Awesome Open Source
Awesome Open Source
Combined Topics
poc
x
Advertising
📦 10
All Projects
Application Programming Interfaces
📦 124
Applications
📦 192
Artificial Intelligence
📦 78
Blockchain
📦 73
Build Tools
📦 113
Cloud Computing
📦 80
Code Quality
📦 28
Collaboration
📦 32
Command Line Interface
📦 49
Community
📦 83
Companies
📦 60
Compilers
📦 63
Computer Science
📦 80
Configuration Management
📦 42
Content Management
📦 175
Control Flow
📦 213
Data Formats
📦 78
Data Processing
📦 276
Data Storage
📦 135
Economics
📦 64
Frameworks
📦 215
Games
📦 129
Graphics
📦 110
Hardware
📦 152
Integrated Development Environments
📦 49
Learning Resources
📦 166
Legal
📦 29
Libraries
📦 129
Lists Of Projects
📦 22
Machine Learning
📦 347
Mapping
📦 64
Marketing
📦 15
Mathematics
📦 55
Media
📦 239
Messaging
📦 98
Networking
📦 315
Operating Systems
📦 89
Operations
📦 121
Package Managers
📦 55
Programming Languages
📦 245
Runtime Environments
📦 100
Science
📦 42
Security
📦 396
Social Media
📦 27
Software Architecture
📦 72
Software Development
📦 72
Software Performance
📦 58
Software Quality
📦 133
Text Editors
📦 49
Text Processing
📦 136
User Interface
📦 330
User Interface Components
📦 514
Version Control
📦 30
Virtualization
📦 71
Web Browsers
📦 42
Web Servers
📦 26
Web User Interface
📦 210
The Top 85 Poc Open Source Projects
Categories
>
Security
>
Poc
Xray
⭐
5,221
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Ysoserial
⭐
4,049
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
K8tools
⭐
3,646
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Penetration_testing_poc
⭐
2,988
有关渗透测试的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Awesome Cve Poc
⭐
2,641
✍️ A curated list of CVE PoCs.
Exphub
⭐
2,526
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
Ladon
⭐
2,409
大型内网渗透扫描器&Cobalt Strike,Ladon7.2内置94个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Gasyori100knock
⭐
1,883
画像処理100本ノックして画像処理を画像処理して画像処理するためのもの Jap, Eng, Chi
Middleware Vulnerability Detection
⭐
1,532
CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15
Angelsword
⭐
1,243
Python3编写的CMS漏洞检测框架
Exploits
⭐
1,167
Miscellaneous exploit code
Cve 2020 0796
⭐
1,110
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
1earn
⭐
862
个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Medusa
⭐
859
🐈Medusa是一个红队武器库平台,目前包括扫描功能、XSS平台、协同平台、CVE监控、免杀生成、DNSLOG等功能,持续开发中 http://medusa.ascotbe.com
Poc
⭐
841
Proof of Concepts
Charles Hacking
⭐
775
Hacking Charles Web Debugging Proxy
Peiqi Wiki Poc
⭐
752
鹿不在侧,鲸不予游🐋
K8cscan
⭐
719
K8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Fastjsonexploit
⭐
653
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
Poclist
⭐
641
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统
Routeros
⭐
619
RouterOS Security Research Tooling and Proof of Concepts
Bylibrary
⭐
563
白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目
Cmspoc
⭐
558
CMS渗透测试框架-A CMS Exploit Framework
Satansword
⭐
553
红队综合渗透框架
Am I Affected By Meltdown
⭐
549
Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.
Vulscan
⭐
487
vulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Drupalgeddon2
⭐
473
Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)
Poc
⭐
472
Proofs-of-concept
Osprey
⭐
437
Cve 2017 0785
⭐
427
Blueborne CVE-2017-0785 Android information leak vulnerability
Hacking
⭐
420
hacker, ready for more of our story ! 🚀
Ladongo
⭐
417
Ladon Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Cve 2020 0796 Rce Poc
⭐
379
CVE-2020-0796 Remote Code Execution POC
Poc Exp
⭐
369
poc or exp of android vulnerability
Javadeserh2hc
⭐
364
Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
Cve 2019 0708
⭐
352
3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)
Cve 2018 7600
⭐
331
💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002
Wordpress Xmlrpc Brute Force Exploit
⭐
318
Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield
Poc S
⭐
291
POC-T强化版本 POC-S , 用于红蓝对抗中快速验证Web应用漏洞, 对功能进行强化以及脚本进行分类添加,自带dnslog等, 平台补充来自vulhub靶机及其他开源项目的高可用POC
Poccollect
⭐
290
a plenty of poc based on python
Tentacle
⭐
284
Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform bulk vulnerability verification for multiple targets.
Commodity Injection Signatures
⭐
273
Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Cve 2019 1003000 Jenkins Rce Poc
⭐
272
Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
Cve 2020 0796 Poc
⭐
269
PoC for triggering buffer overflow via CVE-2020-0796
Ary
⭐
254
Ary 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Spectrepoc
⭐
247
Proof of concept code for the Spectre CPU exploit.
