all Top Top Top_Codeql TOP All bugbounty pentesting CVE-2022- POC Exp Things
- 2024 year top total 30
- 2023 year top total 30
- 2022 year top total 30
- 2021 year top total 30
- 2020 year top total 30
- 2019 year top total 30
- 2018 year top total 30
- 2017 year top total 30
- 2016 year top total 30
- 2015 year top total 30
| star | updated_at | name | url | des |
|---|---|---|---|---|
| 1912 | 2024-05-06T20:49:46Z | CVE-2024-1086 | https://github.com/Notselwyn/CVE-2024-1086 | Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images. |
| 3453 | 2024-05-06T21:13:58Z | xzbot | https://github.com/amlweems/xzbot | notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) |
| 169 | 2024-05-06T11:59:09Z | CVE-2024-23897 | https://github.com/h4x0r-dz/CVE-2024-23897 | CVE-2024-23897 |
| 211 | 2024-05-06T16:30:09Z | CVE-2024-21338 | https://github.com/hakaioffsec/CVE-2024-21338 | Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled. |
| 587 | 2024-05-07T00:12:06Z | CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability | https://github.com/xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability | Microsoft-Outlook-Remote-Code-Execution-Vulnerability |
| 189 | 2024-05-06T18:18:02Z | CVE-2024-21111 | https://github.com/mansk1es/CVE-2024-21111 | Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability |
| 143 | 2024-05-01T21:26:49Z | CVE-2024-21413 | https://github.com/duy-31/CVE-2024-21413 | Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC |
| 124 | 2024-05-03T20:41:04Z | CVE-2024-25600 | https://github.com/Chocapikk/CVE-2024-25600 | Unauthenticated Remote Code Execution – Bricks <= 1.9.6 |
| 119 | 2024-04-29T03:50:33Z | CVE-2024-27198-RCE | https://github.com/W01fh4cker/CVE-2024-27198-RCE | CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4 |
| 40 | 2024-05-03T11:42:11Z | CVE-2024-3400 | https://github.com/0x0d3ad/CVE-2024-3400 | CVE-2024-3400 |
| 128 | 2024-05-05T19:29:03Z | CVE-2024-3400 | https://github.com/h4x0r-dz/CVE-2024-3400 | CVE-2024-3400 Palo Alto OS Command Injection |
| 88 | 2024-03-23T17:09:36Z | ScreenConnect-AuthBypass-RCE | https://github.com/W01fh4cker/ScreenConnect-AuthBypass-RCE | ScreenConnect AuthBypass(cve-2024-1709) --> RCE!!! |
| 112 | 2024-04-27T08:10:25Z | CVE-2024-20656 | https://github.com/Wh04m1001/CVE-2024-20656 | |
| 94 | 2024-05-02T16:00:24Z | CVE-2024-21762 | https://github.com/h4x0r-dz/CVE-2024-21762 | out-of-bounds write in Fortinet FortiOS CVE-2024-21762 vulnerability |
| 56 | 2024-05-06T23:50:27Z | CVE-2024-21345 | https://github.com/exploits-forsale/CVE-2024-21345 | Proof-of-Concept for CVE-2024-21345 |
| 47 | 2024-04-27T08:51:59Z | CVE-2024-23897 | https://github.com/xaitax/CVE-2024-23897 | CVE-2024-23897 |
| 67 | 2024-04-29T04:36:42Z | CVE-2024-3273 | https://github.com/Chocapikk/CVE-2024-3273 | D-Link NAS CVE-2024-3273 Exploit Tool |
| 76 | 2024-04-28T09:36:31Z | io_uring_LPE-CVE-2024-0582 | https://github.com/ysanatomic/io_uring_LPE-CVE-2024-0582 | LPE exploit for CVE-2024-0582 (io_uring) |
| 85 | 2024-04-30T07:32:36Z | CVE-2024-21893.py | https://github.com/h4x0r-dz/CVE-2024-21893.py | CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure |
| 97 | 2024-04-27T08:51:59Z | CVE-2024-23897 | https://github.com/binganao/CVE-2024-23897 | |
| 71 | 2024-04-09T17:37:23Z | CVE-2024-20931 | https://github.com/GlassyAmadeus/CVE-2024-20931 | The Poc for CVE-2024-20931 |
| 71 | 2024-05-06T09:48:48Z | CVE-2024-3094-checker | https://github.com/FabioBaroni/CVE-2024-3094-checker | Quick and dirty PoC for checking whether a vulnerable version of xz-utils is installed (CVE-2024-3094) |
| 137 | 2024-05-04T08:26:03Z | xz-vulnerable-honeypot | https://github.com/lockness-Ko/xz-vulnerable-honeypot | An ssh honeypot with the XZ backdoor. CVE-2024-3094 |
| 86 | 2024-04-30T19:38:16Z | cve-2024-21762-check | https://github.com/BishopFox/cve-2024-21762-check | Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762 |
| 43 | 2024-04-26T05:00:24Z | CVE-2024-21887 | https://github.com/Chocapikk/CVE-2024-21887 | A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. |
| 40 | 2024-05-03T18:38:52Z | CVE-2024-26218 | https://github.com/exploits-forsale/CVE-2024-26218 | Proof-of-Concept for CVE-2024-26218 |
| 61 | 2024-04-30T04:20:49Z | CVE-2024-21626 | https://github.com/NitroCao/CVE-2024-21626 | PoC and Detection for CVE-2024-21626 |
| 53 | 2024-05-04T11:55:50Z | CVE-2024-23897 | https://github.com/wjlin0/CVE-2024-23897 | CVE-2024-23897 - Jenkins 任意文件读取 利用工具 |
| 50 | 2024-05-01T20:56:54Z | CVE-2024-3094-info | https://github.com/byinarie/CVE-2024-3094-info | Information for CVE-2024-3094 |
| 39 | 2024-04-10T08:47:37Z | CVE-2024-25153 | https://github.com/nettitude/CVE-2024-25153 | Proof-of-concept exploit for CVE-2024-25153. |
| star | updated_at | name | url | des |
|---|---|---|---|---|
| 421 | 2024-04-08T16:13:56Z | qq-tim-elevation | https://github.com/vi3t1/qq-tim-elevation | CVE-2023-34312 |
| 1237 | 2024-05-07T00:00:46Z | cvelist | https://github.com/CVEProject/cvelist | Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023 |
| 770 | 2024-04-29T05:25:33Z | CVE-2023-38831-winrar-exploit | https://github.com/b1tg/CVE-2023-38831-winrar-exploit | CVE-2023-38831 winrar exploit generator |
| 470 | 2024-04-30T17:17:20Z | Windows_LPE_AFD_CVE-2023-21768 | https://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768 | LPE exploit for CVE-2023-21768 |
| 361 | 2024-05-02T10:58:25Z | CVE-2023-32233 | https://github.com/Liuk3r/CVE-2023-32233 | CVE-2023-32233: Linux内核中的安全漏洞 |
| 374 | 2024-04-28T09:36:06Z | CVE-2023-0386 | https://github.com/xkaneiki/CVE-2023-0386 | CVE-2023-0386在ubuntu22.04上的提权 |
