Exploit refers to a piece of code or technique that takes advantage of a security vulnerability in a system, application, or network to cause unintended behavior. Exploits can be used by attackers to gain unauthorized access, escalate privileges, execute arbitrary code, or cause a denial of service. This topic covers the various types of exploits, such as zero-day exploits, remote code execution, and privilege escalation. It also explores the lifecycle of an exploit, from discovery and development to deployment and mitigation, and highlights the importance of vulnerability management and patching in preventing exploits.
CTF framework and exploit development library
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
Automated Mass Exploiter
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
一个攻防知识库。A knowledge base for red teaming and offensive security.
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.
Interesting APT Report Collection And Some Special IOCs
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
针对SpringBoot的开源渗透框架,以及Spring相关高危漏洞利用工具
CTF challenge (mostly pwn) files, scripts etc
Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.
Uncover the true IP address of websites safeguarded by Cloudflare & Others
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Nuclei POC,每日更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现。已有19w+POC,已校验格式的有效性并去重(验证的是格式的有效性)
Created by The cybersecurity community