Common Vulnerabilities and Exposures (CVE)

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

Gather and update all available and newest CVEs with their PoC.

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Open Source Vulnerability Management Platform

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

面向网络安全从业者的知识文库🍃 (停止更新)

快速搭建各种漏洞环境(Various vulnerability environment)

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

✍️ A curated list of CVE PoCs.

🌴Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)

cve-search - a tool to perform local searches for known vulnerabilities

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.

利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点

A collection of JavaScript engine CVEs with PoCs

Vulnerability Intelligence Platform

🐈Medusa是一个红队武器库平台，目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能，持续开发中

一个基于 docsify 快速部署 Awesome-POC 漏洞文档的项目。Deploying the Awesome-POC repository via docsify.