Some personal exploits/pocs
☆56Jun 2, 2020Updated 5 years ago
Alternatives and similar repositories for exploits
Users that are interested in exploits are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A proof of concept to dump Django website's source code affected by NGINX's off-by-slash alias directive misconfiguration.☆24Dec 8, 2022Updated 3 years ago
- Exploit Firefox Vulnerability☆24May 25, 2020Updated 5 years ago
- Source for many challenges from DEF CON 21 CTF Finals☆33Apr 3, 2014Updated 11 years ago
- SSH password logging via PAM☆30Jul 7, 2020Updated 5 years ago
- Merge results from NMAP and Masscan into one CSV file☆18Jun 19, 2018Updated 7 years ago
- Docker Pentest Lists are collection of Dockerfiles or Links to Dockerfiles for containers used in Penetration Tests☆21May 1, 2017Updated 8 years ago
- Exploit for the Post-Auth RCE vulnerability in Pulse Secure Connect☆133Feb 11, 2022Updated 4 years ago
- Source for many challenges from DEF CON 21 CTF Qualifier☆39Apr 6, 2014Updated 11 years ago
- Enumerate subdomains by parsing Rapid7 FDNS dumps and CA transparency logs☆26Apr 26, 2019Updated 6 years ago
- Windows hidden thread suspend POC with code injection☆12May 27, 2017Updated 8 years ago
- Webshell with the newest, easiest, and shortest code and technique.☆10Oct 23, 2021Updated 4 years ago
- Scan secrets from Continuous Integration Build Logs☆53Oct 14, 2019Updated 6 years ago
- Just basic scanner abusing CVE-2020-3452 to enumerate the standard files accessible in the Web Directory of the CISCO ASA applicances.☆24Oct 10, 2020Updated 5 years ago
- AgentTesla botnet C&C RCE exploit.☆16Aug 13, 2019Updated 6 years ago
- SqlMap_BurpSuite☆51Aug 15, 2019Updated 6 years ago
- Collection of tips, tools and tutorials around infosec☆29May 18, 2017Updated 8 years ago
- 2018 Advent Calendar browser pwnables☆15Feb 14, 2019Updated 7 years ago
- Fetch known urls from AlienVault's Open Threat Exchange for given hosts☆63Jul 22, 2019Updated 6 years ago
- Apache Solr DataImport Handler RCE☆91Aug 12, 2019Updated 6 years ago
- AWS S3 Bucket Finder.☆14Oct 28, 2025Updated 4 months ago
- Hackfest Talk - Abusing PHP 7’s OPcache to Spawn Webshells☆10Nov 6, 2016Updated 9 years ago
- A Tool to Extract Open Kibana Instances on Internet and Map them to their Corresponding Organizations for Bug Bounty.☆16Sep 7, 2019Updated 6 years ago
- Control Flow Guard Teleportation demo☆23Jul 28, 2019Updated 6 years ago
- CVE-2019-12949☆26Jun 28, 2019Updated 6 years ago
- Browser Fuzzing with Machine Learning☆22Mar 6, 2019Updated 7 years ago
- Tools for bug hunting in a container☆21Aug 18, 2023Updated 2 years ago
- Zoho ManageEngine Desktop Central CVEs☆15Oct 5, 2020Updated 5 years ago
- ☆85Dec 6, 2019Updated 6 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Mar 1, 2023Updated 3 years ago
- vBulletin 5.x 未授权远程代码执行漏洞☆21Sep 26, 2019Updated 6 years ago
- PoC for CVE-2019-10207☆20Mar 27, 2022Updated 3 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- an RCE (remote command execution) approach of CVE-2018-7750☆21Nov 6, 2018Updated 7 years ago
- CVE-2019-0708 (BlueKeep)☆111Jul 7, 2020Updated 5 years ago
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆74Jan 4, 2021Updated 5 years ago
- Takes a list of domains as the input, checks if they have a security.txt, outputs the results.☆16May 15, 2020Updated 5 years ago
- a parser + crawler for .DS_Store files exposed publically☆56Jun 6, 2023Updated 2 years ago
- The offical exploit for Pandora v7.0NG Post-auth Remote Code Execution CVE-2019-20224☆14Jan 10, 2020Updated 6 years ago
- Collection of Some Good research Documentation☆27Dec 10, 2017Updated 8 years ago