| 372 | 2024-04-28T09:36:20Z | CVE-2023-4911 | https://github.com/leesh3288/CVE-2023-4911 | PoC for CVE-2023-4911 |
| 303 | 2024-04-29T05:10:19Z | CVE-2023-21752 | https://github.com/Wh04m1001/CVE-2023-21752 | |
| 618 | 2024-04-30T18:14:22Z | keepass-password-dumper | https://github.com/vdohney/keepass-password-dumper | Original PoC for CVE-2023-32784 |
| 263 | 2024-04-27T08:51:41Z | CVE-2023-21608 | https://github.com/hacksysteam/CVE-2023-21608 | Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit |
| 33 | 2024-04-25T14:20:01Z | CVE-2023-21839 | https://github.com/ASkyeye/CVE-2023-21839 | Weblogic CVE-2023-21839 RCE (无需Java依赖一键RCE) |
| 280 | 2024-04-25T00:51:09Z | CVE-2023-4863 | https://github.com/mistymntncop/CVE-2023-4863 | |
| 214 | 2024-04-30T08:34:11Z | CVE-2023-44487 | https://github.com/bcdannyboy/CVE-2023-44487 | Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487 |
| 228 | 2024-04-28T09:36:17Z | CVE-2023-36874 | https://github.com/Wh04m1001/CVE-2023-36874 | |
| 159 | 2024-05-04T03:39:28Z | CVE-2023-36745 | https://github.com/N1k0la-T/CVE-2023-36745 | |
| 226 | 2024-04-07T08:37:12Z | CVE-2023-20887 | https://github.com/sinsinology/CVE-2023-20887 | VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887) |
| 338 | 2024-04-30T18:14:20Z | CVE-2023-23397-POC-Powershell | https://github.com/api0cradle/CVE-2023-23397-POC-Powershell | |
| 132 | 2024-04-30T19:29:55Z | CVE-2023-34362 | https://github.com/horizon3ai/CVE-2023-34362 | MOVEit CVE-2023-34362 |
| 235 | 2024-05-06T09:34:16Z | CVE-2023-7028 | https://github.com/Vozec/CVE-2023-7028 | This repository presents a proof-of-concept of CVE-2023-7028 |
| 210 | 2024-05-02T10:58:25Z | CVE-2023-3519 | https://github.com/BishopFox/CVE-2023-3519 | RCE exploit for CVE-2023-3519 |
| 167 | 2024-04-26T08:54:25Z | CVE-2023-28252 | https://github.com/fortra/CVE-2023-28252 | |
| 213 | 2024-04-30T15:35:48Z | Weblogic-CVE-2023-21839 | https://github.com/DXask88MA/Weblogic-CVE-2023-21839 | |
| 185 | 2024-05-02T10:58:26Z | CVE-2023-46747-RCE | https://github.com/W01fh4cker/CVE-2023-46747-RCE | exploit for f5-big-ip RCE cve-2023-46747 |
| 158 | 2024-05-06T16:06:48Z | CVE-2023-23397_EXPLOIT_0DAY | https://github.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY | Exploit for the CVE-2023-23397 |
| 150 | 2024-04-30T17:38:08Z | CVE-2023-25157 | https://github.com/win3zz/CVE-2023-25157 | CVE-2023-25157 - GeoServer SQL Injection - PoC |
| 212 | 2024-04-30T18:14:23Z | CVE-2023-29357 | https://github.com/Chocapikk/CVE-2023-29357 | Microsoft SharePoint Server Elevation of Privilege Vulnerability |
| 251 | 2024-05-04T15:50:35Z | CVE-2023-25690-POC | https://github.com/dhmosfunk/CVE-2023-25690-POC | CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability. |
| 141 | 2024-04-27T08:51:54Z | CVE-2023-2825 | https://github.com/Occamsec/CVE-2023-2825 | GitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the /etc/passwd file from a system running GitLab 16.0.0. |
| 159 | 2024-05-04T13:10:56Z | CVE-2023-4911 | https://github.com/RickdeJager/CVE-2023-4911 | CVE-2023-4911 proof of concept |
| 147 | 2024-04-28T09:36:20Z | Windows_MSKSSRV_LPE_CVE-2023-36802 | https://github.com/chompie1337/Windows_MSKSSRV_LPE_CVE-2023-36802 | LPE exploit for CVE-2023-36802 |
| star | updated_at | name | url | des |
|---|---|---|---|---|
| 427 | 2024-05-03T10:18:26Z | CVE-2022-25636 | https://github.com/Bonfee/CVE-2022-25636 | CVE-2022-25636 |
| 458 | 2024-04-24T17:28:45Z | CVE-2022-21882 | https://github.com/KaLendsi/CVE-2022-21882 | win32k LPE |
| 695 | 2024-04-27T08:51:15Z | CVE-2022-29072 | https://github.com/kagancapar/CVE-2022-29072 | 7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. |
| 1075 | 2024-05-02T00:51:07Z | CVE-2022-0847-DirtyPipe-Exploit | https://github.com/Arinerron/CVE-2022-0847-DirtyPipe-Exploit | A root exploit for CVE-2022-0847 (Dirty Pipe) |
| 363 | 2024-04-28T09:35:31Z | CVE-2022-0185 | https://github.com/Crusaders-of-Rust/CVE-2022-0185 | CVE-2022-0185 |
| 495 | 2024-05-03T10:27:19Z | CVE-2022-0995 | https://github.com/Bonfee/CVE-2022-0995 | CVE-2022-0995 exploit |
| 557 | 2024-04-24T11:28:22Z | CVE-2022-23222 | https://github.com/tr3ee/CVE-2022-23222 | CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation |
| 217 | 2024-04-08T16:54:31Z | Spring-Cloud-Gateway-CVE-2022-22947 | https://github.com/lucksec/Spring-Cloud-Gateway-CVE-2022-22947 | CVE-2022-22947 |
| 530 | 2024-04-02T18:59:23Z | OpenSSL-2022 | https://github.com/NCSC-NL/OpenSSL-2022 | Operational information regarding CVE-2022-3602 and CVE-2022-3786, two vulnerabilities in OpenSSL 3 |
| 360 | 2024-04-24T17:28:44Z | CVE-2022-21907 | https://github.com/ZZ-SOCMAP/CVE-2022-21907 | HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907 |
| 328 | 2024-04-30T19:28:02Z | CVE-2022-40684 | https://github.com/horizon3ai/CVE-2022-40684 | A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager |
| 362 | 2024-04-28T00:38:08Z | CVE-2022-29464 | https://github.com/hakivvi/CVE-2022-29464 | WSO2 RCE (CVE-2022-29464) exploit and writeup. |
| 461 | 2024-04-30T18:14:17Z | CVE-2022-2588 | https://github.com/Markakd/CVE-2022-2588 | exploit for CVE-2022-2588 |
| 368 | 2024-04-21T17:08:06Z | CVE-2022-39197 | https://github.com/its-arun/CVE-2022-39197 | CobaltStrike <= 4.7.1 RCE |
| 392 | 2024-04-26T12:25:27Z | CVE-2022-33679 | https://github.com/Bdenneu/CVE-2022-33679 | One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html |
| 509 | 2024-05-05T15:40:34Z | CVE-2022-0847-DirtyPipe-Exploits | https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits | A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. |
