Some personal exploits/pocs
☆56Jun 2, 2020Updated 5 years ago
Alternatives and similar repositories for exploits
Users that are interested in exploits are comparing it to the libraries listed below
Sorting:
- Source for many challenges from DEF CON 21 CTF Finals☆33Apr 3, 2014Updated 11 years ago
- A proof of concept to dump Django website's source code affected by NGINX's off-by-slash alias directive misconfiguration.☆24Dec 8, 2022Updated 3 years ago
- Source for many challenges from DEF CON 21 CTF Qualifier☆39Apr 6, 2014Updated 11 years ago
- Enumerate subdomains by parsing Rapid7 FDNS dumps and CA transparency logs☆26Apr 26, 2019Updated 6 years ago
- SqlMap_BurpSuite☆51Aug 15, 2019Updated 6 years ago
- Collection of tips, tools and tutorials around infosec☆29May 18, 2017Updated 8 years ago
- Exploit for the Post-Auth RCE vulnerability in Pulse Secure Connect☆133Feb 11, 2022Updated 4 years ago
- Exploit Firefox Vulnerability☆24May 25, 2020Updated 5 years ago
- Docker Pentest Lists are collection of Dockerfiles or Links to Dockerfiles for containers used in Penetration Tests☆21May 1, 2017Updated 8 years ago
- A Tool to Extract Open Kibana Instances on Internet and Map them to their Corresponding Organizations for Bug Bounty.☆16Sep 7, 2019Updated 6 years ago
- AWS S3 Bucket Finder.☆14Oct 28, 2025Updated 4 months ago
- Scan secrets from Continuous Integration Build Logs☆53Oct 14, 2019Updated 6 years ago
- vBulletin 5.x 未授权远程代码执行漏洞☆21Sep 26, 2019Updated 6 years ago
- Tools for bug hunting in a container☆21Aug 18, 2023Updated 2 years ago
- Files for the Defcon Toronto Introduction to 64-bit Linux Exploitation☆15Feb 23, 2018Updated 8 years ago
- an RCE (remote command execution) approach of CVE-2018-7750☆21Nov 6, 2018Updated 7 years ago
- CVE-2019-15107 Webmin RCE (unauthorized)☆65Sep 2, 2019Updated 6 years ago
- linux内核提权后门模块demo☆36Jun 11, 2019Updated 6 years ago
- 用WebShell��攻击PHP-FPM Attacking PHP-FPM with WebShell☆41May 6, 2021Updated 4 years ago
- Fetch known urls from AlienVault's Open Threat Exchange for given hosts☆63Jul 22, 2019Updated 6 years ago
- Apache Solr DataImport Handler RCE☆91Aug 12, 2019Updated 6 years ago
- guest→system(UAC手动提权)☆73Mar 18, 2020Updated 5 years ago
- nxdomain subdomain enumeration☆10Jul 17, 2022Updated 3 years ago
- This is a basic bind shell script , containting both server and client classes, i will upgrade it with time adding new features and make …☆13Jun 11, 2025Updated 8 months ago
- 域渗透脑图中文翻译版☆12Jan 26, 2022Updated 4 years ago
- The offical exploit for Pandora v7.0NG Post-auth Remote Code Execution CVE-2019-20224☆14Jan 10, 2020Updated 6 years ago
- Just basic scanner abusing CVE-2020-3452 to enumerate the standard files accessible in the Web Directory of the CISCO ASA applicances.☆24Oct 10, 2020Updated 5 years ago
- Collection of Some Good research Documentation☆27Dec 10, 2017Updated 8 years ago
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆74Jan 4, 2021Updated 5 years ago
- Attacking and defending web and VPN session hijacking in Pulse Secure Connect☆14Oct 24, 2019Updated 6 years ago
- Webshell with the newest, easiest, and shortest code and technique.☆10Oct 23, 2021Updated 4 years ago
- My attempt at writing exploit POCs for various CVEs☆16Feb 8, 2020Updated 6 years ago
- Hackfest Talk - Abusing PHP 7’s OPcache to Spawn Webshells☆10Nov 6, 2016Updated 9 years ago
- IP画像业务安全版私有化部署SDK☆13Dec 8, 2022Updated 3 years ago
- An assortment of general guides I've currated for general teaching purposes focusing on red / blue team methodologies and tasks.☆13Feb 3, 2018Updated 8 years ago
- Zoho ManageEngine Desktop Central CVEs☆15Oct 5, 2020Updated 5 years ago
- An exploit for Microsoft IIS 6.0 CVE-2017-7269☆22Mar 29, 2017Updated 8 years ago
- SSH password logging via PAM☆30Jul 7, 2020Updated 5 years ago
- Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will m…☆99Dec 30, 2019Updated 6 years ago