Top 23 Python Exploit Projects
-
Pwntools - CTF Framework for writing exploits.
-
gef
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers
I still struggle with GDB but my excuse is that I seldom use it.
When I was studying reverse engineering though, I came across a really cool kit (which I've yet to find an alternative for lldb, which would be nice given: rust)
I'd recommend checking it out, if for no other reason than it makes a lot of things really obvious (like watching what value lives in which register).
LLDB's closest alternative to this is called Venom, but it's not the same at all. https://github.com/ovh/venom
-
SonarLint
Deliver Cleaner and Safer Code - Right in Your IDE of Choice!. SonarLint is a free and open source IDE extension that identifies and catches bugs and vulnerabilities as you code, directly in the IDE. Install from your favorite IDE marketplace today.
-
AutoSploit - Automated mass exploiter, which collects target by employing the Shodan.io API and programmatically chooses Metasploit exploit modules based on the Shodan query.
-
-
Ghost
Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. (by EntySec)
Project mention: Some information and advice about DDoS, from someone who was there during #opPayback | reddit.com/r/anonymous | 2022-02-27 -
-
FeatherDuster - An automated, modular cryptanalysis tool.
-
Scout APM
Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
-
Smart Install Exploitation Tool (SIET) - Scripts for identifying Cisco Smart Install-enabled switches on a network and then manipulating them.
-
Firmware_Slap
Discovering vulnerabilities in firmware through concolic analysis and function clustering.
-
Telegram-Trilateration
Proof of concept for abusing Telegram's "People Near Me" feature and tracking people's location
-
Project mention: List of public collections of PoCs on github to learn from 🍻🇺🇸❤ | reddit.com/r/hacking | 2021-12-16
-
Project mention: m8r0wn/ActiveReign - A Network Enumeration and Attack Toolset for Windows Active Directory Environments. | reddit.com/r/GithubSecurityTools | 2021-05-31
-
DDOS-RootSec
DDOS Archive by RootSec (Scanners, BotNets (Mirai and QBot Premium & Normal and more), Exploits, Methods, Sniffers)
-
RomBuster
RomBuster is a router exploitation tool that allows to disclosure network router admin password.
Project mention: RomBuster is a router exploitation tool that allows to disclosure network router admin password - Exploits vulnerabilities in most popular routers such as D-Link, Zyxel, TP-Link and Huawei. | reddit.com/r/blueteamsec | 2021-07-07 -
stuff
Unsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest (by hugsy)
-
Exploit-Discord-Cache-System-PoC
🗄️ Exploit Discord's cache system to remote upload payloads to Discord users machines (possible malware dropper for e.g. targeting specific victims)
-
Project mention: How to find information about any type of CVE and use it to exploit against other machines? | reddit.com/r/HowToHack | 2022-03-17
-
CamRaptor
CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials.
Project mention: CamRaptor: Herramienta que aprovecha varias vulnerabilidades de las cámaras DVR 🤯 | reddit.com/r/u_esgeeks | 2021-12-31 -
Project mention: SonicWall SMA-100 Unauth RCE Exploit (CVE-2021-20038) - full exploit - brace brace brace | reddit.com/r/blueteamsec | 2022-01-11
-
After studing, what was the flaw a written a custom exploit for this specific CVE which will give us RCE on the server, you can find that exploit here.
-
Project mention: Win7Blue: Scan & #Exploit - #EternalBlue MS17-010 - Windows 7 x86 & x64 🐞 | reddit.com/r/u_esgeeks | 2021-10-21
-
breaking-telegram
Simple PoC script that allows you to exploit telegram's "send with timer" feature by saving any media sent with this functionality.
Project mention: A Simple Script to Break Telegram Send with Timer Feature | news.ycombinator.com | 2021-11-24 -
Project mention: Backdoorcreator: Esta herramienta creará una puerta trasera y escuchará las conexiones entrantes 🟣 | reddit.com/r/u_esgeeks | 2021-08-08
Python Exploit related posts
- Does anyone has a clue on how to install GDB GEF on windows? any help is appreciated.
- CVE-2021-41951 ResourceSpace reflective XSS
- CVE-2021-41277 MetaBase Arbitrary File Read
- Hadoop Yarn RPC RCE
- CVE-2021-37580 Apache ShenYu 2.3.0/2.4.0 authentication bypass
- Win7Blue: Scan & #Exploit - #EternalBlue MS17-010 - Windows 7 x86 & x64 🐞
- tegal1337/NekoBotV1 - NekoBot | Auto Exploiter With 500+ Exploit 2000+ Shell
Index
What are some of the best open-source Exploit projects in Python? This list will help you:
Project | Stars | |
---|---|---|
1 | pwntools | 9,042 |
2 | gef | 4,578 |
3 | AutoSploit | 4,540 |
4 | wesng | 2,893 |
5 | Ghost | 1,611 |
6 | pwn_jenkins | 1,453 |
7 | featherduster | 970 |
8 | SIET | 510 |
9 | Firmware_Slap | 441 |
10 | Telegram-Trilateration | 408 |
11 | PocOrExp_in_Github | 403 |
12 | ActiveReign | 229 |
13 | DDOS-RootSec | 226 |
14 | RomBuster | 190 |
15 | stuff | 187 |
16 | Exploit-Discord-Cache-System-PoC | 159 |
17 | cve_searchsploit | 124 |
18 | CamRaptor | 105 |
19 | badblood | 68 |
20 | CVE-2021-41773 | 51 |
21 | Win7Blue | 43 |
22 | breaking-telegram | 42 |
23 | Backdoorcreator | 34 |
Are you hiring? Post a new remote job listing for free.