Open-source projects categorized as Exploit Edit details

Top 23 Exploit Open-Source Projects

  • Awesome-Hacking-Resources

    A collection of hacking / penetration testing resources to make you better!

    Project mention: Cybersecurity Repositories | reddit.com/r/netsecstudents | 2022-05-31

    Hacking Resources

  • h4cker

    This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

    Project mention: Cybersecurity Repositories | reddit.com/r/netsecstudents | 2022-05-31

    The Art of Hacking Series

  • Scout APM

    Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

  • pwntools

    CTF framework and exploit development library

    Project mention: Awesome CTF : Top Learning Resource Labs | reddit.com/r/TutorialBoy | 2021-11-13

    Pwntools - CTF Framework for writing exploits.

  • windows-kernel-exploits

    windows-kernel-exploits Windows平台提权漏洞集合

    Project mention: Need help with Privilege Escalation | reddit.com/r/oscp | 2022-04-12
  • ysoserial

    A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

    Project mention: Is Java as safe as we believe? | dev.to | 2022-04-20

    gadget chain attack: is a type of exploit where an attacker uses a series of "gadgets" — small pieces of code that perform a specific function — to execute a larger, more complex attack. By chaining together these gadgets, an attacker can gain control of a target system or perform other malicious actions. You can use ysoserial to create a serialize payload java -jar path/to/ysoserial.jar CommonsCollections4 'whoami'

  • traitor

    :arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

    Project mention: Exploiting | reddit.com/r/openSUSE | 2022-04-05

    How about traitor?

  • gef

    GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers

    Project mention: Debugging with GDB | news.ycombinator.com | 2022-03-21

    I still struggle with GDB but my excuse is that I seldom use it.

    When I was studying reverse engineering though, I came across a really cool kit (which I've yet to find an alternative for lldb, which would be nice given: rust)

    I'd recommend checking it out, if for no other reason than it makes a lot of things really obvious (like watching what value lives in which register).


    LLDB's closest alternative to this is called Venom, but it's not the same at all. https://github.com/ovh/venom

  • SonarLint

    Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.

  • AutoSploit

    Automated Mass Exploiter

    Project mention: Awesome Penetration Testing | dev.to | 2021-10-06

    AutoSploit - Automated mass exploiter, which collects target by employing the Shodan.io API and programmatically chooses Metasploit exploit modules based on the Shodan query.

  • linux-kernel-exploitation

    A collection of links related to Linux kernel security and exploitation

    Project mention: Cybersecurity Repositories | reddit.com/r/netsecstudents | 2022-05-31

    Linux Kernel Exploitation

  • cve

    Gather and update all available and newest CVEs with their PoC.

    Project mention: PoC available for CVE's | reddit.com/r/AskNetsec | 2022-03-31

    https://github.com/trickest/cve this repo might have what you want

  • wesng

    Windows Exploit Suggester - Next Generation

  • vulscan

    Advanced vulnerability scanning with Nmap NSE

    Project mention: Windows Volnurability Report | reddit.com/r/sysadmin | 2021-11-14
  • awesome-hacker-search-engines

    A list of search engines useful during Penetration testing, vulnerability assessments, red team operations, bug bounty and more

    Project mention: Your daily toolbox as a pentester | reddit.com/r/cybersecurity | 2022-06-25

    Awsome Hacker Search Engines : this GitHub gathers web sites to search some exploits and tools, depending on some hacking categories

  • Ghost

    Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. (by EntySec)

    Project mention: Some information and advice about DDoS, from someone who was there during #opPayback | reddit.com/r/anonymous | 2022-02-27
  • HackVault

    A container repository for my public web hacks!

  • one_gadget

    The best tool for finding one gadget RCE in libc.so.6

    Project mention: Awesome CTF : Top Learning Resource Labs | reddit.com/r/TutorialBoy | 2021-11-13

    one_gadget - A tool to find the one gadget execve('/bin/sh', NULL, NULL) call.

  • pwn_jenkins

    Notes about attacking Jenkins servers

  • TegraRcmGUI

    C++ GUI for TegraRcmSmash (Fusée Gelée exploit for Nintendo Switch)

    Project mention: Some advice needed for Micro SD card upgrade | reddit.com/r/SwitchPirates | 2022-06-21

    I use TegraRCMGui to inject the payloads, it has a helpful little picture to tell when your switch is detected.

  • Penetration-Testing-Tools

    A collection of more than 170+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

    Project mention: I wanted to find a MS Office DLL that exported a specific symbol. So I written a script that recursively scans PE imports/exports and prints them nicely: pic shows Exports in Office DLLs which names indicate they might exec something. Enjoy :) | reddit.com/r/WindowsSecurity | 2021-10-22
  • CVE-2020-0796

    CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

    Project mention: Compiling exploits (SMBGhost) | reddit.com/r/oscp | 2021-11-12

    Can someone tell me how to compile an exploit with both an .sln and a .cpp? Here is the exploit specifically: https://github.com/danigargu/CVE-2020-0796 I know I need to edit the .cpp with my own payload bit I don't know if I'm supposed to open the sln or the cpp in Visual Studio and compile it?

  • h-encore

    Fully chained kernel exploit for the PS Vita on firmwares 3.65-3.68

    Project mention: Playstation confirms chain of 5 vulnerabilities on PS4/PS5 | news.ycombinator.com | 2022-06-19
  • featherduster

    An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

    Project mention: Awesome CTF : Top Learning Resource Labs | reddit.com/r/TutorialBoy | 2021-11-13

    FeatherDuster - An automated, modular cryptanalysis tool.

  • AndroRAT

    A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side

    Project mention: Androrat | reddit.com/r/computers | 2022-04-23

    6- git clone https://github.com/karma9874/AndroRAT.git

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-06-25.

Exploit related posts


What are some of the best open-source Exploit projects? This list will help you:

Project Stars
1 Awesome-Hacking-Resources 12,135
2 h4cker 11,645
3 pwntools 9,174
4 windows-kernel-exploits 6,366
5 ysoserial 5,406
6 traitor 5,229
7 gef 4,668
8 AutoSploit 4,579
9 linux-kernel-exploitation 4,186
10 cve 3,096
11 wesng 2,947
12 vulscan 2,583
13 awesome-hacker-search-engines 2,279
14 Ghost 1,650
15 HackVault 1,605
16 one_gadget 1,602
17 pwn_jenkins 1,497
18 TegraRcmGUI 1,342
19 Penetration-Testing-Tools 1,262
20 CVE-2020-0796 1,199
21 h-encore 999
22 featherduster 974
23 AndroRAT 961
Find remote jobs at our new job board 99remotejobs.com. There are 2 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives