Alternatives and similar repositories for exploits

Users that are interested in exploits are comparing it to the libraries listed below

• c53elyas / CVE-2023-33733
  CVE-2023-33733 reportlab RCE
  ☆118Updated 2 years ago
• codewhitesec / HttpRemotingObjRefLeak
  Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)
  ☆91Updated last year
• 0xless / slip
  Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z and zip-like (jar, war,…
  ☆110Updated 5 months ago
• BishopFox / CVE-2023-27997-check
  Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing
  ☆134Updated last year
• BKreisel / sqlmap-websocket-proxy
  Tool to enable blind sql injection attacks against websockets using sqlmap
  ☆67Updated 6 months ago
• horizon3ai / CVE-2023-34362
  MOVEit CVE-2023-34362
  ☆138Updated 2 years ago
• Moopinger / CLZero
  A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors
  ☆90Updated last year
• karthikuj / cve-2022-42889-text4shell-docker
  Dockerized POC for CVE-2022-42889 Text4Shell
  ☆76Updated 3 years ago
• snyk / socketsleuth
  Burp Extension to add additional functionality for pentesting websocket based applications
  ☆99Updated 2 months ago
• Occamsec / CVE-2023-2825
  GitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the /etc/passwd file from a system running GitLab…
  ☆141Updated 2 years ago
• PortSwigger / server-side-prototype-pollution
  ☆40Updated 2 years ago
• h4x0r-dz / CVE-2024-3400
  CVE-2024-3400 Palo Alto OS Command Injection
  ☆161Updated last year
• pruzko / hakuin
  A blazing fast and fully configurable Blind SQL Injection optimization and automation framework.
  ☆137Updated 5 months ago
• carlosevieira / CVE-2022-40684
  PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)
  ☆87Updated 3 years ago
• horizon3ai / CVE-2022-47966
  POC for CVE-2022-47966 affecting multiple ManageEngine products
  ☆127Updated 2 years ago
• BishopFox / ysoserial-bf
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆29Updated last year
• numanturle / CVE-2022-44877
  ☆104Updated 2 years ago
• vchan-in / CVE-2023-35078-Exploit-POC
  CVE-2023-35078 Remote Unauthenticated API Access Vulnerability Exploit POC
  ☆118Updated 2 years ago
• eelyvy / log4jshell-pdf
  The purpose of this project is to demonstrate the Log4Shell exploit with Log4J vulnerabilities using PDF as delivery channel
  ☆206Updated 3 years ago
• kljunowsky / CVE-2022-42889-text4shell
  Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.
  ☆56Updated last year
• h4x0r-dz / CVE-2024-21893.py
  CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure
  ☆96Updated last year
• alt3kx / CVE-2022-1388_PoC
  F5 BIG-IP RCE exploitation (CVE-2022-1388)
  ☆88Updated 3 years ago
• yuriisanin / CVE-2022-45025
  [PoC] Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)
  ☆90Updated 2 years ago
• watchtowrlabs / juniper-rce_cve-2023-36844
  ☆112Updated 2 years ago
• Chocapikk / CVE-2023-22515
  CVE-2023-22515: Confluence Broken Access Control Exploit
  ☆137Updated this week
• usdAG / slipit
  Utility for creating ZipSlip archives
  ☆79Updated 2 years ago
• jakabakos / CVE-2023-36664-Ghostscript-command-injection
  Ghostscript command injection vulnerability PoC (CVE-2023-36664)
  ☆127Updated 2 years ago
• sinsinology / CVE-2024-4358
  Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)
  ☆77Updated last year
• hackvertor / shadow-repeater
  ☆41Updated this week
• 0xbigshaq / CVE-2025-25257
  FortiWeb CVE-2025-25257 exploit
  ☆62Updated 4 months ago