Awesome Open Source

Programming Languages

Search results for vulnerabilities exploitation

vulnerabilities x

35 search results found

H4cker ⭐ 15,693

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.

Nuclei Templates ⭐ 7,614

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Ysoserial ⭐ 7,002

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Awesome Hacker Search Engines ⭐ 6,307

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

Gather and update all available and newest CVEs with their PoC.

Poc In Github ⭐ 5,704

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

Linux Kernel Exploitation ⭐ 5,116

A collection of links related to Linux kernel security and exploitation

Jwt_tool ⭐ 4,639

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

Wesng ⭐ 3,789

Windows Exploit Suggester - Next Generation

📦 Make security testing of K8s, Docker, and Containerd easier.

Tool to look for several security related Android application vulnerabilities

Vulscan ⭐ 2,983

Advanced vulnerability scanning with Nmap NSE

Vulmap ⭐ 2,935

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

Exphub ⭐ 2,458

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的

Ssrfmap ⭐ 2,306

Automatic SSRF fuzzer and exploitation tool

Hacksysextremevulnerabledriver ⭐ 2,208

HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux

Jndi Injection Exploit ⭐ 2,161

JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）

Sshtron ⭐ 2,018

$ ssh sshtron.zachlatta.com

Vulnx ⭐ 1,763

vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.

Fuxploider ⭐ 1,702

File upload vulnerability scanner and exploitation tool.

Springbootexploit ⭐ 1,692

项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用

Reverse Shell ⭐ 1,600

Reverse Shell as a Service

Jexboss ⭐ 1,470

JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

Damn Vulnerable Graphql Application ⭐ 1,387

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

V3n0m Scanner ⭐ 1,342

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

A Red Teamer Diaries ⭐ 1,294

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Binexp ⭐ 1,262

Linux Binary Exploitation

Iot Vulhub ⭐ 1,027

IoT固件漏洞复现环境

Herpaderping ⭐ 986

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Xxeinjector ⭐ 970

Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.

Vulnerability Labs for security analysis

Singularity ⭐ 937

A DNS rebinding attack framework.

The Correlated CVE Vulnerability And Threat Intelligence Database API

Pentesttools ⭐ 816

Awesome Pentest Tools Collection

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

Php Exploit Scripts ⭐ 811

A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute.

Find exploit tool

Pocorexp_in_github ⭐ 786

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

Hack Tools ⭐ 764

Exploit Writeups ⭐ 737

A collection where my current and future writeups for exploits/CTF will go

Advisories, proof of concept files and exploits that have been made public by @pedrib.

漏洞批量验证框架

Corscanner ⭐ 701

Fast CORS misconfiguration vulnerabilities scanner🍻

Scalpel ⭐ 695

scalpel是一款命令行漏洞扫描工具，支持深度参数注入，拥有一个强大的数据解析和变异算法，可以将常 xml, form等）解析为树结构，然后根据poc中的规则，对树进行变异，包括对叶子节点和树结构的变异。变异完成之后，将树结构还原为原始的数据格式。

Gobyvuls ⭐ 650

Vulnerabilities of Goby supported with exploitation.

Exploit_me ⭐ 637

Very vulnerable ARM/AARCH64 application (CTF style exploitation tutorial with 14 vulnerability techniques)

External Protocol Flooding ⭐ 624

Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing

Thinkpwn ⭐ 621

Lenovo ThinkPad System Management Mode arbitrary code execution 0day exploit

TOP All bugbounty pentesting CVE-2023- POC Exp RCE example payload Things

Kernelpop ⭐ 594

kernel privilege escalation enumeration and exploitation framework

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

PwnXSS: Vulnerability (XSS) scanner exploit

Smart Install Exploitation Tool

Kernel Security Learning ⭐ 514

Anything about kernel security. CTF kernel pwn, kernel exploit, kernel fuzz and kernel defense paper, kernel debugging technique, kernel CVE debug.

Killshot ⭐ 472

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

Iblessing ⭐ 438

iblessing is an iOS security exploiting toolkit, it mainly includes application information gathering, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

Proxy Attackchain ⭐ 438

Proxylogon & Proxyshell & Proxyoracle & Proxytoken & All exchange server history vulns summarization :)

Winboxpoc ⭐ 431

Proof of Concept of Winbox Critical Vulnerability (CVE-2018-14847)

Smashing_the_browser ⭐ 423

Smashing The Browser: From Vulnerability Discovery To Exploit

Xxexploiter ⭐ 406

Tool to help exploit XXE vulnerabilities

Subaru Starlink Research ⭐ 405

Subaru StarLink persistent root code execution.

