PocCollect

This repository is an offensive tool for vulnerability scanning and exploitation, specifically targeting various web applications and services. The primary vulnerability class targeted is SQL injection, with specific examples of exploits for Struts2, 08CMS, and ASPCMS. The tool is written in Pyth...

airbug

This repository is an offensive tool for collecting and utilizing web application vulnerabilities, specifically targeting Content Management Systems CMS. It is a Python-based tool that allows users to load and execute Proof of Concept PoC code for various vulnerabilities. The tool is designed to ...

spraywmi

Exploit module/toolkit targeting Windows systems via WMI Windows Management Instrumentation spraying. The tool, named SprayWMI, is designed to mass spray Unicorn PowerShell injection to CIDR notations. It is a Python-based tool that uses the pexpect library to interact with the Windows Management...

windows-privesc-check

It is an offensive tool for Windows privilege escalation checking. The tool, windows-privesc-check, is a standalone executable that runs on Windows systems, attempting to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or access local apps. I...

SQL-Injection-Scanner

SQL-Injection-Scanner The following program is an injection sc...

Exploit for CVE-2021-34527

A PrintNightmare CVE-2021-34527 Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE not the LPE and generates a CSV report with the results. Tests exploitability over MS-PAR and MS-RPRN. This tool has "de-fanged" versions of the Python exploits, it does not actually...

Exploit for Path Traversal in Apache Http_Server

!bannerhttps://img.shields.io/badge/ApachePathTraversal-RCEC...

Exploit for Deserialization of Untrusted Data in Microsoft

🛡️ CVE-2025-53770 SharePoint Vulnerability Scanner A Python-b...

Exploit for Cross-site Scripting in Wondercms

🚨 WonderCMS RCE Exploit Tool CVE-2023-41425 This Python-bas...

Exploit for CVE-2025-48703

💥 CVE-2025-48703 AutoExploit GUI/CLI 💥...

Exploit for Improper Protection of Alternate Path in Vbulletin

💥 vBulletin Remote Code Execution Scanner replaceAdTemplate...

IoT_vuln

It is an offensive tool for IoT devices. The tool is written in...

Exploit for OS Command Injection in Php

CVE-2024-4577 취약점 테스트 스크립트 이 Python 스크립트는 PHP의 최신 취약점인 CVE-...

Commvault Command Center Innovation Release 11.38 Remote Code Execution

Remote code execution exploit for Commvault Command Center version 11.38. Written in Python. This tool allows testing single targets or scanning multiple hosts in bulk...

Exploit for CVE-2025-0054

CVE-2025-0054 – SAP NetWeaver Stored XSS Scanner 🕷 A lightwei...

Exploit for Deserialization of Untrusted Data in Apache Tomcat

Apache Tomcat CVE-2025-24813 Proof of Concept PoC !License...

Exploit for CVE-2025-29927

About A simple Python tool that automates Shodan searches and...

Exploit for Unrestricted Upload of File with Dangerous Type in Etoilewebdesign Front_End_Users

WordPress FEUP Arbitrary File Upload Exploit CVE-2025-2005 T...

漏洞检测

It is an offensive tool for vulnerability detection. The repository contains a project with a name that translates to "漏洞检测" which means "vulnerability detection" in English. The project is likely used for identifying vulnerabilities in systems or applications. The code snippets provided are...

CVE-2024-56363

APTRS Automated Penetration Testing Reporting System is a Python and Django-based automated reporting tool designed for penetration testers and security organizations. In 1.0, there is a vulnerability in the web application's handling of user-supplied input that is incorporated into a Jinja2...