| 272 | 2024-05-06T10:04:40Z | CVE-2022-0847 | https://github.com/r1is/CVE-2022-0847 | CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞(Dirty Cow),但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe” |
| 454 | 2024-04-27T23:20:06Z | CVE-2022-27254 | https://github.com/nonamecoder/CVE-2022-27254 | PoC for vulnerability in Honda's Remote Keyless System(CVE-2022-27254) |
| 304 | 2024-04-23T03:10:44Z | CVE-2022-39197-patch | https://github.com/burpheart/CVE-2022-39197-patch | CVE-2022-39197 漏洞补丁. CVE-2022-39197 Vulnerability Patch. |
| 303 | 2024-04-29T10:29:30Z | CVE-2022-21971 | https://github.com/0vercl0k/CVE-2022-21971 | PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability" |
| 307 | 2024-04-17T21:47:27Z | Spring4Shell-POC | https://github.com/reznok/Spring4Shell-POC | Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit |
| 276 | 2024-04-16T21:12:53Z | CVE-2022-21894 | https://github.com/Wack0/CVE-2022-21894 | baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability |
| 267 | 2024-04-24T17:29:25Z | CVE-2022-39952 | https://github.com/horizon3ai/CVE-2022-39952 | POC for CVE-2022-39952 |
| 271 | 2024-04-18T09:46:55Z | cve-2022-27255 | https://github.com/infobyte/cve-2022-27255 | |
| 192 | 2024-02-27T03:23:32Z | CVE-2022-21882 | https://github.com/L4ys/CVE-2022-21882 | |
| 116 | 2024-04-17T21:47:32Z | CVE-2022-22963 | https://github.com/dinosn/CVE-2022-22963 | CVE-2022-22963 PoC |
| 187 | 2024-04-08T16:54:33Z | CVE-2022-0778 | https://github.com/drago-96/CVE-2022-0778 | Proof of concept for CVE-2022-0778, which triggers an infinite loop in parsing X.509 certificates due to a bug in BN_mod_sqrt |
| 285 | 2024-03-05T15:01:30Z | VMware-CVE-2022-22954 | https://github.com/sherlocksecurity/VMware-CVE-2022-22954 | POC for VMWARE CVE-2022-22954 |
| 237 | 2024-04-24T17:28:46Z | CVE-2022-20699 | https://github.com/Audiobahn/CVE-2022-20699 | Cisco Anyconnect VPN unauth RCE (rwx stack) |
| 206 | 2024-03-22T14:16:55Z | CVE-2022-30075 | https://github.com/aaronsvk/CVE-2022-30075 | Tp-Link Archer AX50 Authenticated RCE (CVE-2022-30075) |
| star | updated_at | name | url | des |
|---|---|---|---|---|
| 1302 | 2024-05-04T07:46:40Z | noPac | https://github.com/cube0x0/noPac | CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter. |
| 1915 | 2024-05-06T21:54:43Z | CVE-2021-4034 | https://github.com/berdav/CVE-2021-4034 | CVE-2021-4034 1day |
| 1792 | 2024-05-06T09:33:38Z | CVE-2021-1675 | https://github.com/cube0x0/CVE-2021-1675 | C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527 |
| 1535 | 2024-05-02T02:48:16Z | CVE-2021-40444 | https://github.com/lockedbyte/CVE-2021-40444 | CVE-2021-40444 PoC |
| 1021 | 2024-04-24T19:49:16Z | CVE-2021-4034 | https://github.com/arthepsy/CVE-2021-4034 | PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034) |
| 969 | 2024-05-06T21:27:28Z | CVE-2021-1675 | https://github.com/calebstewart/CVE-2021-1675 | Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare) |
| 925 | 2024-05-05T10:26:45Z | CVE-2021-3156 | https://github.com/blasty/CVE-2021-3156 | |
| 475 | 2024-04-29T08:11:53Z | CVE-2021-21972 | https://github.com/NS-Sp4ce/CVE-2021-21972 | CVE-2021-21972 Exploit |
| 959 | 2024-04-25T23:39:24Z | sam-the-admin | https://github.com/safebuffer/sam-the-admin | Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user |
| 784 | 2024-05-03T06:56:14Z | CVE-2021-40444 | https://github.com/klezVirus/CVE-2021-40444 | CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit |
| 413 | 2024-04-30T02:07:30Z | CVE-2021-1732-Exploit | https://github.com/KaLendsi/CVE-2021-1732-Exploit | CVE-2021-1732 Exploit |
| 709 | 2024-05-01T05:19:34Z | CVE-2021-3156 | https://github.com/worawit/CVE-2021-3156 | Sudo Baron Samedit Exploit |
| 823 | 2024-05-04T13:12:50Z | CVE-2021-31166 | https://github.com/0vercl0k/CVE-2021-31166 | Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely. |
| 850 | 2024-04-29T22:24:47Z | CVE-2021-44228-Scanner | https://github.com/logpresso/CVE-2021-44228-Scanner | Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228 |
| 1753 | 2024-05-06T10:26:57Z | log4j-shell-poc | https://github.com/kozmer/log4j-shell-poc | A Proof-Of-Concept for the CVE-2021-44228 vulnerability. |
| 330 | 2024-04-24T17:28:13Z | CVE-2021-1675-LPE | https://github.com/hlldz/CVE-2021-1675-LPE | Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527 |
| 391 | 2024-04-29T04:16:31Z | CVE-2021-3493 | https://github.com/briskets/CVE-2021-3493 | Ubuntu OverlayFS Local Privesc |
| 160 | 2024-04-24T17:27:57Z | exprolog | https://github.com/herwonowr/exprolog | ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065) |
| 723 | 2024-05-06T06:33:08Z | noPac | https://github.com/Ridter/noPac | Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user |
| 1092 | 2024-05-04T17:46:39Z | log4shell-vulnerable-app | https://github.com/christophetd/log4shell-vulnerable-app | Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228). |
| 431 | 2024-04-30T05:33:36Z | CVE-2021-3156 | https://github.com/stong/CVE-2021-3156 | PoC for CVE-2021-3156 (sudo heap overflow) |
| 174 | 2024-02-20T07:02:36Z | ProxyVulns | https://github.com/hosch3n/ProxyVulns | [ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains. [ProxyShell] CVE-2021-34473 & CVE-2021-34523 & CVE-2021-31207 Exploit Chains. |
| 434 | 2024-04-08T16:54:19Z | log4j-finder | https://github.com/fox-it/log4j-finder | Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105) |
| 254 | 2024-04-24T17:28:33Z | CVE-2021-22205 | https://github.com/Al1ex/CVE-2021-22205 | CVE-2021-22205& GitLab CE/EE RCE |
