渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

快速搭建各种漏洞环境(Various vulnerability environment)

Open Source Vulnerability Management Platform

Gather and update all available and newest CVEs with their PoC.

✍️ A curated list of CVE PoCs.

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

🌴Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

cve-search - a tool to perform local searches for known vulnerabilities

面向网络安全从业者的知识文库🍃

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

Vulnerability Labs for security analysis

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

A collection of JavaScript engine CVEs with PoCs

利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点

🐈Medusa是一个红队武器库平台，目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能，持续开发中

基于 docsify 部署，目前漏洞数量 1000+

PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)

WebMap-Nmap Web Dashboard and Reporting