Some_pocsuite
⭐
245
用于漏洞排查的pocsuite3验证POC代码
Php7 Opcache Override
⭐
237
Security-related PHP7 OPcache abuse tools and demo
Pub
⭐
219
Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb
Poc Collection
⭐
217
poc-collection 是对 github 上公开的 PoC 进行收集的一个项目。
Cve 2020 0796 Lpe Poc
⭐
215
CVE-2020-0796 Local Privilege Escalation POC
Cve 2020 1472
⭐
199
Exploit Code for CVE-2020-1472 aka Zerologon
Poodle Poc
⭐
197
🐩 Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566 🐩
Mysql Unsha1
⭐
191
Authenticate against a MySQL server without knowing the cleartext password
Airdos
⭐
185
💣 Remotely render any nearby iPhone or iPad unusable
Cry
⭐
180
Cross platform PoC ransomware written in Go
Cod Exploits
⭐
179
☠️ Call of Duty - Vulnerabilities and proof-of-concepts
Isf
⭐
164
ISF(Industrial Security Exploitation Framework) is a exploitation framework based on Python.
Exploits
⭐
155
Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity
Proof Of Concepts
⭐
148
A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
Mtpwn
⭐
143
PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)
Awesome Csirt
⭐
140
Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Cve 2020 1206 Poc
⭐
133
CVE-2020-1206 Uninitialized Kernel Memory Read POC
Gopoc
⭐
130
用cel-go重现了长亭xray的poc检测功能的轮子
Pocsuite_poc_collect
⭐
129
collection poc use pocsuite framework 收集一些 poc with pocsuite框架
Cve 2018 11776 Python Poc
⭐
118
Working Python test and PoC for CVE-2018-11776, includes Docker lab
Spectreexploit
⭐
115
SpectreExploit POC
Poc Exploits
⭐
113
Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.
Hisilicon Dvr Telnet
⭐
102
PoC materials for article https://habr.com/en/post/486856/
Cazador_unr
⭐
96
Hacking tools
Cve 2019 0708 Tool
⭐
87
A social experiment
Krack Poc
⭐
86
Krack POC
Ciscoexploit
⭐
77
Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)
Cve 2017 0781
⭐
74
Blueborne CVE-2017-0781 Android heap overflow vulnerability
Clickjacking Tester
⭐
72
A python script designed to check if the website if vulnerable of clickjacking and create a poc
Exploit Discord Cache System Poc
⭐
69
Exploit Discord's cache system to remote upload payloads on Discord users machines
Poc Bank
⭐
68
Focus on cybersecurity | collection of PoC and Exploits
Bitp0wn
⭐
60
Algorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.
Angularjs Github Info
⭐
50
prove of concept using angularjs (1.x) accessing github api
Powerladon
⭐
40
Ladon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Quarkus Microservices Poc
⭐
21
Very simplified shop sales system made in a microservices architecture using quarkus
Cve 2020 10199_cve 2020 10204
⭐
20
CVE-2020-10199、CVE-2020-10204漏洞一键检测工具,图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.
Procjack
⭐
17
PoC of injecting code into a running Linux process
Poccollect
⭐
15
Poc Collected for study and develop
Structvsclassperformance
⭐
11
POC for my Medium article
1-85 of 85 projects
Advertising
📦 10
All Projects
Application Programming Interfaces
📦 124
Applications
📦 192
Artificial Intelligence
📦 78
Blockchain
📦 73
Build Tools
📦 113
Cloud Computing
📦 80
Code Quality
📦 28
Collaboration
📦 32
Command Line Interface
📦 49
Community
📦 83
Companies
📦 60
Compilers
📦 63
Computer Science
📦 80
Configuration Management
📦 42
Content Management
📦 175
Control Flow
📦 213
Data Formats
📦 78
Data Processing
📦 276
Data Storage
📦 135
Economics
📦 64
Frameworks
📦 215
Games
📦 129
Graphics
📦 110
Hardware
📦 152
Integrated Development Environments
📦 49
Learning Resources
📦 166
Legal
📦 29
Libraries
📦 129
Lists Of Projects
📦 22
Machine Learning
📦 347
Mapping
📦 64
Marketing
📦 15
Mathematics
📦 55
Media
📦 239
Messaging
📦 98
Networking
📦 315
Operating Systems
📦 89
Operations
📦 121
Package Managers
📦 55
Programming Languages
📦 245
Runtime Environments
📦 100
Science
📦 42
Security
📦 396
Social Media
📦 27
Software Architecture
📦 72
Software Development
📦 72
Software Performance
📦 58
Software Quality
📦 133
Text Editors
📦 49
Text Processing
📦 136
User Interface
📦 330
User Interface Components
📦 514
Version Control
📦 30
Virtualization
📦 71
Web Browsers
📦 42
Web Servers
📦 26
Web User Interface
📦 210