Ilo4_toolbox ⭐ 399

Toolbox for HPE iLO4 & iLO5 analysis

Owasp Xenotix Xss Exploit Framework ⭐ 393

OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.

Vulnserver ⭐ 382

Vulnerable server used for learning software exploitation

Android Kernel Exploitation ⭐ 381

Android Kernel Exploitation

Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.

Tentacle ⭐ 373

Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform bulk vulnerability verification for multiple targets.

Struts Pwn ⭐ 369

An exploit for Apache Struts CVE-2017-5638

Vulners Python API wrapper

Android Security Exploits Youtube Curriculum ⭐ 357

🔓A curated list of modern Android exploitation conference talks.

Evilarc ⭐ 346

Create tar/zip archives that can exploit directory traversal vulnerabilities

Reconscan ⭐ 324

Network reconnaissance and vulnerability assessment tools.

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

Vulhub Reproduce ⭐ 306

一个Vulhub漏洞复现知识库

Struts Pwn_cve 2018 11776 ⭐ 300

An exploit for Apache Struts CVE-2018-11776

Awesome Exploit ⭐ 283

一个漏洞利用工具仓库

Droid Application Fuzz Framework ⭐ 277

Android application fuzzing framework with fuzzers and crash monitor.

Linuxflaw ⭐ 264

This repo records all the vulnerabilities of linux software I have reproduced in my local workspace

Telegram Trilateration ⭐ 242

Proof of concept for abusing Telegram's "People Near Me" feature and tracking people's location

Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb

Struts Pwn_cve 2017 9805 ⭐ 234

An exploit for Apache Struts CVE-2017-9805

Monitoring exploits & references for CVEs

Cve 2017 7494 ⭐ 224

Remote root exploit for the SAMBA CVE-2017-7494 vulnerability

Allinfosecnews_sources ⭐ 212

A list of online news & info sources in the InfoSec/Cybersecurity space

Keysteal ⭐ 208

A macOS <= 10.14.3 Keychain exploit

PC firmware exploitation tool and library

Linux Soft Exploit Suggester ⭐ 204

Search Exploitable Software on Linux

Execve_exploit ⭐ 201

Hardcore corruption of my execve() vulnerability in WSL

Cve 2020 16898 ⭐ 197

CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule

Handbook ⭐ 196

A living document for penetration testing and offensive security.

Ps4 6.20 Webkit Code Execution Exploit ⭐ 196

A WebKit exploit using CVE-2018-4441 to obtain RCE on PS4 6.20.

List of real-world threats against endpoint protection software

Cve 2015 1538 1 ⭐ 191

An exploit for CVE-2015-1538-1 - Google Stagefright ‘stsc’ MP4 Atom Integer Overflow Remote Code Execution

Laravel Poc Cve 2018 15133 ⭐ 186

PoC for CVE-2018-15133 (Laravel unserialize vulnerability)

Inthewilddb ⭐ 183

Hourly updated database of exploit and exploitation reports

Cve 2017 8570 ⭐ 172

Proof of Concept exploit for CVE-2017-8570

Ntlm Scanner ⭐ 167

A simple python tool based on Impacket that tests servers for various known NTLM vulnerabilities

Cod Exploits ⭐ 166

☠️ Call of Duty - Vulnerabilities and proof-of-concepts

Neet - Network Enumeration and Exploitation Tool

Beehive ⭐ 156

Beehive is an open-source vulnerability detection framework based on Beebeeto-framework. Security researcher can use it to find vulnerability, exploits, subsequent attacks, etc.

Related Searches

Security Vulnerabilities (12,350)

Laravel Vulnerabilities (11,319)

Php Vulnerabilities (8,887)

Python Exploitation (1,616)

Javascript Vulnerabilities (1,306)

Python Vulnerabilities (1,159)

Exploitation Cve (771)

Vulnerabilities Scanner (695)

Vulnerabilities Cve (670)

C Exploitation (545)

1-35 of 35 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.