📄 Microsoft Windows Cloud Files Mini Filter Driver Local Privilege Escalation

Proof of concept exploit for a heap-based buffer overflow vulnerability in the Windows Cloud Files Mini Filter Driver cldflt.sys that allows local attackers to escalate privileges from user-level to SYSTEM-level access on affected Windows systems. The vulnerability exists in the Cloud Files Mini...

📄 Alipay Open Redirect / API Attacker Payload Insertion

A single crafted URL enables a complete attack chain against Alipay mobile application users that can allow for data exfiltration. As the vendor has stated this is normal behavior with no apparent plans to address the problem, this is being published to make users aware. Alipay Mobile App -...

📄 Microsoft Windows LNK File Remote Code Execution

This PHP script is a proof of concept exploit that demonstrates how to create a Windows LNK shortcut file that executes a PowerShell command in this example, launches calc.exe...

📄 Microsoft Windows 11 Race Condition / Privilege Escalation

This Metasploit module exploits CVE-2025-62215, a race condition combined with a double-free vulnerability in the Windows Kernel. It allows local privilege escalation from low-privileged users to SYSTEM by exploiting improper synchronization in kernel object handling...

📄 Microsoft Windows 11 SMB Local Privilege Escalation

Proof of concept for CVE‑2025‑33073, a Microsoft Windows SMB privilege escalation vulnerability that abuses local NTLM reflection behavior within the SMB stack...

📄 SPIP CMS Analysis Scanner Script

This is an exploitation tool designed for websites running the SPIP CMS versions 5.4.0 through 5.11.0. The tool performs automated detection and enumeration of SPIP installations, identifies installed plugins, attempts to determine plugin versions, and searches for forms using the saisies plugin...

Exploit for CVE-2026-30945

🗑️ CVE-2026-30945 StudioCMS IDOR — Arbitrary API Token Revoc...

claude-code-pentest

claude-code-pentest 6 Claude Code skills that automate th...

manchurian-agent-poc

Manchurian Candidate Agent POC ⚠️ SECURITY RESEARCH — EDU...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 — "Baron Samedit" Lab & Exploit This repository...

cibersec-sqlinjection

No d...

Exploit for CVE-2026-32612

Security Advisories Independent vulnerability disclosures and...

Exploit for Improper Authentication in Controlid Idsecure

CVE-2023-6329 — Control iD iDSecure Authentication Bypass !P...

Exploit for CVE-2026-3228

No d...

Exploit for SQL Injection in Easycms

NVD-CVE-2026-...

AutoXSScheckTool

No d...

Exploit for Untrusted Pointer Dereference in Microsoft

CV...

Exploit for CVE-2026-29000

CVE-2026-29000 — pac4j-jwt Library-Level PoC Lab TL;DR Th...

Exploit for CVE-2026-30952

CVE-2026-30952: LiquidJS Path Traversal PoC This repository c...

AutoPwn

/ \ | | | ...