漏洞扫描系统

This is a Python web application built using the Flask framework, designed to scan Windows systems for vulnerabilities. The application has several features, including user authentication, task management, and vulnerability scanning. Here is a summary of the key points: User Authentication The...

awesome-burp-extensions

This is a curated list of Burp Extensions, a collection of user-submitted plugins for the Burp Suite web application security testing tool. The repository is maintained under a CC0 1.0 Universal license, allowing for the permanent relinquishment of copyright and related rights to the works...

burp_mirror_gui

Burp Multiple Instance Management Tool This solution, when combined with jsforward or mitmdump, effectively addresses the following pain points in penetration testing: 1. Enables real-time testing for privilege escalation, unauthorized access, business logic vulnerabilities, and session-related...

metasploit-framework

This is the Metasploit Framework repository, a widely used penetration testing tool. It is an offensive tool for penetration testing and vulnerability assessment. The repository contains various modules and tools for exploiting vulnerabilities and conducting penetration testing. The primary...

metasploit-framework

This is the Metasploit Framework repository, a comprehensive collection of tools and resources for penetration testing and vulnerability assessment. The repository contains a wide range of modules, including exploits, payloads, and auxiliary tools, which can be used to test and exploit...

nuclei-templates

This repository is an offensive tool for vulnerability scanning and exploitation, specifically for the nuclei engine. It contains a community-curated list of templates for discovering security vulnerabilities in applications. The templates are used by the nuclei scanner to power the actual scanni...

autottp

This is a Python wrapper for the PowerShell Empire API, a framework for penetration testing and red teaming. The wrapper provides a simple interface to interact with the Empire API, allowing users to automate tasks and sequences of actions. The wrapper is feature complete as of Empire 1.5.0 and...

nuclei_poc

This repository is an offensive tool for Nuclei POCs. It is a Python script that clones GitHub repositories, extracts Nuclei POCs, and organizes them into categorized folders. The script runs automatically every day using GitHub Actions. The primary vulnerability class targeted by this tool is no...

Exploit for Use of Incorrectly-Resolved Name or Reference in Apache Tomcat

This is a Java class file that appears to be a payload for a malicious attack. The class is named "Foo" and has a single method, "", which is the constructor. The constructor takes no arguments and does not perform any actions. The class also has a "serialVersionUID" field, which is a unique...

Exploit for Use After Free in Redis

This is a PoC exploit for CVE-2025-49844, a high-risk vulnerability in Redis database. The exploit is a GUI-based tool called "CVE-2025-49844RediShell漏洞检查软件v2.0" that helps enterprises efficiently detect and fix vulnerabilities. The tool is an iteration of the original...

Exploit for Use After Free in Redis

PoC exploit for CVE-2025-49844, a high-risk vulnerability in Redis database, known as "RediShell", caused by a use-after-free flaw in the Lua interpreter. The vulnerability allows an unauthenticated attacker or an attacker with Redis access to trigger memory corruption by crafting a Lua script,...

ReconPi

This is a reconnaissance tool called ReconPi, designed for use on a Raspberry Pi or a VPS. The tool is written in Bash and uses various scripts to perform extensive reconnaissance on a target domain. The tool's primary function is to gather information about a target domain, including subdomains,...

sparta

This is a network infrastructure penetration testing tool called SPARTA. It is a Python GUI application that simplifies the scanning and enumeration phase of penetration testing by providing point-and-click access to various tools and displaying all tool output in a convenient way. The tool...

KitHack

This is a collection of tools and scripts for the KitHack framework, a penetration testing tool. The repository includes a Python script, clean.sh, which is used to clean up the tools directory. The script checks if the user has root permissions and, if so, removes any tools that are not empty. T...

discover

This is a collection of custom bash scripts used to automate various penetration testing tasks, including reconnaissance, scanning, enumeration, and malicious payload creation using Metasploit. The scripts are designed to be used with Kali Linux. The scripts are organized into several categories,...

gauntlt

This is an offensive tool for web application security testing. It is a ruggedization framework that enables security testing that is usable by devs, ops, and security. The tool is called Gauntlt. The target product/service or framework is not explicitly stated, but based on the examples provided...

evilgrade

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates...

moment-timezone

This repository is an add-on for Moment.js, a JavaScript library for working with dates and times. It provides support for timezones, allowing users to easily work with dates and times in different timezones. The repository contains a variety of files, including a Gruntfile.js, which is used to...

nightmare

This repository is an introduction to binary exploitation and reverse engineering course based on CTF challenges, called "Nightmare". It contains a large amount of content, with over 90 challenges, laid out in a linear fashion, and well-documented write-ups explaining how to go from being handed...

