0day
There are 135 repositories under 0day topic.
k8gege/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
GhostTroops/scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
PeiQi0/PeiQi-WIKI-Book
面向网络安全从业者的知识文库🍃
veo/vscan
开源、轻量、快速、跨平台 的网站漏洞扫描工具,帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)
W01fh4cker/Serein
【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。
OWASP/joomscan
OWASP Joomla Vulnerability Scanner Project https://www.secologist.com/
hacktoolspack/hack-tools
hack tools
klezVirus/CVE-2021-40444
CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
b1tg/CVE-2023-38831-winrar-exploit
CVE-2023-38831 winrar exploit generator
googleprojectzero/0days-in-the-wild
Repository for information about 0-days exploited in-the-wild.
Cr4sh/ThinkPwn
Started as arbitrary System Management Mode code execution exploit for Lenovo ThinkPad model line, ended as exploit for industry-wide 0day vulnerability in machines of many vendors
Ostorlab/KEV
Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.
1N3/Wordpress-XMLRPC-Brute-Force-Exploit
Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield
illusionofchaos/ios-gamed-0day
iOS gamed exploit (fixed in 15.0.2)
Bo0oM/PHP_imap_open_exploit
Bypassing disabled exec functions in PHP (c) CRLF
hktalent/spring-spel-0day-poc
spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963
ZeroMemoryEx/APT38-0day-Stealer
APT38 Tactic PoC for Stealing 0days from security professionals
VoidSec/Exploit-Development
Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
W01fh4cker/CVE-2023-46747-RCE
exploit for f5-big-ip RCE cve-2023-46747
1N3/Exploits
Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity
sickcodes/no-sandbox
No Sandbox - Applications That Run Chromium and Chrome Without The Sandbox. TL;DR exploits in these browser based applications are already sandboxed escaped: https://no-sandbox.io/
illusionofchaos/ios-analyticsd-pre14.7-exploit
iOS exploit (fixed in 14.7)
illusionofchaos/ios-nehelper-wifi-info-0day
iOS 15 0-day exploit (still works in 15.0.2)
illusionofchaos/ios-nehelper-enum-apps-0day
iOS 15 0-day exploit (still works in 15.0.2)
V-i-x-x/AMSI-BYPASS
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
k8gege/CiscoExploit
Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)
W01fh4cker/CVE-2024-27198-RCE
CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4
p0wershe11/ProxyLogon
ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)
tweedge/springcore-0day-en
Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.
DrunkenShells/Disclosures
Public Disclosures
k8gege/ZimbraExploit
Zimbra邮件系统漏洞 XXE/RCE/SSRF/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)
zadewg/LIVEBOX-0DAY
CVE-2018-20377; 20575; 20576; 20577 Multiple security vulnerabilities affecting latest firmware release on ORANGE Livebox modems.
jas502n/Ubuntu-0day
all 4.4 ubuntu aws instances are vulnerable
Cr4sh/Aptiocalypsis
Arbitrary SMM code execution exploit for industry-wide 0day vulnerability in AMI Aptio based firmwares
k8gege/PPT
PPT教程