| 148 | 2024-03-05T13:59:06Z | CVE-2021-41773_CVE-2021-42013 | https://github.com/inbug-team/CVE-2021-41773_CVE-2021-42013 | CVE-2021-41773 CVE-2021-42013漏洞批量检测工具 |
| 3353 | 2024-05-01T12:26:22Z | log4j-scan | https://github.com/fullhunt/log4j-scan | A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 |
| 245 | 2024-04-30T19:30:55Z | CVE-2021-21972 | https://github.com/horizon3ai/CVE-2021-21972 | Proof of Concept Exploit for vCenter CVE-2021-21972 |
| 347 | 2024-05-04T03:47:18Z | CVE-2021-44228_scanner | https://github.com/CERTCC/CVE-2021-44228_scanner | Scanners for Jar files that may be vulnerable to CVE-2021-44228 |
| 348 | 2024-03-25T16:54:59Z | Grafana-CVE-2021-43798 | https://github.com/jas502n/Grafana-CVE-2021-43798 | Grafana Unauthorized arbitrary file reading vulnerability |
| 262 | 2024-04-14T08:30:27Z | laravel-exploits | https://github.com/ambionics/laravel-exploits | Exploit for CVE-2021-3129 |
| star | updated_at | name | url | des |
|---|---|---|---|---|
| 4029 | 2024-05-06T20:15:48Z | exphub | https://github.com/zhzyker/exphub | Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340 |
| 1689 | 2024-05-06T23:24:43Z | CVE-2020-1472 | https://github.com/SecuraBV/CVE-2020-1472 | Test tool for CVE-2020-1472 |
| 1931 | 2024-05-03T12:48:53Z | weblogicScanner | https://github.com/0xn0ne/weblogicScanner | weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883 |
| 1292 | 2024-05-05T13:05:04Z | CVE-2020-0796 | https://github.com/danigargu/CVE-2020-0796 | CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost |
| 1145 | 2024-05-05T11:43:42Z | CVE-2020-1472 | https://github.com/dirkjanm/CVE-2020-1472 | PoC for Zerologon - all research credits go to Tom Tervoort of Secura |
| 281 | 2024-04-15T17:24:38Z | CVE-2020-14882 | https://github.com/jas502n/CVE-2020-14882 | CVE-2020–14882、CVE-2020–14883 |
| 322 | 2024-05-02T10:58:18Z | cve-2020-0688 | https://github.com/Ridter/cve-2020-0688 | cve-2020-0688 |
| 601 | 2024-05-04T05:02:45Z | zerologon | https://github.com/risksense/zerologon | Exploit for zerologon cve-2020-1472 |
| 652 | 2024-05-06T20:49:33Z | SMBGhost | https://github.com/ly4k/SMBGhost | Scanner for CVE-2020-0796 - SMBv3 RCE |
| 332 | 2024-04-26T09:59:14Z | CVEAC-2020 | https://github.com/thesecretclub/CVEAC-2020 | EasyAntiCheat Integrity check bypass by mimicking memory changes |
| 370 | 2024-03-23T16:43:51Z | CVE-2020-5902 | https://github.com/jas502n/CVE-2020-5902 | CVE-2020-5902 BIG-IP |
| 133 | 2024-01-13T03:00:02Z | CVE_2020_2546 | https://github.com/hktalent/CVE_2020_2546 | CVE-2020-2546,CVE-2020-2915 CVE-2020-2801 CVE-2020-2798 CVE-2020-2883 CVE-2020-2884 CVE-2020-2950 WebLogic T3 payload exploit poc python3, |
| 510 | 2024-04-12T11:31:19Z | CVE-2020-0796-RCE-POC | https://github.com/jamf/CVE-2020-0796-RCE-POC | CVE-2020-0796 Remote Code Execution POC |
| 214 | 2024-04-17T04:06:15Z | SAP_RECON | https://github.com/chipik/SAP_RECON | PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability) |
| 292 | 2024-04-24T18:17:49Z | CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner | https://github.com/bkfish/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner | Cnvd-2020-10487 / cve-2020-1938, scanner tool |
| 334 | 2024-04-28T18:47:29Z | CVE-2020-2551 | https://github.com/Y4er/CVE-2020-2551 | Weblogic IIOP CVE-2020-2551 |
| 344 | 2024-04-09T06:23:23Z | CVE-2020-0688 | https://github.com/zcgonvh/CVE-2020-0688 | Exploit and detect tools for CVE-2020-0688 |
| 161 | 2024-04-28T09:35:04Z | cve-2020-0688 | https://github.com/random-robbie/cve-2020-0688 | cve-2020-0688 |
| 252 | 2024-05-06T20:49:54Z | BlueGate | https://github.com/ly4k/BlueGate | PoC (DoS + scanner) for CVE-2020-0609 & CVE-2020-0610 - RD Gateway RCE |
| 715 | 2024-04-24T02:13:53Z | CVE-2020-0787-EXP-ALL-WINDOWS-VERSION | https://github.com/cbwang505/CVE-2020-0787-EXP-ALL-WINDOWS-VERSION | Support ALL Windows Version |
| 887 | 2024-01-23T06:15:14Z | CurveBall | https://github.com/ly4k/CurveBall | PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll) |
| 93 | 2024-03-19T02:10:26Z | dnspooq | https://github.com/knqyf263/dnspooq | DNSpooq - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685) |
| 364 | 2024-05-03T16:20:30Z | CVE-2020-1472 | https://github.com/VoidSec/CVE-2020-1472 | Exploit Code for CVE-2020-1472 aka Zerologon |
| 318 | 2024-04-21T08:20:55Z | CVE-2020-0796-PoC | https://github.com/eerykitty/CVE-2020-0796-PoC | PoC for triggering buffer overflow via CVE-2020-0796 |
| 340 | 2024-04-27T16:22:41Z | chainoffools | https://github.com/kudelskisecurity/chainoffools | A PoC for CVE-2020-0601 |
| 337 | 2024-04-04T18:40:19Z | CVE-2020-0683 | https://github.com/padovah4ck/CVE-2020-0683 | CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege |
| 214 | 2024-04-22T05:19:14Z | CVE-2020-0041 | https://github.com/bluefrostsecurity/CVE-2020-0041 | Exploits for Android Binder bug CVE-2020-0041 |
| 116 | 2023-12-26T07:18:14Z | CVE-2020-11651-poc | https://github.com/jasperla/CVE-2020-11651-poc | PoC exploit of CVE-2020-11651 and CVE-2020-11652 |
| 341 | 2024-04-17T21:57:30Z | Ghostcat-CNVD-2020-10487 | https://github.com/00theway/Ghostcat-CNVD-2020-10487 | Ghostcat read file/code execute,CNVD-2020-10487(CVE-2020-1938) |
| 407 | 2024-04-24T17:28:12Z | CVE-2020-15368 | https://github.com/stong/CVE-2020-15368 | CVE-2020-15368, aka "How to exploit a vulnerable driver" |
| star | updated_at | name | url | des |
|---|---|---|---|---|
| 4029 | 2024-05-06T20:15:48Z | exphub | https://github.com/zhzyker/exphub | Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340 |
