Exploit for CVE-2026-9082

⚠️ Security Research & Legal Disclaimer 📌 Purpose of This...

poc-archive

poc-archive A structured archive of security research proof-o...

DarkWin-NGASR

🌌 DARKWIN — Next-Gen Automated Security Research Develope...

redhound-arsenal

Red Hound Arsenal Agent-consumable security skill library for...

kexploitbinary

DarkSword Red Team Framework Framework Python com CLI para en...

Mass-Mirai-IoT-Exploit

Fiber — Mass Mirai IoT Exploit Languages: Englishengl...

Web-Application-Vulnerability-Scanner

Web-Application-Vulnerability-Scanner Web Application Vulnerab...

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell: CVE-2025-55182 – Comprehensive Vulnerability Scan...

Exploit for CVE-2025-55182

一个简单的 CVE-2025-55182 & CVE-2025-66478 GUI漏洞利用工具 Vulnerability S...

XSS-CTF

XSS-CTF Contains hands-on XSS test cases from beginner...

ysoserial

This is a proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool, called ysoserial, is a collection of utilities and property-oriented programming "gadget chains" discovered in common Java libraries that can, under the right conditions, exploit Jav...

ysoserial

This is a Java-based proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool, named ysoserial, is designed to create gadgets that can be used to execute arbitrary commands on a vulnerable application. The gadgets are created by wrapping a...

Exploit for OS Command Injection in Ivanti Cloud_Services_Appliance

CVE-2024-8190: Ivanti Cloud Service Appliance Authenticated Co...

Exploit for SQL Injection in Fortinet Forticlient_Enterprise_Management_Server

CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Vulnerab...

poc-hub

0x01-免责声明 该项目仅供授权下使用，禁止使用该项目进行违法操作，否则自行承担后果，请各位遵守《中华人民共和国网络安全法》！！！ 0x02-项目介绍 专注于漏洞复现，不含漏洞分析 2021/12/13 有感于漏洞之多，复现不过来，故选择投身xray和goby两大阵营，与其自己一个一个复现漏洞，不如提交几个漏洞获取xray高级版和goby红队版，直接享用里面的poc库...

ysoserial

This is a Java tool called ysoserial, which generates payloads that exploit unsafe Java object deserialization. The tool is designed to create gadgets that can be used to execute arbitrary code on a Java application that performs unsafe deserialization. The tool takes a user-specified command and...

Exploit for CVE-2013-0422

K8tools 2020628 声明: 工具仅供安全研究或授权渗透，非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大，可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行，大部份经过修改编译兼容性稳定性更好 注意：不保证永久有效,喜欢自行保存。 综合工具 + 反弹工具 Ladon 6.6.6 反弹MSF/NC ShellTCP/HTTP/HTTPS + 扫描工具 Ladon 6.6 SMB漏洞检测 SMBGhost...

Exploit for CVE-2013-0422

K8tools 2020628 声明: 工具仅供安全研究或授权渗透，非法用途后果自负。 下载: https://github.com/k8gege/K8tools 文档: http://k8gege.org PS: 不定期更新,文件比较大，可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行，大部份经过修改编译兼容性稳定性更好 注意：不保证永久有效,喜欢自行保存。 综合工具 + 反弹工具 Ladon 6.6.6 反弹MSF/NC ShellTCP/HTTP/HTTPS + 扫描工具 Ladon 6.6 SMB漏洞检测 SMBGhost...