A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute.
☆859Feb 26, 2024Updated 2 years ago
Alternatives and similar repositories for php-exploit-scripts
Users that are interested in php-exploit-scripts are comparing it to the libraries listed below
Sorting:
- A collection of PHP backdoors. For educational or testing purposes only.☆2,257Mar 9, 2024Updated last year
- Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server!☆1,935Mar 3, 2021Updated 4 years ago
- Detect potentially malicious PHP files☆1,477Oct 20, 2023Updated 2 years ago
- Miscellaneous exploit code☆1,568Oct 6, 2023Updated 2 years ago
- Automated Linux evil maid attack☆435Dec 22, 2015Updated 10 years ago
- A Ruby framework designed to aid in the penetration testing of WordPress systems.☆1,042Nov 24, 2019Updated 6 years ago
- WebShell Collect☆394Sep 14, 2016Updated 9 years ago
- linux rootkit☆162Feb 12, 2018Updated 8 years ago
- webshell sample for WebShell Log Analysis☆419Feb 24, 2022Updated 4 years ago
- Chromebackdoor is a PoC of pentest tool, this tool use a MITB technique for generate a windows executable ".exe" after launch run a malic…☆513Jan 8, 2017Updated 9 years ago
- Script to steal passwords from ssh.☆489Dec 19, 2018Updated 7 years ago
- A collection of curated Java Deserialization Exploits☆591May 16, 2021Updated 4 years ago
- A Python Framework For NoSQL Scanning and Exploitation☆602Dec 6, 2024Updated last year
- Weaponized web shell☆3,485Oct 1, 2025Updated 5 months ago
- Exploitation for XSS☆731Aug 5, 2021Updated 4 years ago
- Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor☆2,446May 6, 2024Updated last year
- A tool that can scan php vulnerabilities automatically using static analysis methods☆488Mar 20, 2018Updated 7 years ago
- Nashorn Post Exploitation☆32Feb 12, 2018Updated 8 years ago
- Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective wa…☆313Sep 10, 2018Updated 7 years ago
- Next Generation Firewall Audit and Bypass Tool☆266Apr 24, 2017Updated 8 years ago
- Stealing CSRF tokens with CSS injection (without iFrames)☆322Feb 7, 2018Updated 8 years ago
- Post Exploitation Collection☆1,569May 1, 2020Updated 5 years ago
- A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network☆573Dec 9, 2017Updated 8 years ago
- Command line utility for searching and downloading exploits☆1,815Sep 10, 2025Updated 5 months ago
- Advanced Web Shell☆580May 1, 2017Updated 8 years ago
- From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras☆426Feb 18, 2020Updated 6 years ago
- Recon, Subdomain Bruting, Zone Transfers☆229Aug 2, 2016Updated 9 years ago
- Vulnerability Labs for security analysis☆1,172Mar 10, 2021Updated 4 years ago
- psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-s…☆277Feb 12, 2021Updated 5 years ago
- Web Application Firewall For Limited Exploitation☆17Nov 15, 2017Updated 8 years ago
- A webshell framework for penetration testers.☆300Aug 10, 2025Updated 6 months ago
- Forward local or remote tcp ports through SMB pipes.☆296Mar 7, 2021Updated 4 years ago
- Phishing on Twitter☆251Jun 21, 2018Updated 7 years ago
- WAFNinja is a tool which contains two functions to attack Web Application Firewalls.☆822Dec 6, 2017Updated 8 years ago
- online port scan scraper☆1,120Aug 7, 2023Updated 2 years ago
- Find exploits in local and online databases instantly☆1,809Sep 27, 2021Updated 4 years ago
- Malware exploits☆553Aug 22, 2025Updated 6 months ago
- FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns,…☆1,408Jan 9, 2024Updated 2 years ago
- Free web-application vulnerability and version scanner☆576Mar 1, 2025Updated last year