| 1931 | 2024-05-03T12:48:53Z | weblogicScanner | https://github.com/0xn0ne/weblogicScanner | weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883 |
| 1783 | 2024-04-15T17:25:31Z | phuip-fpizdam | https://github.com/neex/phuip-fpizdam | Exploit for CVE-2019-11043 |
| 1164 | 2024-05-05T09:35:05Z | BlueKeep | https://github.com/Ekultek/BlueKeep | Proof of concept for CVE-2019-0708 |
| 491 | 2024-01-04T16:34:00Z | CVE-2019-0708 | https://github.com/n1xbyte/CVE-2019-0708 | dump |
| 386 | 2024-04-19T08:11:55Z | CVE-2019-0708 | https://github.com/k8gege/CVE-2019-0708 | 3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check) |
| 631 | 2024-03-31T07:39:57Z | CVE-2019-5736-PoC | https://github.com/Frichetten/CVE-2019-5736-PoC | PoC for CVE-2019-5736 |
| 316 | 2024-03-13T23:29:27Z | CVE-2019-2107 | https://github.com/marcinguy/CVE-2019-2107 | CVE-2019-2107 |
| 439 | 2024-04-01T12:43:34Z | CVE-2019-2725 | https://github.com/lufeirider/CVE-2019-2725 | CVE-2019-2725 命令回显 |
| 570 | 2024-02-25T21:00:40Z | cve-2019-19781 | https://github.com/trustedsec/cve-2019-19781 | This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first. |
| 784 | 2024-05-05T21:53:19Z | esp32_esp8266_attacks | https://github.com/Matheus-Garbelini/esp32_esp8266_attacks | Proof of Concept of ESP32/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588) |
| 347 | 2024-04-29T00:45:47Z | COMahawk | https://github.com/apt69/COMahawk | Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322 |
| 360 | 2024-02-20T09:34:27Z | CVE-2019-11510 | https://github.com/projectzeroindia/CVE-2019-11510 | Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510) |
| 372 | 2024-02-18T23:31:33Z | CVE-2019-19781 | https://github.com/projectzeroindia/CVE-2019-19781 | Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ] |
| 317 | 2024-03-31T18:02:00Z | CVE-2019-13272 | https://github.com/jas502n/CVE-2019-13272 | Linux 4.10 < 5.1.17 PTRACE_TRACEME local root |
| 133 | 2023-09-28T10:59:47Z | CVE-2019-0604 | https://github.com/linhlhq/CVE-2019-0604 | CVE-2019-0604 |
| 615 | 2024-03-29T09:05:23Z | CVE-2019-11708 | https://github.com/0vercl0k/CVE-2019-11708 | Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit. |
| 242 | 2023-12-28T06:38:20Z | CVE-2019-0841 | https://github.com/rogue-kdc/CVE-2019-0841 | PoC code for CVE-2019-0841 Privilege Escalation vulnerability |
| 196 | 2024-04-13T23:10:16Z | CVE-2019-11932 | https://github.com/awakened1712/CVE-2019-11932 | Simple POC for exploiting WhatsApp double-free bug in DDGifSlurp in decoding.c in libpl_droidsonroids_gif |
| 335 | 2024-04-17T21:54:17Z | CVE-2019-18935 | https://github.com/noperator/CVE-2019-18935 | RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX. |
| 305 | 2024-03-27T12:46:25Z | cve-2019-1003000-jenkins-rce-poc | https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc | Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative) |
| 260 | 2023-09-28T10:59:41Z | CVE-2019-5786 | https://github.com/exodusintel/CVE-2019-5786 | FileReader Exploit |
| 267 | 2024-04-17T06:03:21Z | CVE-2019-11932 | https://github.com/dorkerdevil/CVE-2019-11932 | double-free bug in WhatsApp exploit poc |
| 248 | 2024-02-13T23:01:56Z | CVE-2019-1040 | https://github.com/Ridter/CVE-2019-1040 | CVE-2019-1040 with Exchange |
| 292 | 2024-01-12T13:09:17Z | bluekeep | https://github.com/0xeb-bp/bluekeep | Public work for CVE-2019-0708 |
| 885 | 2024-04-22T08:32:15Z | rdpscan | https://github.com/robertdavidgraham/rdpscan | A quick scanner for the CVE-2019-0708 "BlueKeep" vulnerability. |
| 4 | 2024-04-13T13:30:56Z | CVE-2019-0708 | https://github.com/victor0013/CVE-2019-0708 | Scanner PoC for CVE-2019-0708 RDP RCE vuln |
| 190 | 2024-04-22T01:13:44Z | CVE-2019-2725 | https://github.com/TopScrew/CVE-2019-2725 | CVE-2019-2725命令回显+webshell上传+最新绕过 |
| 227 | 2024-03-29T05:14:17Z | CVE-2019-9810 | https://github.com/0vercl0k/CVE-2019-9810 | Exploit for CVE-2019-9810 Firefox on Windows 64-bit. |
| 212 | 2024-01-09T13:17:32Z | CVE-2019-0192 | https://github.com/mpgn/CVE-2019-0192 | RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl |
| star | updated_at | name | url | des |
|---|---|---|---|---|
| 1931 | 2024-05-03T12:48:53Z | weblogicScanner | https://github.com/0xn0ne/weblogicScanner | weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883 |
| 491 | 2024-04-07T17:20:42Z | CVE-2018-8120 | https://github.com/rip1s/CVE-2018-8120 | CVE-2018-8120 Windows LPE exploit |
| 492 | 2024-03-05T09:50:25Z | CVE-2018-20250 | https://github.com/WyAtu/CVE-2018-20250 | exp for https://research.checkpoint.com/extracting-code-execution-from-winrar |
| 370 | 2024-03-16T17:21:41Z | Exchange2domain | https://github.com/Ridter/Exchange2domain | CVE-2018-8581 |
| 514 | 2024-05-05T19:08:48Z | CVE-2018-15473-Exploit | https://github.com/Rhynorater/CVE-2018-15473-Exploit | Exploit written in Python for CVE-2018-15473 with threading and export formats |
| 250 | 2024-04-28T13:36:48Z | CVE-2018-13379 | https://github.com/milo2012/CVE-2018-13379 | CVE-2018-13379 |
| 496 | 2024-04-23T03:40:37Z | CVE-2018-10933 | https://github.com/blacknbunny/CVE-2018-10933 | Spawn to shell without any credentials by using CVE-2018-10933 (LibSSH) |
| 515 | 2024-04-29T04:04:27Z | CVE-2018-9995_dvr_credentials | https://github.com/ezelf/CVE-2018-9995_dvr_credentials | (CVE-2018-9995) Get DVR Credentials |
| 273 | 2024-04-29T10:20:59Z | CVE-2018-0802 | https://github.com/rxwx/CVE-2018-0802 | PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882) |
