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)
Powerladon ⭐ 45
Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
1-100 of 595 projects

Related Projects

Python Poc Projects (136)
Exploit Poc Projects (116)
Javascript Poc Projects (79)
Java Poc Projects (69)
Security Poc Projects (49)
Vulnerability Poc Projects (47)
Poc Proof Of Concept Projects (43)
Poc Cve Projects (42)
Python Exploit Poc Projects (37)
Go Poc Projects (33)
Poc Rce Projects (30)
C Poc Projects (30)
C Plus Plus Poc Projects (27)
Exploit Poc Cve Projects (25)
Exploit Poc Rce Projects (24)
Hacking Poc Projects (22)
Security Exploit Poc Projects (20)
Ruby Poc Projects (20)
Shell Poc Projects (19)
Advertising 📦 9
All Projects
Application Programming Interfaces 📦 120
Applications 📦 181
Artificial Intelligence 📦 72
Blockchain 📦 70
Build Tools 📦 111
Cloud Computing 📦 79
Code Quality 📦 28
Collaboration 📦 30
Command Line Interface 📦 48
Community 📦 81
Companies 📦 60
Compilers 📦 60
Computer Science 📦 74
Configuration Management 📦 39
Content Management 📦 167
Control Flow 📦 197
Data Formats 📦 77
Data Processing 📦 266
Data Storage 📦 132
Economics 📦 60
Frameworks 📦 198
Games 📦 122
Graphics 📦 103
Hardware 📦 148
Integrated Development Environments 📦 47
Learning Resources 📦 147
Legal 📦 28
Libraries 📦 119
Lists Of Projects 📦 21
Machine Learning 📦 336
Mapping 📦 61
Marketing 📦 15
Mathematics 📦 55
Media 📦 228
Messaging 📦 97
Networking 📦 304
Operating Systems 📦 84
Operations 📦 120
Package Managers 📦 52
Programming Languages 📦 229
Runtime Environments 📦 96
Science 📦 42
Security 📦 375
Social Media 📦 26
Software Architecture 📦 70
Software Development 📦 68
Software Performance 📦 57
Software Quality 📦 127
Text Editors 📦 45
Text Processing 📦 131
User Interface 📦 310
User Interface Components 📦 465
Version Control 📦 29
Virtualization 📦 68
Web Browsers 📦 38
Web Servers 📦 25
Web User Interface 📦 194
Privacy policy
"GitHub" is a registered trademark of GitHub, Inc. Awesome Open Source is not affiliated with GitHub.

All non readme contents or Github based topics or project metadata copyright Awesome Open Source 2018-2021