Awesome Open Source

Programming Languages

Search results for exploitation

2,899 search results found

Sqlmap ⭐ 29,628

Automatic SQL injection and database takeover tool

H4cker ⭐ 15,693

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.

Awesome Hacking Resources ⭐ 14,556

A collection of hacking / penetration testing resources to make you better!

Hacker Roadmap ⭐ 12,086

A collection of hacking tools, resources and references to practice ethical hacking.

Routersploit ⭐ 11,818

Exploitation Framework for Embedded Devices

Pwntools ⭐ 11,336

CTF framework and exploit development library

Fsociety ⭐ 10,013

fsociety Hacking Tools Pack – A Penetration Testing Framework

The Browser Exploitation Framework Project

An open-source post-exploitation framework for students, researchers and developers.

Red Teaming Toolkit ⭐ 8,230

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Windows Kernel Exploits ⭐ 7,776

windows-kernel-exploits Windows平台提权漏洞集合

Nuclei Templates ⭐ 7,614

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Ysoserial ⭐ 7,002

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

How2heap ⭐ 6,635

A repository for learning various heap exploitation techniques.

Pwndbg ⭐ 6,337

Exploit Development and Reverse Engineering with GDB Made Easy

Traitor ⭐ 6,329

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Awesome Hacker Search Engines ⭐ 6,307

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

Penetration_testing_poc ⭐ 5,946

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Gather and update all available and newest CVEs with their PoC.

Yakit ⭐ 5,790

Cyber Security ALL-IN-ONE Platform

Poc In Github ⭐ 5,704

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

K8tools ⭐ 5,502

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/ Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jbos

PEDA - Python Exploit Development Assistance for GDB

Course materials for Modern Binary Exploitation by RPISEC

Linux Exploit Suggester ⭐ 5,139

Linux privilege escalation auditing tool

Linux Kernel Exploitation ⭐ 5,116

A collection of links related to Linux kernel security and exploitation

Linux Kernel Exploits ⭐ 5,093

linux-kernel-exploits Linux平台提权漏洞集合

Defaultcreds Cheat Sheet ⭐ 5,023

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Autosploit ⭐ 4,858

Automated Mass Exploiter

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

Active Directory Exploitation Cheat Sheet ⭐ 4,672

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Jwt_tool ⭐ 4,639

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

Ladon ⭐ 4,564

Ladon大型内网渗透工具，可PowerShell模块化、可CS插件化、可内存加载，无文件扫描。含端 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SM

Commix ⭐ 4,302

Automated All-in-One OS Command Injection Exploitation Tool.

Meltdown ⭐ 4,089

This repository contains several applications, demonstrating the Meltdown bug.

Eqgrp ⭐ 4,068

Decrypted content of eqgrp-auction-file.tar.xz

Phonesploit Pro ⭐ 3,899

An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Wesng ⭐ 3,789

Windows Exploit Suggester - Next Generation

Ctf All In One ⭐ 3,754

CTF竞赛权威指南

Awesome Pentest Cheat Sheets ⭐ 3,617

Collection of the cheat sheets useful for pentesting

Tplmap ⭐ 3,537

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

📦 Make security testing of K8s, Docker, and Containerd easier.

Winpwn ⭐ 3,151

Automation for internal Windows Penetrationtest / AD-Security

Tool to look for several security related Android application vulnerabilities

Kscan ⭐ 3,061

Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议

Vulscan ⭐ 2,983

Advanced vulnerability scanning with Nmap NSE

Xunfeng ⭐ 2,946

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Vulmap ⭐ 2,935

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

Kernelhub ⭐ 2,705

🌴Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)

Collisions ⭐ 2,661

Hash collisions and exploitations

Exphub ⭐ 2,458

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的

Androrat ⭐ 2,423

A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side

Ghost ⭐ 2,400

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

Penetration Testing Tools ⭐ 2,393

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

Iotsecurity101 ⭐ 2,370

A Curated list of IoT Security Resources

Nightmare ⭐ 2,313

Pentest Wiki ⭐ 2,307

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

Ssrfmap ⭐ 2,306

Automatic SSRF fuzzer and exploitation tool

Rizin ⭐ 2,290

UNIX-like reverse engineering framework and command-line toolset.

Gopherus ⭐ 2,228

This tool generates gopher link for exploiting SSRF and gaining RCE in various servers

Computer Science Resources ⭐ 2,227

A list of resources in different fields of Computer Science

Hacksysextremevulnerabledriver ⭐ 2,208

HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux

Jndi Injection Exploit ⭐ 2,161

JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）

Silenttrinity ⭐ 2,087

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Exploitation Course ⭐ 2,055

Offensive Software Exploitation Course

Sudo_killer ⭐ 2,032

A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.

Sshtron ⭐ 2,018

$ ssh sshtron.zachlatta.com

Ms17 010 ⭐ 2,013

Rootmytv.github.io ⭐ 2,005

RootMyTV is a user-friendly exploit for rooting/jailbreaking LG webOS smart TVs.

Poc T ⭐ 1,925

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

One_gadget ⭐ 1,897

The best tool for finding one gadget RCE in libc.so.6

Ropper ⭐ 1,775

Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper uses the awesome Capstone Framework.

Vulnx ⭐ 1,763

vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.

Tidos Framework ⭐ 1,723

The Offensive Manual Web Application Penetration Testing Framework.

Awesome Rce Techniques ⭐ 1,718

Awesome list of step by step techniques to achieve Remote Code Execution on various apps!

Fuxploider ⭐ 1,702

File upload vulnerability scanner and exploitation tool.

Pwn_jenkins ⭐ 1,693

Notes about attacking Jenkins servers

Springbootexploit ⭐ 1,692

项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用

各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新

Hacktronian ⭐ 1,664

Tools for Pentesting

100 Redteam Projects ⭐ 1,661

Projects for security students

Poshc2 ⭐ 1,645

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

Springbootvulexploit ⭐ 1,631

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

Reverse Shell ⭐ 1,600

Reverse Shell as a Service

Getsploit ⭐ 1,589

Command line utility for searching and downloading exploits

Eggshell ⭐ 1,589

iOS/macOS/Linux Remote Administration Tool

Eqgrp_lost_in_translation ⭐ 1,574

Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg

Corelan Repository for mona.py

Phuip Fpizdam ⭐ 1,570

Exploit for CVE-2019-11043

Ctftool ⭐ 1,549

Interactive CTF Exploration Tool

Linwinpwn ⭐ 1,512

linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks

Libc Database ⭐ 1,505

Build a database of libc offsets to simplify exploitation

Xattacker ⭐ 1,486

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Freedvdboot ⭐ 1,476

PlayStation 2 DVD Player Exploit

Exploits ⭐ 1,472

Miscellaneous exploit code

Jexboss ⭐ 1,470

JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

Ladongo ⭐ 1,423

Ladon for Kali 全平台开源内网渗透扫描器,Windows/Linux/Mac/路由器内网渗透，使用它可轻松一键批量探

Related Searches

Python Exploitation (1,616)

Exploitation Cve (771)

Vulnerabilities Exploitation (629)

C Exploitation (545)

Exploitation Penetration Testing (353)

1-100 of 2,899 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.