| 408 | 2024-03-28T18:13:19Z | CVE-2018-8897 | https://github.com/can1357/CVE-2018-8897 | Arbitrary code execution with kernel privileges using CVE-2018-8897. |
| 344 | 2024-01-19T08:02:16Z | CVE-2018-7600 | https://github.com/a2u/CVE-2018-7600 | 💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002 |
| 294 | 2024-02-13T06:27:41Z | CVE-2018-8120 | https://github.com/alpha1ab/CVE-2018-8120 | CVE-2018-8120 Exploit for Win2003 Win2008 WinXP Win7 |
| 333 | 2024-01-04T16:29:16Z | CVE-2018-8581 | https://github.com/WyAtu/CVE-2018-8581 | CVE-2018-8581 |
| 79 | 2023-09-28T10:49:57Z | CVE-2018-2628 | https://github.com/shengqi158/CVE-2018-2628 | CVE-2018-2628 & CVE-2018-2893 |
| 145 | 2024-04-30T18:14:01Z | CVE-2018-13382 | https://github.com/milo2012/CVE-2018-13382 | CVE-2018-13382 |
| 503 | 2024-04-27T12:50:06Z | WinboxPoC | https://github.com/BasuCert/WinboxPoC | Proof of Concept of Winbox Critical Vulnerability (CVE-2018-14847) |
| 140 | 2024-04-23T19:59:36Z | CVE-2018-8174_EXP | https://github.com/Yt1g3r/CVE-2018-8174_EXP | CVE-2018-8174_python |
| 200 | 2024-01-04T16:24:03Z | CVE-2018-0296 | https://github.com/yassineaboukir/CVE-2018-0296 | Script to test for Cisco ASA path traversal vulnerability (CVE-2018-0296) and extract system information. |
| 301 | 2024-03-12T18:36:51Z | struts-pwn_CVE-2018-11776 | https://github.com/mazen160/struts-pwn_CVE-2018-11776 | An exploit for Apache Struts CVE-2018-11776 |
| 166 | 2023-10-28T08:27:47Z | CVE-2018-3245 | https://github.com/pyn3rd/CVE-2018-3245 | CVE-2018-3245-PoC |
| 164 | 2023-09-28T10:50:45Z | cve-2018-8120 | https://github.com/bigric3/cve-2018-8120 | |
| 121 | 2024-04-27T03:45:00Z | cve-2018-8453-exp | https://github.com/ze0r/cve-2018-8453-exp | cve-2018-8453 exp |
| 180 | 2024-02-23T18:18:50Z | CVE-2018-15982_EXP | https://github.com/Ridter/CVE-2018-15982_EXP | exp of CVE-2018-15982 |
| 168 | 2024-04-30T02:39:48Z | RTF_11882_0802 | https://github.com/Ridter/RTF_11882_0802 | PoC for CVE-2018-0802 And CVE-2017-11882 |
| 166 | 2024-01-09T13:17:15Z | CVE-2018-8174-msf | https://github.com/0x09AL/CVE-2018-8174-msf | CVE-2018-8174 - VBScript memory corruption exploit. |
| 120 | 2024-03-28T23:34:02Z | CVE-2018-7600 | https://github.com/pimps/CVE-2018-7600 | Exploit for Drupal 7 <= 7.57 CVE-2018-7600 |
| 262 | 2024-01-04T16:21:57Z | credssp | https://github.com/preempt/credssp | A code demonstrating CVE-2018-0886 |
| 60 | 2023-11-02T05:10:34Z | bluetoothdPoC | https://github.com/rani-i/bluetoothdPoC | CVE-2018-4087 PoC |
| 135 | 2024-01-04T16:24:46Z | CVE-2018-2894 | https://github.com/LandGrey/CVE-2018-2894 | CVE-2018-2894 WebLogic Unrestricted File Upload Lead To RCE Check Script |
| 130 | 2023-09-28T10:54:27Z | CVE-2018-17182 | https://github.com/jas502n/CVE-2018-17182 | Linux 内核VMA-UAF 提权漏洞(CVE-2018-17182),0day |
| star | updated_at | name | url | des |
|---|---|---|---|---|
| 535 | 2024-03-23T16:45:15Z | CVE-2017-11882 | https://github.com/Ridter/CVE-2017-11882 | CVE-2017-11882 from https://github.com/embedi/CVE-2017-11882 |
| 719 | 2024-04-17T13:53:57Z | CVE-2017-0199 | https://github.com/bhdresh/CVE-2017-0199 | Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a malicious RTF/PPSX file and deliver metasploit / meterpreter / other payload to victim without any complex configuration. |
| 1931 | 2024-05-03T12:48:53Z | weblogicScanner | https://github.com/0xn0ne/weblogicScanner | weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883 |
| 740 | 2024-05-05T09:56:40Z | spectre-attack | https://github.com/Eugnis/spectre-attack | Example of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715) |
| 494 | 2024-03-18T15:33:43Z | CVE-2017-11882 | https://github.com/embedi/CVE-2017-11882 | Proof-of-Concept exploits for CVE-2017-11882 |
| 456 | 2024-03-13T12:09:49Z | CVE-2017-0785 | https://github.com/ojasookert/CVE-2017-0785 | Blueborne CVE-2017-0785 Android information leak vulnerability |
| 381 | 2024-04-22T18:17:08Z | CVE-2017-12617 | https://github.com/cyberheartmi9/CVE-2017-12617 | Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution |
| 319 | 2024-02-23T19:34:15Z | CVE-2017-8759 | https://github.com/bhdresh/CVE-2017-8759 | Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft .NET Framework RCE. It could generate a malicious RTF file and deliver metasploit / meterpreter / other payload to victim without any complex configuration. |
| 322 | 2024-04-29T03:07:23Z | CVE-2017-11882 | https://github.com/rip1s/CVE-2017-11882 | CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum. |
| 185 | 2024-05-04T07:46:15Z | CVE-2017-8570 | https://github.com/rxwx/CVE-2017-8570 | Proof of Concept exploit for CVE-2017-8570 |
| 369 | 2024-04-17T04:35:28Z | exploit-CVE-2017-7494 | https://github.com/opsxcq/exploit-CVE-2017-7494 | SambaCry exploit and vulnerable container (CVE-2017-7494) |
| 258 | 2024-04-30T18:13:43Z | CVE-2017-7494 | https://github.com/joxeankoret/CVE-2017-7494 | Remote root exploit for the SAMBA CVE-2017-7494 vulnerability |
| 314 | 2024-05-03T20:27:18Z | eternal_scanner | https://github.com/peterpt/eternal_scanner | An internet scanner for exploit CVE-2017-0144 (Eternal Blue) & CVE-2017-0145 (Eternal Romance) |
| 273 | 2024-04-29T10:20:59Z | CVE-2018-0802 | https://github.com/rxwx/CVE-2018-0802 | PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882) |
| 257 | 2024-01-04T16:17:11Z | CVE-2017-8759-Exploit-sample | https://github.com/Voulnet/CVE-2017-8759-Exploit-sample | Running CVE-2017-8759 exploit sample. |
| 185 | 2024-03-12T12:43:12Z | Jira-Scan | https://github.com/random-robbie/Jira-Scan | CVE-2017-9506 - SSRF |
