exploit
There are 2910 repositories under exploit topic.
The-Art-of-Hacking/h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
vitalysim/Awesome-Hacking-Resources
A collection of hacking / penetration testing resources to make you better!
Gallopsled/pwntools
CTF framework and exploit development library
edoardottt/awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
friuns2/BlackFriday-GPTs-Prompts
List of free GPTs that doesn't require plus subscription
frohoff/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
SecWiki/windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
hugsy/gef
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
nomi-sec/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
trickest/cve
Gather and update all available and newest CVEs with their PoC.
Mr-xn/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
liamg/traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
yaklang/yakit
Cyber Security ALL-IN-ONE Platform
ihebski/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
xairy/linux-kernel-exploitation
A collection of links related to Linux kernel security and exploitation
k8gege/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
SecWiki/linux-kernel-exploits
linux-kernel-exploits Linux平台提权漏洞集合
AzeemIdrisi/PhoneSploit-Pro
An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
k8gege/Ladon
Ladon大型内网渗透扫描器,PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)或方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等,大量高危漏洞检测模块MS17010、Zimbra、Exchange
NullArray/AutoSploit
Automated Mass Exploiter
bitsadmin/wesng
Windows Exploit Suggester - Next Generation
firmianay/CTF-All-In-One
CTF竞赛权威指南
zhzyker/exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
lcvvvv/kscan
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议1200+,协议指纹10000+,应用指纹20000+,暴力破解协议10余种。
isec-tugraz/meltdown
This repository contains several applications, demonstrating the Meltdown bug.
karma9874/AndroRAT
A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side
Threekiii/Awesome-Redteam
一个攻防知识库。A knowledge base for red teaming and offensive security.
scipag/vulscan
Advanced vulnerability scanning with Nmap NSE
zhzyker/vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
EntySec/Ghost
Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.
mgeeky/Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
blackorbird/APT_REPORT
Interesting APT Report Collection And Some Special IOCs
joaomatosf/jexboss
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
Notselwyn/CVE-2024-1086
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
RootMyTV/RootMyTV.github.io
RootMyTV is a user-friendly exploit for rooting/jailbreaking LG webOS smart TVs.
david942j/one_gadget
The best tool for finding one gadget RCE in libc.so.6