A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute.
☆859Feb 26, 2024Updated 2 years ago
Alternatives and similar repositories for php-exploit-scripts
Users that are interested in php-exploit-scripts are comparing it to the libraries listed below
Sorting:
- A collection of PHP backdoors. For educational or testing purposes only.☆2,260Mar 9, 2024Updated 2 years ago
- Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server!☆1,936Mar 3, 2021Updated 5 years ago
- Detect potentially malicious PHP files☆1,476Oct 20, 2023Updated 2 years ago
- WebShell Collect☆394Sep 14, 2016Updated 9 years ago
- Automated Linux evil maid attack☆436Dec 22, 2015Updated 10 years ago
- Miscellaneous exploit code☆1,569Oct 6, 2023Updated 2 years ago
- linux rootkit☆162Feb 12, 2018Updated 8 years ago
- webshell sample for WebShell Log Analysis☆419Feb 24, 2022Updated 4 years ago
- A Ruby framework designed to aid in the penetration testing of WordPress systems.☆1,044Nov 24, 2019Updated 6 years ago
- Chromebackdoor is a PoC of pentest tool, this tool use a MITB technique for generate a windows executable ".exe" after launch run a malic…☆512Jan 8, 2017Updated 9 years ago
- Script to steal passwords from ssh.☆489Dec 19, 2018Updated 7 years ago
- A Python Framework For NoSQL Scanning and Exploitation☆602Dec 6, 2024Updated last year
- Weaponized web shell☆3,494Oct 1, 2025Updated 5 months ago
- Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor☆2,447May 6, 2024Updated last year
- Nashorn Post Exploitation☆32Feb 12, 2018Updated 8 years ago
- A collection of curated Java Deserialization Exploits☆591May 16, 2021Updated 4 years ago
- A tool that can scan php vulnerabilities automatically using static analysis methods☆488Mar 20, 2018Updated 8 years ago
- Exploitation for XSS☆729Aug 5, 2021Updated 4 years ago
- Next Generation Firewall Audit and Bypass Tool☆266Apr 24, 2017Updated 8 years ago
- Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective wa…☆313Sep 10, 2018Updated 7 years ago
- Post Exploitation Collection☆1,571May 1, 2020Updated 5 years ago
- Stealing CSRF tokens with CSS injection (without iFrames)☆323Feb 7, 2018Updated 8 years ago
- WAFNinja is a tool which contains two functions to attack Web Application Firewalls.☆824Dec 6, 2017Updated 8 years ago
- Advanced Web Shell☆580May 1, 2017Updated 8 years ago
- Recon, Subdomain Bruting, Zone Transfers☆229Aug 2, 2016Updated 9 years ago
- This is a webshell open source project☆10,701Dec 24, 2024Updated last year
- PHPMailer < 5.2.18 Remote Code Execution exploit and vulnerable container☆406Feb 27, 2023Updated 3 years ago
- Command line utility for searching and downloading exploits☆1,814Sep 10, 2025Updated 6 months ago
- A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network☆573Dec 9, 2017Updated 8 years ago
- Collection of tools for web recon and enumeration.☆56Jun 3, 2015Updated 10 years ago
- Malware exploits☆554Aug 22, 2025Updated 6 months ago
- online port scan scraper☆1,121Aug 7, 2023Updated 2 years ago
- a fast domain brute tool☆414Mar 2, 2018Updated 8 years ago
- Vulnerability Labs for security analysis☆1,170Mar 10, 2021Updated 5 years ago
- Find exploits in local and online databases instantly☆1,811Sep 27, 2021Updated 4 years ago
- Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective wa…☆729Nov 19, 2017Updated 8 years ago
- Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner☆1,917Apr 13, 2022Updated 3 years ago
- Your interpreter isn’t safe anymore — The PHP module backdoor☆221Mar 25, 2019Updated 6 years ago
- From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras☆426Feb 18, 2020Updated 6 years ago