New-Shellcode-Injection-Exploit

Shellcode Injection Exploit Author Created by 0x5da...

Double-Free-Heap-Exploit

Double-Free Heap Exploit Author Created by 0x5da Toa...

poc-factory-sample-output

Prompt Injection Guardrails Introduction In the rapidly e...

clfs-vuln2026-poc

No d...

Exploit for CVE-2026-30862

CVE-2026-30...

Jinjia2_ssti_exploit

Jinjia2: Tools for Exploiting SSTI Vulnerabilities Discl...

poc_automatisation_wallix

Automatisation WALLIX Bastion PoC d'automatisation pour deplo...

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2025-59287 — WSUS Unauthenticated RCE Purple team exercis...

secshy_resport

secshy Technology Community This is the re...

📄 tracker-extract 3.8.2 / tracker-miners 3.x Crash

Proof of concept exploit for tracker-extract version 3.8.2 and tracker-miners version 3.x that demonstrates a crash when parsing oversized or malformed frames from MP3/APEv2 tags...

📄 OpenBabel 3.1.1 Heap Buffer Overflow

This project is a local exploitation research and crash detection framework designed to evaluate memory-safety weaknesses in Open Babel version 3.1.1 under controlled laboratory conditions...

📄 Splunk Enterprise 9.1.5 / 9.2.2 Remote Code Execution

This PHP script is a proof of concept exploit for CVE-2024-36985, an authenticated Remote Code Execution vulnerability affecting Splunk instances where the splunkarchiver app is installed and enabled. It is a conversion of a Metasploit module into PHP...

📄 dr_libs 0.14.4 Heap Buffer Overflow

A heap buffer overflow exists in the function drwavreadsmpltometadataobj when processing WAV files with a crafted smpl chunk. The vulnerability arises due to a mismatch between sampleLoopCount validation in pass 1 and unconditional processing in pass 2, allowing 36 bytes of attacker-controlled da...

📄 DOMPurify 3.13 Cross Site Scripting

A mutation cross site scripting vulnerability exists in DOMPurify versions 3.1.3 and below when the SAFEFORXML configuration is enabled. ============================================================================================================================================= | Title : DOMPurif...

📄 ThreatFire System Monitor 4.7.0.53 Kernel‑Mode Arbitrary Process Termination

This Metasploit module terminates the Windows Defender process MsMpEng.exe by sending a specific IOCTL to the TfSysMon driver. ============================================================================================================================================= | Title : ThreatFire System...

📄 libbiosig 3.9.2 Buffer Overflow

A specially crafted Intan CLP file can trigger a heap buffer overflow in applications that parse the CLP format without properly validating the HeadLen field. The vulnerable parser allocates memory based on the value of HeadLen but continues reading additional data from the file without enforcing...

📄 Ipswitch WhatsUp Gold 1.0.0.24 Directory Traversal

Proof of concept exploit for a 2011 finding where Ipswitch WhatsUp Gold version 1.0.0.24 had a directory traversal in the included TFTP server. ============================================================================================================================================= | Title :...

📄 Jinja 2 1.4.0 Tactical RMM SSTI Detection

This proof of concept script detects potential server-side template injection vulnerabilities in web applications using template engines such as Jinja. The script sends a dynamically generated mathematical expression within a template payload to a target URL parameter. If the server evaluates the...

📄 F5 BIG-IP TMUI Unauthenticated Remote Code Execution

This Metasploit module exploits a directory traversal vulnerability in the F5 BIG-IP TMUI interface that allows unauthenticated attackers to execute arbitrary system commands via tmshCmd.jsp...

📄 Ubuntu 25.10 Containerd Insecure Directory Permissions

This proof of concept exploit demonstrates and detects CVE-2024-25621, a security vulnerability in containerd caused by insecure permissions on critical runtime and data directories. Affected versions may expose container metadata and runtime artifacts due to directories being readable or writabl...