jhftss / POC
A public collection of POCs & Exploits for the vulnerabilities I discovered
☆352Updated 6 months ago
Related projects: ⓘ
- LPE exploit for CVE-2023-21768☆415Updated last year
- bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)☆491Updated 2 months ago
- Work in progress...☆296Updated 2 months ago
- Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit☆264Updated 9 months ago
- ☆321Updated 3 months ago
- CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request …☆266Updated 3 weeks ago
- Tips on how to write exploit scripts (faster!)☆397Updated 2 months ago
- LPE exploit for CVE-2023-21768☆473Updated last year
- A script to automate privilege escalation with CVE-2023-22809 vulnerability☆147Updated last year
- Massive Mobile Security Framework☆184Updated last month
- Useful "Match and Replace" burpsuite rules☆328Updated 11 months ago
- An automatic Blind ROP exploitation tool☆186Updated last year
- CVE-2022-44268 ImageMagick Arbitrary File Read - Payload Generator☆270Updated last year
- Advanced exploits that I wrote for Pwn2Own competitions and other occasions☆157Updated 5 months ago
- Kraken, a modular multi-language webshell coded by @secu_x11☆509Updated 7 months ago
- PDF Files for Web Pentesting☆411Updated 3 months ago
- A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager☆339Updated last year
- Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing☆127Updated 4 months ago
- ☆398Updated 2 months ago
- 1337 Wordlists for Bug Bounty Hunting☆732Updated last month
- ☆197Updated last year
- Oversecured Vulnerable iOS App☆209Updated 8 months ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆342Updated last year
- Take over macOS Electron apps' TCC permissions☆185Updated last year
- A library for detecting known secrets across many web frameworks☆476Updated 3 months ago
- ☆513Updated last year
- reverse shell using curl☆443Updated 4 months ago
- Collection of Windows Privilege Escalation (Analyse/PoC/Exp...)☆298Updated last year
- ☆233Updated 3 years ago
- Session Hijacking Visual Exploitation☆189Updated 6 months ago