command-injection

There are 69 repositories under command-injection topic.

commixproject/commix
Automated All-in-One OS Command Injection Exploitation Tool.
Language:Python5.5k 156 996899
payloadbox/command-injection-payload-list
🎯 Command Injection Payload List
3.6k 81 8736
arch3rPro/PentestTools
Awesome Pentest Tools Collection
1.4k 26 7307
paralax/lfi-labs
small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns
Language:PHP335 15 883
hansmach1ne/LFImap
Local File Inclusion discovery and exploitation tool
Language:Python330 4 4041
dragonked2/Egyscan
Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
Language:Python300 3 1561
TrixSec/waymap
Waymap is a fast and optimized web vulnerability scanner built for penetration testers. It helps in identifying vulnerabilities by testing against various payloads.
Language:Python95 3 110
yuriisanin/CVE-2022-45025
[PoC] Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)
90 1 020
jackaduma/NLP4CyberSecurity
NLP model and tech for cyber security tasks
Language:Jupyter Notebook88 1 227
vladan-stojnic/ML-based-WAF
Simple machine learning based web application firewall (WAF) created in python
Language:Jupyter Notebook60 1 322
omurugur/OS_Command_Payload_List
OS Command Injection Vulnerability Payload List
51 1 021
UNICORDev/exploit-CVE-2022-25765
Exploit for CVE-2022–25765 (pdfkit) - Command Injection
Language:Python25 1 14
dogancanbakir/metamaska
μετάμάσκα - malevolent payload classifier
Language:Jupyter Notebook24 1 21
ThatNotEasy/CVE-2023-34960
Perform with Massive Command Injection (Chamilo)
Language:Python22 1 07
dokDork/SiteSniper
bash script to automate the penetration test
Language:PowerShell20 1 04
JackDoan/TP-Link-ArcherC5-RCE
CVE-2018-19537
Language:Python20 1 06
mbadanoiu/CVE-2025-20029
CVE-2025-20029: Command Injection in TMSH CLI in F5 BIG-IP
20 1 04
qwqoro/Mail-Injection
📧 [Research] E-Mail Injection: Vulnerable applications
Language:HTML18 2 01
abrahim7112/hackers_CVE_2023_poc
The largest hacking program with new tools CVE-2023-PoC for the year 2023 It contains all the attack and exploitation tools for testing websites, as well as a graphical interface to facilitate its use for beginners
Language:Python17 1 03
gigaryte/cve-2022-31898
Exploit POC code for CVE-2022-31898, a command injection for GL-iNet routers with firmware below 3.215
Language:Python17 1 05
traumatism/raycharles
Blind RCE fuzzer
Language:Python16 1 03
hartwork/antijack
:ninja: seccomp-based anti-TTY-hijacking proof-of-concept (prevents TIOCSTI and TIOCLINUX)
Language:C12 1 0
MilindPurswani/hacker101
Hacker101 is a free class for web security. Whether you're a programmer with an interest in bug bounties or a seasoned security professional, Hacker101 has something to teach you.
Language:Ruby11 1 01
moeinfatehi/lfi-to-rce-scenario
This repository is a Dockerized php application containing a LFI (Local File Inclusion) vulnerability which can lead to RCE (Remote Code Execution).
Language:PHP11 1 00
twseptian/cve-2022-22947
Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)
Language:Dockerfile11 1 01
v0lp3/CVE-2022-39073
Proof of concept for the command injection vulnerability affecting the ZTE MF286R router, including an RCE exploit.
Language:Python11 1 04
0xNslabs/CVE-2022-36267-PoC
PoC Script for CVE-2022-36267: Exploits an unauthenticated remote command injection vulnerability in Airspan AirSpot 5410 antenna.
Language:Python9 0 01
K3ysTr0K3R/CVE-2019-15107-EXPLOIT
A PoC exploit for CVE-2019-15107 - Webmin Remote Code Execution
Language:Python8 1 02
Inplex-sys/CVE-2022-47966
The manage engine mass loader for CVE-2022-47966
Language:Python7 1 11
superswan/CamMander
Exploit toolkit for old ip cameras. Inspired by Black Hat 2013 - Exploiting Network Surveillance Cameras Like a Hollywood Hacker
Language:Python7 1 01
0xNslabs/CVE-2022-36553-PoC
PoC Script for CVE-2022-36553: Exploits an unauthenticated remote command injection vulnerability in Hytec Inter HWL-2511-SS device.
Language:Python6 0 00
abaykan/Labs
Repositori ini berisi file-file vulnerable terhadap bug tertentu yang saya jadikan demo pada artikel yang saya tulis di abaykan.com
Language:PHP6 0 05
FOGSEC/awesome-web-security
🐶 A curated list of Web Security materials and resources.
6 2 0
m3z0diac/vuln-windows-application
simple C vulnerable windows program for practicing and learning windows exploitation.
Language:C6 1 01
SaraBaradaran/Web-Fuzzer
Implementation of A Web Fuzzer for Detecting XSS, Command and SQL Injection Vulnerabilities in Websites
Language:Python6 1 02
LinuxUser255/Web-Security-Academy-Series
Exploit Code, notes, and resources to accompany PortSwiggers' WebAcademy Labs.
Language:Python5 1 02

command-injection

commixproject/commix

payloadbox/command-injection-payload-list

arch3rPro/PentestTools

paralax/lfi-labs

hansmach1ne/LFImap

dragonked2/Egyscan

TrixSec/waymap

yuriisanin/CVE-2022-45025

jackaduma/NLP4CyberSecurity

vladan-stojnic/ML-based-WAF

omurugur/OS_Command_Payload_List

UNICORDev/exploit-CVE-2022-25765

dogancanbakir/metamaska

ThatNotEasy/CVE-2023-34960

dokDork/SiteSniper

JackDoan/TP-Link-ArcherC5-RCE

mbadanoiu/CVE-2025-20029

qwqoro/Mail-Injection

abrahim7112/hackers_CVE_2023_poc

gigaryte/cve-2022-31898

traumatism/raycharles

hartwork/antijack

MilindPurswani/hacker101

moeinfatehi/lfi-to-rce-scenario

twseptian/cve-2022-22947

v0lp3/CVE-2022-39073

0xNslabs/CVE-2022-36267-PoC

K3ysTr0K3R/CVE-2019-15107-EXPLOIT

Inplex-sys/CVE-2022-47966

superswan/CamMander

0xNslabs/CVE-2022-36553-PoC

abaykan/Labs

FOGSEC/awesome-web-security

m3z0diac/vuln-windows-application

SaraBaradaran/Web-Fuzzer

LinuxUser255/Web-Security-Academy-Series