| 86 | 2024-04-08T07:52:13Z | iis6-exploit-2017-CVE-2017-7269 | https://github.com/g0rx/iis6-exploit-2017-CVE-2017-7269 | iis6 exploit 2017 CVE-2017-7269 |
| 80 | 2023-08-30T05:14:51Z | CVE-2017-8759 | https://github.com/Lz1y/CVE-2017-8759 | CVE-2017-8759 |
| 179 | 2024-01-04T16:14:21Z | cve-2017-7494 | https://github.com/betab0t/cve-2017-7494 | Proof-of-Concept exploit for CVE-2017-7494(Samba RCE from a writable share) |
| 420 | 2024-04-23T06:31:19Z | struts-pwn | https://github.com/mazen160/struts-pwn | An exploit for Apache Struts CVE-2017-5638 |
| 168 | 2024-04-30T02:39:48Z | RTF_11882_0802 | https://github.com/Ridter/RTF_11882_0802 | PoC for CVE-2018-0802 And CVE-2017-11882 |
| 133 | 2024-04-01T03:10:33Z | cve-2017-7269 | https://github.com/zcgonvh/cve-2017-7269 | fixed msf module for cve-2017-7269 |
| 250 | 2024-01-04T16:17:05Z | struts-pwn_CVE-2017-9805 | https://github.com/mazen160/struts-pwn_CVE-2017-9805 | An exploit for Apache Struts CVE-2017-9805 |
| 204 | 2024-04-19T09:46:51Z | jboss-_CVE-2017-12149 | https://github.com/yunxu1/jboss-_CVE-2017-12149 | CVE-2017-12149 jboss反序列化 可回显 |
| 142 | 2024-02-12T14:34:50Z | CVE-2017-10271 | https://github.com/c0mmand3rOpSec/CVE-2017-10271 | WebLogic Exploit |
| 132 | 2024-04-30T10:47:21Z | CVE-2017-0781 | https://github.com/ojasookert/CVE-2017-0781 | Blueborne CVE-2017-0781 Android heap overflow vulnerability |
| 44 | 2023-09-28T10:46:09Z | CVE-2017-11882 | https://github.com/starnightcyber/CVE-2017-11882 | CVE-2017-11882 exploitation |
| 57 | 2023-09-28T10:40:58Z | Exploit-Development | https://github.com/wetw0rk/Exploit-Development | CVE-2020-8012, CVE-2016-10709, CVE-2017-17099, CVE-2017-18047, CVE-2019-1003000, CVE-2018-1999002 |
| 68 | 2023-09-28T10:43:15Z | ppsx-file-generator | https://github.com/temesgeny/ppsx-file-generator | ppsx file generator for cve-2017-8570 (based on bhdresh/cve-2017-8570) |
| 95 | 2024-02-20T06:53:09Z | CVE-2017-8759 | https://github.com/nccgroup/CVE-2017-8759 | NCC Group's analysis and exploitation of CVE-2017-8759 along with further refinements |
| star | updated_at | name | url | des |
|---|---|---|---|---|
| 942 | 2024-04-28T15:17:52Z | CVE-2016-5195 | https://github.com/timwr/CVE-2016-5195 | CVE-2016-5195 (dirtycow/dirtyc0w) proof of concept for Android |
| 817 | 2024-05-01T13:38:07Z | dirtycow | https://github.com/firefart/dirtycow | Dirty Cow exploit - CVE-2016-5195 |
| 330 | 2024-01-09T13:14:13Z | CVE-2016-0051 | https://github.com/koczkatamas/CVE-2016-0051 | EoP (Win7) & BSoD (Win10) PoC for CVE-2016-0051 (MS-016) |
| 1931 | 2024-05-03T12:48:53Z | weblogicScanner | https://github.com/0xn0ne/weblogicScanner | weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883 |
| 396 | 2024-05-06T22:42:41Z | exploit-CVE-2016-10033 | https://github.com/opsxcq/exploit-CVE-2016-10033 | PHPMailer < 5.2.18 Remote Code Execution exploit and vulnerable container |
| 307 | 2024-04-22T02:21:44Z | CVE-2016-5195 | https://github.com/gbonacini/CVE-2016-5195 | A CVE-2016-5195 exploit example. |
| 495 | 2024-03-16T11:29:28Z | PoCs | https://github.com/ImageTragick/PoCs | Proof of Concepts for CVE-2016–3714 |
| 478 | 2024-05-06T09:26:50Z | dirtycow-vdso | https://github.com/scumjr/dirtycow-vdso | PoC for Dirty COW (CVE-2016-5195) |
| 159 | 2024-05-07T00:25:50Z | CVE-2016-6366 | https://github.com/RiskSense-Ops/CVE-2016-6366 | Public repository for improvements to the EXTRABACON exploit |
| 185 | 2024-03-11T02:33:23Z | CVE-2016-2107 | https://github.com/FiloSottile/CVE-2016-2107 | Simple test for the May 2016 OpenSSL padding oracle (CVE-2016-2107) |
| 114 | 2024-02-12T10:51:54Z | cve-2016-0189 | https://github.com/theori-io/cve-2016-0189 | Proof-of-Concept exploit for CVE-2016-0189 (VBScript Memory Corruption in IE11) |
| 138 | 2024-01-04T16:10:17Z | chakra-2016-11 | https://github.com/theori-io/chakra-2016-11 | Proof-of-Concept exploit for Edge bugs (CVE-2016-7200 & CVE-2016-7201) |
| 84 | 2024-03-21T01:07:43Z | CVE-2016-7255 | https://github.com/FSecureLABS/CVE-2016-7255 | An exploit for CVE-2016-7255 on Windows 7/8/8.1/10(pre-anniversary) 64 bit |
| 339 | 2024-04-17T04:15:54Z | ExtractKeyMaster | https://github.com/laginimaineb/ExtractKeyMaster | Exploit that extracts Qualcomm's KeyMaster keys using CVE-2015-6639 and CVE-2016-2431 |
| 155 | 2023-09-28T10:37:39Z | BadKernel | https://github.com/secmob/BadKernel | Full exploit of CVE-2016-6754(BadKernel) and slide of SyScan360 2016 |
| 69 | 2024-02-20T09:36:17Z | CVE-2016-3714 | https://github.com/Hood3dRob1n/CVE-2016-3714 | ImaegMagick Code Execution (CVE-2016-3714) |
| 80 | 2023-09-28T10:33:57Z | CVE-2016-0801 | https://github.com/abdsec/CVE-2016-0801 | |
| 52 | 2024-04-17T21:15:22Z | cve-2016-1764 | https://github.com/moloch--/cve-2016-1764 | Extraction of iMessage Data via XSS |
| 104 | 2024-04-30T02:58:29Z | jscpwn | https://github.com/saelo/jscpwn | PoC exploit for CVE-2016-4622 |
| 99 | 2024-02-12T18:40:15Z | PegasusX | https://github.com/jndok/PegasusX | OS X 10.11.6 LPE PoC for CVE-2016-4655 / CVE-2016-4656 |
| 57 | 2023-09-28T10:40:58Z | Exploit-Development | https://github.com/wetw0rk/Exploit-Development | CVE-2020-8012, CVE-2016-10709, CVE-2017-17099, CVE-2017-18047, CVE-2019-1003000, CVE-2018-1999002 |
| 46 | 2023-09-28T10:32:48Z | cve-2016-0040 | https://github.com/Rootkitsmm-zz/cve-2016-0040 | Exploiting CVE-2016-0040 uninitialized pointer |
| 54 | 2024-03-09T00:56:25Z | cve-2016-2431 | https://github.com/laginimaineb/cve-2016-2431 | Qualcomm TrustZone kernel privilege escalation |
| 51 | 2024-01-04T16:07:40Z | CVE-2016-3308 | https://github.com/55-AA/CVE-2016-3308 | Use CVE-2016-3308 corrupt win32k desktop heap |
