☆41Feb 28, 2026Updated 4 months ago
Alternatives and similar repositories for exploitation
Users that are interested in exploitation are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Attachment and official writeup for D^3CTF 2025's Pwn challenge - d3kheap2☆16Jul 2, 2025Updated last year
- ☆35Apr 14, 2025Updated last year
- Real world CVEs in iOS/MacOS/*OS I've analysed for education purpose.☆22Apr 4, 2026Updated 3 months ago
- 웹 브라우저 취약점 탐지 자동화 프로젝트☆12Jan 8, 2022Updated 4 years ago
- ☆44Oct 10, 2025Updated 9 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- AppleKeyStoreUserClient close() UAF — PoC + diff analysis (bug found/patched by unknown third party in iOS 26.3 RC, not my discovery)☆27Apr 22, 2026Updated 2 months ago
- CVE-2026-20637: AppleSEPKeyStore Use-After-Free — iOS/macOS kernel vulnerability (patched in 26.4)☆55Jun 28, 2026Updated 2 weeks ago
- iOS 13.5 ✌️☆50May 23, 2025Updated last year
- A Webkit RCE exploit and an SBX bug☆35Jun 8, 2019Updated 7 years ago
- IOGPUFamily bitmap_mask underflow → kernel heap OOB write. First public PoC. Original discovery by Wang Yu of Cyberserval.☆24Mar 18, 2026Updated 3 months ago
- Safari 1day RCE Exploit☆165Mar 22, 2025Updated last year
- For V8CTF M123☆18Aug 25, 2024Updated last year
- QEMU guest-to-host escape exploit☆31Mar 17, 2026Updated 3 months ago
- Analysis of CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB) exploit chain - iOS Safari☆102Jun 28, 2026Updated 2 weeks ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A V8 Sandbox Escape Technique.☆20Feb 8, 2025Updated last year
- ☆64Aug 15, 2023Updated 2 years ago
- XNU AIO kevent use-after-free — kernel panic from app sandbox on iOS 26.2 (no entitlements). Patched in iOS 26.3☆27Mar 21, 2026Updated 3 months ago
- ☆19Nov 26, 2024Updated last year
- ☆28Feb 6, 2024Updated 2 years ago
- WTF Snapshot fuzzing of macOS targets☆98May 31, 2024Updated 2 years ago
- Authenticated 0-click RCE against Linux 6.1.45 for CVE-2023-52440 and CVE-2023-4130☆55Sep 13, 2025Updated 10 months ago
- ☆13Feb 24, 2024Updated 2 years ago
- Chrome Renderer 1day RCE via Type Confusion in Async Stack Trace (v8ctf submission)☆86Jun 3, 2024Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A work-in-progress re-implementation of the buffout WebKit exploit used in the 'Coruna' iOS spyware☆47Mar 20, 2026Updated 3 months ago
- PoC for code execution on a53 used by PS5 on fw 02.00.☆41Mar 15, 2026Updated 4 months ago
- Welcome to Hoyt's macOS Fuzzing & Code Repo. Contribute Code or Open an Issue or Discussion.☆52Feb 8, 2026Updated 5 months ago
- ☆24Jan 27, 2026Updated 5 months ago
- Deterministic kernel exploit based on CVE-2023-32434.☆129May 14, 2026Updated 2 months ago
- Some V8 n-day exploits that I've written☆63Jun 7, 2026Updated last month
- My collection of PoCs☆26Nov 9, 2023Updated 2 years ago
- XNU kernel, Kernel Collection and CodeQL build scripts☆305Jun 18, 2026Updated 3 weeks ago
- WebKit NavigateEvent.canIntercept SOP bypass via cross-port interception — iOS 26.3.1 BSI (CVE-2026-20643)☆19Jun 28, 2026Updated 2 weeks ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A V8 Sandbox Escape Technique.☆37Jul 4, 2024Updated 2 years ago
- Full Chain Analysis of CVE-2022-4262, a non-trivial feedback slot type confusion in V8.☆106Feb 12, 2025Updated last year
- For V8CTF M122☆14Aug 25, 2024Updated last year
- An IDA Toolkit for analyzing iOS kernelcaches.☆141Jun 23, 2026Updated 3 weeks ago
- Proof-of-concept for the CVE-2022-42864 IOHIDFamily race condition☆68Jan 20, 2023Updated 3 years ago
- deobfuscated JS and blobs from https://b27[.]icu, first attempt at using claude☆273Mar 11, 2026Updated 4 months ago
- CVE-2024-44258☆89Nov 2, 2024Updated last year