Topic: poc Goto Github
Some thing interesting about poc
Some thing interesting about poc
poc,Hacking Charles Web Debugging Proxy
User: 100apps
Home Page: http://www.gfzj.us/tech/2015/06/24/charles-hacking.html
poc,Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE
User: 1n7erface
poc,Nuclei POC,每日更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现(已有11wPOC,已校验有效性并去重)
User: adysec
Home Page: https://adysec.com
poc,PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
User: arthepsy
poc,漏洞批量验证框架
User: bigblackhat
poc,Fiora:漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行,也可作为burp插件使用。
User: bit4woo
Home Page: https://www.bilibili.com/video/bv1Ha411z7T1
poc,Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
User: c0ny1
poc,一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Organization: chaitin
Home Page: https://docs.xray.cool
poc, Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.
User: chushuai
poc,CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
User: danigargu
poc,Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)
User: dreadlocked
poc,ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Organization: ffffffff0x
Home Page: https://home.ffffffff0x.com/
poc,A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
User: frohoff
Home Page: http://frohoff.github.io/appseccali-marshalling-pickles/
poc,TOP All bugbounty pentesting CVE-2023- POC Exp RCE example payload Things
Organization: ghosttroops
Home Page: https://exploit-poc.com
poc,CVE-2020-0796 Remote Code Execution POC
Organization: jamf
poc,Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
User: joaomatosf
poc,傻瓜式漏洞PoC测试框架
User: jweny
Home Page: https://pocassist.jweny.top/
poc,K8Ladon大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
User: k8gege
poc,K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
User: k8gege
poc,Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange
User: k8gege
Home Page: http://k8gege.org/Ladon/
poc,Ladon for Kali 全平台开源内网渗透扫描器,Windows/Linux/Mac/路由器内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
User: k8gege
Home Page: http://k8gege.org/Ladon
poc,🚀Komo, a comprehensive asset collection and vulnerability scanning tool. Komo 一个综合资产收集和漏洞扫描工具,集成了20余款工具,通过多种方式对子域进行获取,收集域名邮箱,进行存活探测,域名指纹识别,域名反查ip,ip端口扫描,web服务链接爬取并发送给xray,对web服务进行POC漏洞扫描,对主机进行主机漏洞扫描。
User: komomon
Home Page: https://www.cnblogs.com/forforever/
poc,渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
User: mr-xn
Home Page: https://mrxn.net
poc,📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
Organization: nomi-sec
Home Page: https://poc-in-github.motikan2010.net
poc,Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
User: notselwyn
Home Page: https://pwning.tech/nftables
poc,🦄🔒 Awesome list of secrets in environment variables 🖥️
User: puliczek
poc,✍️ A curated list of CVE PoCs.
User: qazbnm456
Home Page: https://awesomelists.top/#/repos/qazbnm456/awesome-cve-poc
poc,scalpel是一款命令行漏洞扫描工具,支持深度参数注入,拥有一个强大的数据解析和变异算法,可以将常见的数据格式(json, xml, form等)解析为树结构,然后根据poc中的规则,对树进行变异,包括对叶子节点和树结构 的变异。变异完成之后,将树结构还原为原始的数据格式。
Organization: starcrossportal
poc,Proofs-of-concept
Organization: thezdi
Home Page: https://www.zerodayinitiative.com/advisories/published/
poc,利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
User: tr0uble-maker
poc,Gather and update all available and newest CVEs with their PoC.
Organization: trickest
Home Page: https://trickest.com
poc,vulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Organization: vulscanteam
poc,Miscellaneous exploit code
Organization: xiphosresearch
Home Page: http://www.xiphosresearch.com/
poc,DeepfakeHTTP is a web server that uses HTTP dumps as a source for responses.
User: xnbox
poc,聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
User: ycdxsb
poc,A Security Tool for Bug Bounty, Pentest and Red Teaming.
User: zan8in
poc,Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
User: zhzyker
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.