whalebone7's Stars
gfek/Lepus
Subdomain finder
HernanRodriguez1/Dorks-Shodan-2023
Shodan Dorks 2023
ExpLangcn/NucleiTP
自动整合全网Nuclei的漏洞POC,实时同步更新最新POC!
Sicks3c/Reconizer
RhinoSecurityLabs/CVEs
A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.
Emoe/kxss
This a adaption of tomnomnom's kxss tool with a different output format
Ishanoshada/GDorks
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
vti/rxss
Find XSS on *your* website
fullspectrumdev/RancidCrisco
PoC for CVE-2023-20126
aeyesec/CVE-2022-34265
PoC for CVE-2022-34265 (Django)
tahtaciburak/CVE-2021-41277
PoC for CVE-2021-41277
sinsinology/CVE-2023-20887
VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)
WolfMan12333/SSwCV
SSwCV - Scanning Script with Check Vulns
horizon3ai/proxyshell
Proof of Concept for CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207
p2-98/CVE-2021-34473
CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability
qazbnm456/awesome-cve-poc
✍️ A curated list of CVE PoCs.
vulsio/go-exploitdb
Tool for searching Exploits from Exploit Databases, etc.
reznok/Spring4Shell-POC
Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit
kozmer/log4j-shell-poc
A Proof-Of-Concept for the CVE-2021-44228 vulnerability.
puzzlepeaches/Log4jHorizon
Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more.
whalebone7/IP-checker
IP Checker is a Bash tool that checks if an IP address or a list of IP addresses in a file contains a specified keyword in its HTTP response. It is useful for bug bounty hunters and security researchers to quickly identify potential vulnerabilities in web applications. # It can also be ran against alive websites
whalebone7/CertSub
CertSub is a Bash command-line tool that extracts subdomains associated with a domain name. It uses crt.sh to perform a search and returns a sorted, unique list. It's useful for reconnaissance, identifying attack vectors, or gaining insight into subdomains.
whalebone7/HashHound
This Bash script retrieves SSL/TLS certificates associated with a specified company name and searches Censys for their SHA256 fingerprints. The results are saved to a file.
whalebone7/bbscope
awesome tool.
Wangyanan131/CVE-2022-31061
PoC for GLPI CVE-2022-31061
yetingli/PoCs
A list of CVE's with Proof of Concepts
me2nuk/CVE-2022-22965
Spring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965
nxtexploit/CVE-2022-26134
Atlassian Confluence (CVE-2022-26134) - Unauthenticated Remote code execution (RCE)
bug-vs-me/h1-asset-fetcher
Tools for bug bounty
whalebone7/CveLooker
This light weight tool allows you to search for Common Vulnerabilities and Exposures (CVEs) based on a vulnerability keyword and an optional year filter.