RedTeam-Tactics-and-Techniques

It is an offensive tool for Windows. The repository contains a script that appears to be a Windows shell extension, likely used for red teaming or penetration testing. The script is written in a format compatible with the Windows Taskbar and Shell. The script is designed to toggle the desktop,...

dostackbufferoverflowgood

This is a Windows executable file .exe named "dostackbufferoverflowgood.exe" that is intentionally vulnerable to a stack buffer overflow attack. The file is part of a repository on GitHub, which is a collection of resources for a talk on vulnerability exploitation. The file is a 32-bit executable...

security-guide-for-developers

This is a security guide for web developers, covering various security topics such as authentication, authorization, data validation, and encryption. The guide is divided into several sections, including a security checklist, authentication and authorization, data validation and sanitation, and...

Exploit for Heap-based Buffer Overflow in Google Android

This is a PoC exploit for CVE-2020-8899, a memory corruption vulnerability in the Samsung Qmage codec. The exploit targets a Samsung Galaxy Note 10+ phone running Android 10 via MMS. The exploit code is written in Python and requires the following software to be locally installed: Python 3, Netwi...

sslyze

It is an offensive tool for scanning SSL/TLS configurations. The primary target of this tool is the SSL/TLS configuration of a server, which can be analyzed to ensure it uses strong encryption settings and is not vulnerable to known TLS attacks. The tool can connect to a server to perform the...

geminabox

It is an offensive tool for RubyGem hosting. The repository contains a simple RubyGem hosting system called Gem in a Box. It allows users to host their own RubyGems, and it includes features such as user authentication, gem versioning, and a web interface for browsing and downloading gems. The to...

MUD-Manager

This is an offensive tool for IoT devices. It is an exploit module for the Cisco MUD-Manager, which is a technique for constrained end devices to signal to the network what sort of access and network functionality they require to properly function. The tool is designed to exploit vulnerabilities ...

RedTeam-Tactics-and-Techniques

Red Teaming Tactics and Techniques...

WAFTest

This repository is an offensive tool for testing web application firewalls WAFs. It contains a collection of test cases and scripts to evaluate the effectiveness of WAFs against various types of attacks. The tool includes test cases for common web application vulnerabilities such as: Command...

anti-xss

This is a PHP library called AntiXSS, which is designed to prevent cross-site scripting XSS attacks. The library provides a set of functions to sanitize user input and protect against XSS vulnerabilities. The library is maintained by Lars Moelleken and is available on Packagist, a popular PHP...

naughty-images

This repository contains a collection of SVG images that exploit the SVG vulnerability in various browsers, allowing for cross-site scripting XSS attacks. The images are designed to trigger the vulnerability when loaded in a browser, potentially allowing an attacker to execute malicious code on t...

MCIR

The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. It is a collection of tools designed to demonstrate various types of code injection vulnerabilities, including SQL injection, XML/XPath/XSL injection, Cross-Site Scripting XSS, and shell...

colander

This is a Python library for deserialization and validation of data structures composed of strings, mappings, and lists. It is a package that can be used to serialize an arbitrary data structure to a data structure composed of strings, mappings, and lists, and to deserialize and validate a data...

weblogic-monitoring-exporter

This is a Java-based project for exporting metrics from WebLogic Server WLS instances to Prometheus. The project is available in two forms: a web application and a separate process. The web application is deployed to the server from which metrics are to be extracted, while the separate process is...

rubysec

This is a Ruby library for performing mutation testing, which is a form of testing that ensures that test coverage is comprehensive by introducing small changes mutations into the code under test and verifying that the tests fail as expected. The library, called Mutant, is designed to be used in...

cs253.stanford.edu

It is an offensive tool for web application security education. The repository contains a collection of assignments and exercises for the CS 253 Web Security course at Stanford University. The assignments are designed to educate students on various web security topics, including client-side...