| 260 | 2024-04-25T01:03:43Z | VIKIROOT | https://github.com/hyln9/VIKIROOT | CVE-2016-5195 (Dirty COW) PoC for Android 6.0.1 Marshmallow |
| 53 | 2023-09-28T10:37:53Z | exploit-CVE-2016-6515 | https://github.com/opsxcq/exploit-CVE-2016-6515 | OpenSSH remote DOS exploit and vulnerable container |
| 82 | 2024-04-29T00:01:34Z | MS16-032 | https://github.com/zcgonvh/MS16-032 | MS16-032(CVE-2016-0099) for SERVICE ONLY |
| 54 | 2024-04-17T20:40:56Z | CVE-2016-3309_Reloaded | https://github.com/siberas/CVE-2016-3309_Reloaded | Exploits for the win32kfull!bFill vulnerability on Win10 x64 RS2 using Bitmap or Palette techniques |
| 83 | 2024-04-12T16:03:01Z | mach_race | https://github.com/gdbinit/mach_race | Exploit code for CVE-2016-1757 |
| 49 | 2023-09-07T17:01:10Z | CVE-2016-2434 | https://github.com/jianqiangzhao/CVE-2016-2434 |
| star | updated_at | name | url | des |
|---|---|---|---|---|
| 547 | 2024-05-02T14:56:23Z | CVE-2015-7547 | https://github.com/fjserna/CVE-2015-7547 | Proof of concept for CVE-2015-7547 |
| 284 | 2024-01-30T00:26:36Z | CVE-2015-1701 | https://github.com/hfiref0x/CVE-2015-1701 | Win32k LPE vulnerability used in APT attack |
| 269 | 2024-04-17T23:51:23Z | iovyroot | https://github.com/dosomder/iovyroot | CVE-2015-1805 root tool |
| 204 | 2024-04-28T16:14:09Z | cve-2015-1538-1 | https://github.com/jduck/cve-2015-1538-1 | An exploit for CVE-2015-1538-1 - Google Stagefright ‘stsc’ MP4 Atom Integer Overflow Remote Code Execution |
| 131 | 2023-08-04T13:41:05Z | CVE-2015-3636 | https://github.com/fi01/CVE-2015-3636 | PoC code for 32 bit Android OS |
| 115 | 2024-03-21T21:14:38Z | cve-2015-6639 | https://github.com/laginimaineb/cve-2015-6639 | QSEE Privilege Escalation Exploit using PRDiag* commands (CVE-2015-6639) |
| 395 | 2024-02-24T11:41:57Z | tpwn | https://github.com/kpwn/tpwn | xnu local privilege escalation via cve-2015-???? & cve-2015-???? for 10.10.5, 0day at the time |
| 118 | 2024-01-11T13:54:32Z | PoCForCVE-2015-1528 | https://github.com/secmob/PoCForCVE-2015-1528 | I'll submit the poc after blackhat |
| 123 | 2024-04-24T04:28:13Z | exploit-CVE-2015-3306 | https://github.com/t0kx/exploit-CVE-2015-3306 | ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container |
| 65 | 2023-09-28T10:29:50Z | cve-2015-5477 | https://github.com/robertdavidgraham/cve-2015-5477 | PoC exploit for CVE-2015-5477 BIND9 TKEY assertion failure |
| 339 | 2024-04-17T04:15:54Z | ExtractKeyMaster | https://github.com/laginimaineb/ExtractKeyMaster | Exploit that extracts Qualcomm's KeyMaster keys using CVE-2015-6639 and CVE-2016-2431 |
| 102 | 2023-09-28T10:31:46Z | juniper-cve-2015-7755 | https://github.com/hdm/juniper-cve-2015-7755 | Notes, binaries, and related information from analysis of the CVE-2015-7755 & CVE-2015-7756 issues within Juniper ScreenOS |
| 68 | 2024-03-15T08:25:01Z | CVE-2015-6086 | https://github.com/payatu/CVE-2015-6086 | PoC for CVE-2015-6086 |
| 43 | 2023-06-30T06:36:02Z | libpingpong_exploit | https://github.com/android-rooting-tools/libpingpong_exploit | CVE-2015-3636 exploit |
| 31 | 2023-09-27T08:05:00Z | CVE-2015-1805 | https://github.com/panyu6325/CVE-2015-1805 | |
| 24 | 2022-07-23T07:42:34Z | CVE-2015-6612 | https://github.com/secmob/CVE-2015-6612 | |
| 43 | 2024-01-13T17:58:48Z | mysslstrip | https://github.com/duo-labs/mysslstrip | CVE-2015-3152 PoC |
| 52 | 2024-04-22T14:41:59Z | bluebox | https://github.com/JackOfMostTrades/bluebox | Automated Exploit Toolkit for CVE-2015-6095 and CVE-2016-0049 |
| 22 | 2020-12-24T15:36:05Z | CVE-2015-2546-Exploit | https://github.com/k0keoyo/CVE-2015-2546-Exploit | |
| 39 | 2023-09-07T17:08:30Z | CVE-2015-6620-POC | https://github.com/flankerhqd/CVE-2015-6620-POC | POC for CVE-2015-6620, AMessage unmarshal arbitrary write |
| 33 | 2024-02-10T07:28:49Z | exploit-CVE-2015-1427 | https://github.com/t0kx/exploit-CVE-2015-1427 | Elasticsearch 1.4.0 < 1.4.2 Remote Code Execution exploit and vulnerable container |
| 11 | 2024-02-24T11:42:05Z | privesc-CVE-2015-5602 | https://github.com/t0kx/privesc-CVE-2015-5602 | Sudo <= 1.8.14 Local Privilege Escalation and vulnerable container |
| 25 | 2023-09-28T10:36:00Z | CVE-2015-0057 | https://github.com/55-AA/CVE-2015-0057 | 翻译文章,CVE-2015-0057漏洞在32位和64位系统上的利用。Exploiting the win32k!xxxEnableWndSBArrows use-after-free (CVE 2015-0057) bug on both 32-bit and 64-bit(Aaron Adams of NCC ) |
| 30 | 2023-09-28T10:32:55Z | serialator | https://github.com/roo7break/serialator | Python script to exploit CVE-2015-4852. |
| 21 | 2019-12-08T12:35:07Z | cve-2015-0313 | https://github.com/SecurityObscurity/cve-2015-0313 | |
| 4 | 2023-09-28T10:30:08Z | libping_unhash_exploit_POC | https://github.com/askk/libping_unhash_exploit_POC | CVE-2015-3636 exploit |
| 21 | 2023-10-31T08:45:17Z | CVE-2015-7501 | https://github.com/ianxtianxt/CVE-2015-7501 | (CVE-2015-7501)JBoss JMXInvokerServlet 反序列化漏洞 |
| 15 | 2021-12-20T20:47:43Z | CVE-2015-6132 | https://github.com/hexx0r/CVE-2015-6132 | Microsoft Office / COM Object DLL Planting |
| 18 | 2024-01-19T07:25:53Z | CVE-2015-3636 | https://github.com/a7vinx/CVE-2015-3636 | Expolit for android (goldfish kernel v3.10.0+) on arm64 with PXN&SELinux Bypassed. Based on fi01's code. |
| 14 | 2023-09-28T10:30:24Z | CVE-2015-5119_walkthrough | https://github.com/CiscoCXSecurity/CVE-2015-5119_walkthrough | Archive from the article CVE-2015-5119 Flash ByteArray UaF: A beginner's walkthrough |
| Wechat Pay | AliPay | Paypal | BTC Pay | BCH Pay |
|---|---|---|---|---|
 |
 |
paypal [email protected] |  |
 |
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent