Build software better, together

chaitin / xray

Star

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

security xss poc vulnerability passive-vulnerability-scanner sqlinjection vulnerability-scanner

Updated Mar 28, 2024
Vue

frohoff / ysoserial

Star

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

java serialization exploit jvm deserialization gadget poc vulnerability javadeser

Updated Mar 31, 2024
Java

Mr-xn / Penetration_Testing_POC

Star

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

exploit penetration-testing poc rce csrf cve bypass thinkphp cobalt-strike authentication-bypass getshell penetration-testing-poc csrf-webshell sql-poc poc-exp oa-getshell cve-cms php-bypass sql-getshell

Updated Jan 28, 2024
HTML

trickest / cve

Star

Gather and update all available and newest CVEs with their PoC.

security exploit hacking penetration-testing poc vulnerability infosec pentesting vulnerabilities cve software-security red-team security-tools software-vulnerability software-vulnerabilities latest-cve cve-poc

Updated Apr 28, 2024
HTML

nomi-sec / PoC-in-GitHub

Star

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

security exploit poc vulnerability cve

Updated Apr 29, 2024

k8gege / K8tools

Star

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

database apt exploit scanner hacking password poc brute-force pentest bypass crack privilege-escalation 0day getshell netscan

Updated Dec 16, 2023
PowerShell

ffffffff0x / 1earn

Star

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

security collection study hacking poc infosec ctf pentest markdown-article writeup blueteam ics-security security-tools pentest-tool redteam linux-learning post-penetration

Updated Apr 22, 2024
C++

k8gege / Ladon

Star

Ladon大型内网渗透工具，可PowerShell模块化、可CS插件化、可内存加载，无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息，高危漏洞检测16个含MS17010、Zimbra、Exchange

security tools hack exploit scanner hacking password poc brute-force pentest portscan security-scanner exp security-tools ladon ipscanner getshell netscan

Updated Dec 19, 2023
PowerShell

zhzyker / exphub

Star

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

drupal exploit nexus tomcat poc vulnerability webshell exp weblogic getshell cve-2020-1938 cve-2020-2551 cve-2020-2555 cve-2020-10199 cve-2020-10204 cve-2020-2883 cve-2020-11444 cve-2020-5902 cve-2020-14882

Updated Apr 4, 2021
Python

qazbnm456 / awesome-cve-poc

Sponsor

Star

✍️ A curated list of CVE PoCs.

awesome poc cve

Updated Jan 4, 2022

zan8in / afrog

Star

A Security Tool for Bug Bounty, Pentest and Red Teaming.

penetration-testing poc bug-bounty pentest vulnerability-scanner red-teaming vulnerability-scanning-tools afrog

Updated Apr 28, 2024
Go

Threekiii / Awesome-POC

Star

一个漏洞POC知识库

poc

Updated Apr 22, 2024

tr0uble-mAker / POC-bomber

Star

利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点

poc rce cve exp vulnerability-scanner redteam getshell poc-bomber

Updated Jun 9, 2023
Python

Ascotbe / Medusa

Star

🐈Medusa是一个红队武器库平台，目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能，持续开发中

mail virus email xss poc medusa cve metasploit-framework payload exp dnslog cobaltstrike readteam

Updated Mar 3, 2024
Python

Notselwyn / CVE-2024-1086

Star

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

exploit poc cve lpe cve-2024-1086

Updated Apr 17, 2024
C

k8gege / LadonGo

Star

Ladon for Kali 全平台开源内网渗透扫描器,Windows/Linux/Mac/路由器内网渗透，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。