Repository navigation

poc

Website
Wikipedia

chaitin / xray

一款长亭自研的完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

安全 vulnerability vulnerability-scanner passive-vulnerability-scanner xss sqlinjection poc

Vue

10826

1851

6 个月前

frohoff / ysoserial

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Java deserialization gadget Exploit javadeser serialization poc vulnerability

Java

8148

1789

1 年前

trickest / cve

Gather and update all available and newest CVEs with their PoC.

poc Common Vulnerabilities and Exposures (CVE)cve-poc latest-cve vulnerability vulnerabilities software-vulnerabilities software-security Exploit 安全 Cybersecurity Hacking pentesting penetration-testing red-team software-vulnerability

HTML

6898

874

1 天前

nomi-sec / PoC-in-GitHub

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

安全 Common Vulnerabilities and Exposures (CVE)Exploit poc vulnerability

6849

1219

3 小时前

Mr-xn / Penetration_Testing_POC

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

penetration-testing poc getshell csrf penetration-testing-poc csrf-webshell Common Vulnerabilities and Exposures (CVE)rce sql-poc poc-exp bypass thinkphp cobalt-strike Exploit

HTML

6810

1980

20 天前

k8gege / K8tools

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Exploit 0day poc getshell pentest Hacking scanner privilege-escalation bypass crack brute-force password 数据库 exp lpe rce

PowerShell

5962

2069

3 个月前

ffffffff0x / 1earn

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

markdown-article Linux 学习 pentest study 安全 collection blueteam redteam post-penetration ics-security writeup pentest-tool poc ctf Cybersecurity Hacking

C++

5485

1254

10 个月前

k8gege / Ladon

Ladon大型内网渗透扫描器，PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)或方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等，大量高危漏洞检测模块MS17010、Zimbra、Exchange

scanner portscan pentest Hacking 安全 security-scanner poc getshell brute-force password 工具 hack exp ladon ipscanner Exploit

5024

878

1 个月前

wy876 / POC

收集整理漏洞EXP/POC,大部分漏洞来源网络，目前收集整理了1400多个poc/exp，长期更新。

poc

4909

1079

2 个月前

zhzyker / exphub

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

weblogic tomcat Exploit poc vulnerability exp webshell Drupal getshell nexus cve-2020-2555 cve-2020-1938 cve-2020-2883 cve-2020-2551 cve-2020-14882

Python

4198

1104

4 年前

Threekiii / Awesome-POC

一个漏洞 PoC 知识库。A knowledge base for vulnerability PoCs(Proof of Concept), with 1k+ vulnerabilities.

poc

Dockerfile

4085

876

5 天前

zan8in / afrog

A Security Tool for Bug Bounty, Pentest and Red Teaming.

vulnerability-scanner poc penetration-testing afrog vulnerability-scanning-tools Bug Bounty pentest red-teaming

3787

415

9 天前

qazbnm456 / awesome-cve-poc

✍️ A curated list of CVE PoCs.

Awesome Lists Common Vulnerabilities and Exposures (CVE)poc

3389

725

3 年前

Notselwyn / CVE-2024-1086

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

Common Vulnerabilities and Exposures (CVE)Exploit lpe poc cve-2024-1086

2357

314

1 年前

tr0uble-mAker / POC-bomber

利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点

poc vulnerability-scanner poc-bomber Common Vulnerabilities and Exposures (CVE)rce getshell redteam exp

Python

2301

385

2 年前

Ascotbe / Medusa

🐈Medusa是一个红队武器库平台，目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能，持续开发中

poc exp payload medusa Common Vulnerabilities and Exposures (CVE)xss readteam dnslog virus email cobaltstrike metasploit-framework mail

Python

2191

336

1 年前

mai-lang-chai / Middleware-Vulnerability-detection

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

poc exp Common Vulnerabilities and Exposures (CVE)Python

Python

1902

534

4 年前

k8gege / LadonGo

Ladon for Kali 全平台开源内网渗透扫描器,Windows/Linux/Mac/路由器内网渗透，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

scanner portscan smbscan sshscan mysqlscan ftpscan bannerscan ms17010 brute-force detection Exploit poc hacktools 安全

1656

301

1 年前