exploit

There are 2266 repositories under exploit topic.

  • h4cker

    The-Art-of-Hacking/h4cker

    This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.

    Language:Jupyter Notebook16.9k865933k

  • vitalysim/Awesome-Hacking-Resources

    A collection of hacking / penetration testing resources to make you better!

    14.8k687272.1k

  • Gallopsled/pwntools

    CTF framework and exploit development library

    Language:Python11.6k2901k1.7k

  • SecWiki/windows-kernel-exploits

    windows-kernel-exploits Windows平台提权漏洞集合

    Language:C7.9k438162.8k
  • ysoserial

    frohoff/ysoserial

    A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

    Language:Java7.4k2161021.7k

  • edoardottt/awesome-hacker-search-engines

    A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

    Language:Shell6.8k10998639
  • gef

    hugsy/gef

    GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

    Language:Python6.6k135508710
  • traitor

    liamg/traitor

    :arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

    Language:Go6.5k12542581

  • Mr-xn/Penetration_Testing_POC

    渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

    Language:HTML6.2k25371.9k

  • trickest/cve

    Gather and update all available and newest CVEs with their PoC.

    Language:HTML6.2k32250775

  • yaklang/yakit

    Cyber Security ALL-IN-ONE Platform

    Language:TypeScript6.1k347733786

  • nomi-sec/PoC-in-GitHub

    📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

    6.1k412261.1k
  • K8tools

    k8gege/K8tools

    K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

    Language:PowerShell5.7k207282.1k

  • xairy/linux-kernel-exploitation

    A collection of links related to Linux kernel security and exploitation

    5.4k4114955

  • ihebski/DefaultCreds-cheat-sheet

    One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

    Language:Python5.4k8816676

  • SecWiki/linux-kernel-exploits

    linux-kernel-exploits Linux平台提权漏洞集合

    Language:C5.2k28641.7k

  • NullArray/AutoSploit

    Automated Mass Exploiter

    Language:Python4.9k2321.2k1.1k
  • Ladon

    k8gege/Ladon

    Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange

    Language:PowerShell4.6k8777855

  • AzeemIdrisi/PhoneSploit-Pro

    An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.

    Language:Python4.3k9950564

  • IAIK/meltdown

    This repository contains several applications, demonstrating the Meltdown bug.

    Language:C4.1k1520524

  • zhzyker/exphub

    Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

    Language:Python4k15151.1k

  • bitsadmin/wesng

    Windows Exploit Suggester - Next Generation

    Language:Python4k9755549

  • firmianay/CTF-All-In-One

    CTF竞赛权威指南

    Language:C3.8k13019688

  • lcvvvv/kscan

    Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议1200+,协议指纹10000+,应用指纹20000+,暴力破解协议10余种。

    Language:Go3.7k42140502

  • scipag/vulscan

    Advanced vulnerability scanning with Nmap NSE

    Language:Lua3.4k1360661

  • Threekiii/Awesome-Redteam

    一个攻防知识仓库 Red Teaming and Offensive Security

    Language:Python3.4k532585

  • zhzyker/vulmap

    Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

    Language:Python3.3k5374555

  • karma9874/AndroRAT

    A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side

    Language:Java2.8k141307933
  • Ghost

    EntySec/Ghost

    Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

    Language:Python2.6k188296910

  • mgeeky/Penetration-Testing-Tools

    A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

    Language:PowerShell2.5k846479

  • joaomatosf/jexboss

    JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

    Language:Python2.4k9561638
  • RootMyTV.github.io

    RootMyTV/RootMyTV.github.io

    RootMyTV is a user-friendly exploit for rooting/jailbreaking LG webOS smart TVs.

    Language:HTML2.1k6412563

  • david942j/one_gadget

    The best tool for finding one gadget RCE in libc.so.6

    Language:Ruby2k2733136

  • Notselwyn/CVE-2024-1086

    Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

    Language:C2k2214245

  • helloexp/0day

    各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新

    Language:C1.9k615777
  • pwn_jenkins

    gquere/pwn_jenkins

    Notes about attacking Jenkins servers

    Language:Python1.9k482321