onewinner/POCS

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/onewinner/POCS)

onewinner / POCS

收集最新漏洞POC（Yaml\Python）

☆221

Alternatives and similar repositories for POCS

Users that are interested in POCS are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

onewinner / VulToolsKit
View on GitHub
红队武器库漏洞利用工具合集整理
☆646Sep 3, 2024Updated last year
ahisec / Lots-of-POC
View on GitHub
Vulnerability POC/EXP Collection and Classification
☆23Sep 18, 2024Updated last year
Lotus6 / JavaGadgetGenerator
View on GitHub
JavaGadgetGenerator 工具，支持 ysoserial，Hessian，字节码，Expr/SSTI，Shiro，JDBC 等 Gadget 生成，封装，混淆，出网延迟探测，内存马注入等...
☆560Apr 3, 2026Updated last week
MInggongK / jeecg-
View on GitHub
jeecg综合漏洞利用工具
☆434Aug 30, 2024Updated last year
exp999fuck / poc_yaml
View on GitHub
漏洞扫描poc，不定期更新
☆41May 26, 2024Updated last year
End-to-end encrypted cloud storage - Proton Drive • Ad
Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
MInggongK / dahuaExploitGUI
View on GitHub
dahua综合漏洞利用工具
☆286Aug 6, 2024Updated last year
y1hub / poc_exp
View on GitHub
暂停更新·······正在谋划······
☆147Jun 28, 2024Updated last year
pureqh / xxl-job-attack
View on GitHub
xxl-job漏洞综合利用工具
☆155Jun 3, 2025Updated 10 months ago
iamHuFei / HVVault
View on GitHub
梳理【护网高利用率POC】并集成Nuclei模板仓库，针对解决网上同一资产漏洞一键检测工具参次不齐问题。
☆578Mar 21, 2024Updated 2 years ago
xiaokp7 / TongdaOATool
View on GitHub
通达OA漏洞检测工具
☆345Jul 11, 2024Updated last year
bcvgh / daydayExp-pocs
View on GitHub
daydayExp的漏洞POC仓库，慢慢更新...
☆376Nov 4, 2024Updated last year
fliggyaa / fscanpoc
View on GitHub
增加了一些fscan的poc
☆121Apr 11, 2025Updated last year
BambiZombie / FrchannelPlus
View on GitHub
帆软bi反序列化漏洞利用工具
☆191Mar 23, 2024Updated 2 years ago
DeEpinGh0st / MDUT-Extend-Release
View on GitHub
MDUT-Extend(扩展版本)
☆907Mar 27, 2026Updated 2 weeks ago
Virtual machines for every use case on DigitalOcean • Ad
Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
MInggongK / Penetration-mining-src
View on GitHub
一款集成了H3C,致远，泛微，万户，帆软，海康威视，金蝶云星空，畅捷通，Struts等多个RCE漏洞利用工具
☆235Jul 28, 2024Updated last year
wudijun / Catcher
View on GitHub
Catcher(捕手) 重点系统指纹漏洞验证工具，适用于外网打点，资产梳理漏洞检查。
☆316Feb 18, 2025Updated last year
Wileysec / nacos_derby_rce
View on GitHub
Nacos Derby命令执行漏洞利用脚本
☆152Apr 7, 2025Updated last year
R4gd0ll / I-Wanna-Get-All
View on GitHub
综合漏洞后渗透利用工具
☆1,706Dec 11, 2025Updated 4 months ago
Awrrays / FrameVul
View on GitHub
POC集合，框架nday漏洞利用
☆450Feb 18, 2025Updated last year
byname66 / SerializeJava
View on GitHub
用Go+Fyne开发的，展示JAVA序列化流以及集成一键插入脏数据,UTF过长编码绕WAF(Utf OverLoad Encoding),修改类SerializeVersionUID功能的图形化工具。
☆125Jan 14, 2025Updated last year
K-7H7l / Jeecg_Tools
View on GitHub
本工具为jeecg框架漏洞利用工具非jeecg-boot！
☆183Aug 13, 2024Updated last year
wafinfo / DecryptTools
View on GitHub
DecryptTools-综合解密
☆1,315Mar 2, 2025Updated last year
bcvgh / daydayEXP
View on GitHub
支持自定义Poc文件的图形化漏洞利用工具
☆231Nov 5, 2024Updated last year
Managed Database hosting by DigitalOcean • Ad
PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
0xchang / DockerApiRCE
View on GitHub
DockerApiRCE
☆237Oct 22, 2024Updated last year
Lotus6 / ConfluenceMemshell
View on GitHub
Confluence CVE 2021，2022，2023 利用工具，支持命令执行，哥斯拉，冰蝎内存马注入
☆557Feb 1, 2024Updated 2 years ago
wjlin0 / fscan
View on GitHub
fscan免杀
☆125Mar 29, 2024Updated 2 years ago
xsshim / GzWebsocket
View on GitHub
哥斯拉webshell管理工具的插件，用于连接websocket型webshell
☆181Apr 17, 2024Updated last year
Conan924 / GodInfo
View on GitHub
GodInfo 是一个功能全面的后渗透信息和凭据收集工具，旨在帮助安全测试人员在获得授权访问权限后，快速收集目标系统的信息和凭据。
☆246Apr 29, 2025Updated 11 months ago
eeeeeeeeee-code / POC
View on GitHub
备份的漏洞库，3月开始我们来维护
☆1,877Mar 31, 2026Updated last week
Conan924 / NacosExploit
View on GitHub
NacosExploit 命令执行内存马等利用
☆216Jul 18, 2024Updated last year
wh1t3zer / SpringBootVul-GUI
View on GitHub
一个半自动化springboot打点工具，内置目前springboot所有漏洞
☆778Sep 30, 2025Updated 6 months ago
Conan924 / PostHikvision
View on GitHub
哥斯拉Hikvision综合安防后渗透插件，运行中心/web前台/MinIO 配置提取（解密）重置密码,还原密码。
☆170Oct 8, 2024Updated last year
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
jdr2021 / OSSFileBrowse
View on GitHub
存储桶遍历漏洞利用工具
☆424Jul 25, 2024Updated last year
lal0ne / vulnerability
View on GitHub
收集、整理、修改互联网上公开的漏洞POC
☆973Jul 27, 2025Updated 8 months ago
Zjackky / CodeScan
View on GitHub
一款轻量级匹配Sink点的代码审计扫描器，为了帮助红队过程中快速代码审计的小工具
☆409Oct 6, 2024Updated last year
Hel10-Web / Databasetools
View on GitHub
一款用Go语言编写的数据库自动化提权工具，支持Mysql、MSSQL、Postgresql、Oracle、Redis数据库提权、命令执行、爆破以及ssh连接
☆863Aug 30, 2023Updated 2 years ago
DeEpinGh0st / JDumpSpiderGUI
View on GitHub
JDumpSpiderGUI 是一个用于 Java 堆转储文件分析的工具，支持命令行和 JavaFX 图形界面两种模式。该工具主要是在原工具上添加了图形化的界面
☆156May 5, 2025Updated 11 months ago
Chave0v0 / YONYOU-TOOL
View on GitHub
用友漏洞综合利用工具
☆265Nov 9, 2024Updated last year
shuanx / BurpAPIFinder
View on GitHub
攻防演练过程中，我们通常会用浏览器访问一些资产，但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等，该插件能让我们发现未授权/敏感信息/越权/登陆接口等。
☆1,383Oct 3, 2024Updated last year