Binwalk

This is an implementation of the Binwalk firmware analysis tool in Rust, written for speed and accuracy. Binwalk can identify and optionally extract files and data embedded inside other files, with a focus on firmware analysis. It supports a wide variety of file and data types and can even help...

Janusec-Application-Gateway

It is an offensive tool for web application security testing. The repository contains a tool for testing web application security, specifically for identifying vulnerabilities in web applications. The tool is designed to test for various types of vulnerabilities, including SQL injection, cross-si...

sinatra

This is the official repository for the Sinatra web framework. It is a DSL Domain Specific Language for web development, allowing developers to create web applications in a concise and elegant way. The repository contains the core code for Sinatra, as well as various plugins and extensions. The...

Exploit for Improper Input Validation in Bsdi Bsd_Os

This repository appears to be a collection of old CVE Common Vulnerabilities and Exposures entries from 1999. The repository contains a series of markdown files, each describing a specific vulnerability, along with links to GitHub repositories that may contain proof-of-concept POC code or other...

CTFDefense

This repository, CTFDefense, contains tools for offline CTF Capture The Flag challenges. The tools are written in Python and are designed to monitor and analyze system events. The repository includes a script called SimpleMonitor.py, which uses the pyinotify library to watch for file system event...

browsersploit

This is an advanced browser exploit pack for internal and external pentesting, aiming to gain access to internal computers. The tool is not for script kiddies or non-advanced coders, as it contains bugs and is intended for experienced users. The pack includes various techniques to bypass antiviru...

gadgetinspector

This is a Java-based tool for finding deserialization gadget chains in Java applications. The tool is called "Gadget Inspector" and is presented as a project that was showcased at Black Hat USA 2018. The tool is designed to automatically discover possible gadget chains in an application's...

Exploit for CVE-2016-2610

This is a PoC exploit for CVE-2016-2610, a vulnerability in the PlayStation 4's kernel. The exploit targets the 4.55 firmware version and allows for arbitrary code execution as kernel. The exploit includes a loader that listens for payloads on port 9020 and executes them upon reception. The loade...

fastjson-remote-code-execute-poc

This is a Java-based proof-of-concept PoC exploit for a remote code execution RCE vulnerability in the FastJSON library, version 1.2.24. The exploit is designed to be used with IntelliJ IDEA, a popular integrated development environment IDE for Java development. The exploit consists of two main...

LFISuite

This repository is an offensive tool for Local File Inclusion LFI exploitation and scanning. It is primarily used to exploit LFI vulnerabilities in web applications, allowing an attacker to access sensitive files and potentially gain unauthorized access to a system. The tool, called LFI Suite,...

Exploit for Path Traversal in Thecartpress Thecartpress_Ecommerce_Shopping_Cart

This is a PoC exploit for CVE-2015-3301, a vulnerability in the Stagefright media library that allows for remote code execution on Android devices. The exploit, called Metaphor, is designed to bypass Address Space Layout Randomization ASLR and execute arbitrary code on the device. The exploit...

Buffer-Overflow-Exploit-Development-Practice

It is an offensive tool for buffer overflow exploit development. The primary CVE ID is not present in the provided context. The target product/service or framework is not explicitly stated, but the tool is designed for buffer overflow exploit development, which typically involves vulnerabilities ...

Vanquish

It is an offensive tool for enumeration. The tool is called Vanquish, and it is designed to perform multiple active information gathering phases on a target system. It is built in Python and leverages various open-source enumeration tools on Kali Linux. The tool can be installed using the command...

PoC

PoC exploit for MS-16-137, LSASS Remote Null Ptr Deref. The target product/service is Windows LSASS Local Security Authority Subsystem Service. The vulnerability class/vector is a remote code execution vulnerability, specifically a null pointer dereference. The probable entry point is the...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

This is a proof-of-concept PoC exploit for CVE-2020-0796, also known as SMBGhost, a pre-authentication remote code execution vulnerability in the SMBv3 server of Windows operating systems. The exploit is written in Python and uses the SMB protocol to exploit the vulnerability. The exploit targets...