Exploit

Open-source projects categorized as Exploit
Edit details
Language: + Python + C + Java + Jupyter Notebook + Shell + Go + HTML + Lua + PowerShell + Ruby + JavaScript
Topics: Security Hacking Vulnerability Poc Cve
Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured

Top 23 Exploit Open-Source Projects

  • h4cker

    This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.

  • Awesome-Hacking-Resources

    A collection of hacking / penetration testing resources to make you better!

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • pwntools

    CTF framework and exploit development library

    • Project mention: PwnTools for Exploit Development | dev.to | 2023-08-20

    The Pwntools library stands out as a sophisticated toolset for CTF enthusiasts and security researchers. It aids in creating and executing shellcode, designing payloads, and interacting with remote processes. For instance, the context feature allows developers to switch between different architectures effortlessly, while the 'tube' module streamlines the communication between local and remote processes. And it's not just limited to Linux; the library has support for various platforms including Windows, making it versatile and comprehensive.

  • windows-kernel-exploits

    windows-kernel-exploits Windows平台提权漏洞集合

  • ysoserial

    A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

    • Project mention: anybody got ysoserial to work in kali 2022 running java v17? | /r/oscp | 2023-06-24

  • awesome-hacker-search-engines

    A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

  • traitor

    :arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

    • Project mention: Traitor – Automatic Linux privesc via exploitation of low-hanging fruits | news.ycombinator.com | 2023-06-12

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo

  • gef

    GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

    • Project mention: Beej's Quick Guide to GDB (2009) | news.ycombinator.com | 2023-11-05

    There is also GEF, which is widely used by the reverse engineering and CTF community.

    https://github.com/hugsy/gef

  • cve

    Gather and update all available and newest CVEs with their PoC.

    • Project mention: Strange subdomain found during nmap scan | /r/cybersecurity | 2023-12-06

    Did you try using https://trickest.com?

  • PoC-in-GitHub

    📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

    • Project mention: How do you stay on top of new vulnerabilities or CVEs? | /r/cybersecurity | 2023-12-07

  • linux-kernel-exploitation

    A collection of links related to Linux kernel security and exploitation

  • DefaultCreds-cheat-sheet

    One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

  • AutoSploit

    Automated Mass Exploiter

  • PhoneSploit-Pro

    An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.

  • wesng

    Windows Exploit Suggester - Next Generation

  • vulscan

    Advanced vulnerability scanning with Nmap NSE

    • Project mention: Scanning ports and finding network vulnerabilities using nmap | dev.to | 2023-12-01

    Few people know that nmap is not just for reconnaissance work. Among other things, it allows finding vulnerabilities based on scripts prepared by the community and the tool's developers. Examples include nmap-vulners, vulscan or already prepared scripts that are installed along with nmap.

  • AndroRAT

    A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side

  • Ghost

    Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. (by EntySec)

  • Penetration-Testing-Tools

    A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

  • one_gadget

    The best tool for finding one gadget RCE in libc.so.6

  • CVE-2024-1086

    Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

    • Project mention: Universal local privilege escalation exploit for CVE-2024-1086 | news.ycombinator.com | 2024-04-11

  • pwn_jenkins

    Notes about attacking Jenkins servers

  • HackVault

    A container repository for my public web hacks!

    • Project mention: What are polyglots and how to use them as a pentester | dev.to | 2023-12-03

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Exploit related posts

  • blooket-cheat VS blooket-hack - a user suggested alternative

    2 projects | 26 Apr 2024

  • Minecraft Randar Exploit

    1 project | news.ycombinator.com | 20 Apr 2024

  • Randar: A Minecraft exploit that uses LLL lattice reduction to crack server RNG

    4 projects | news.ycombinator.com | 17 Apr 2024

  • Universal local privilege escalation exploit for CVE-2024-1086

    1 project | news.ycombinator.com | 11 Apr 2024

  • Get Exploits of CVE,GHSA,EDB,ZDI,PSS,WLB,H1,Talos and Huntr IDs with One Utility

    1 project | news.ycombinator.com | 26 Jan 2024

  • blooket-hack VS repo-name - a user suggested alternative

    2 projects | 15 Nov 2023

  • PSA Region Changing via soft mods is now possible

    1 project | /r/WiiUHacks | 9 Nov 2023
  • A note from our sponsor - SaaSHub
    www.saashub.com | 4 May 2024
    SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source Exploit projects? This list will help you:

Project Stars
1 h4cker 16,589
2 Awesome-Hacking-Resources 14,697
3 pwntools 11,498
4 windows-kernel-exploits 7,712
5 ysoserial 7,308
6 awesome-hacker-search-engines 6,688
7 traitor 6,497
8 gef 6,499
9 cve 6,083
10 PoC-in-GitHub 5,973
11 linux-kernel-exploitation 5,319
12 DefaultCreds-cheat-sheet 5,266
13 AutoSploit 4,920
14 PhoneSploit-Pro 4,188
15 wesng 3,951
16 vulscan 3,319
17 AndroRAT 2,695
18 Ghost 2,533
19 Penetration-Testing-Tools 2,430
20 one_gadget 1,952
21 CVE-2024-1086 1,902
22 pwn_jenkins 1,894
23 HackVault 1,876

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com