Open-source projects categorized as Poc Edit details

Top 23 Poc Open-Source Projects

  • ysoserial

    A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

    Project mention: Is Java as safe as we believe? | dev.to | 2022-04-20

    gadget chain attack: is a type of exploit where an attacker uses a series of "gadgets" — small pieces of code that perform a specific function — to execute a larger, more complex attack. By chaining together these gadgets, an attacker can gain control of a target system or perform other malicious actions. You can use ysoserial to create a serialize payload java -jar path/to/ysoserial.jar CommonsCollections4 'whoami'

  • cve

    Gather and update all available and newest CVEs with their PoC.

    Project mention: PoC available for CVE's | reddit.com/r/AskNetsec | 2022-03-31

    https://github.com/trickest/cve this repo might have what you want

  • Scout APM

    Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

  • awesome-cve-poc

    ✍️ A curated list of CVE PoCs.

    Project mention: Cybersecurity Repositories | reddit.com/r/netsecstudents | 2022-05-31

    CVE PoC

  • CVE-2020-0796

    CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

    Project mention: Compiling exploits (SMBGhost) | reddit.com/r/oscp | 2021-11-12

    Can someone tell me how to compile an exploit with both an .sln and a .cpp? Here is the exploit specifically: https://github.com/danigargu/CVE-2020-0796 I know I need to edit the .cpp with my own payload bit I don't know if I'm supposed to open the sln or the cpp in Visual Studio and compile it?

  • poc

    Proof of Concepts (by tenable)

  • CVE-2021-4034

    PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034) (by arthepsy)

    Project mention: How to configure polkit utility in centos 7 cve-2019-4034? please help. | reddit.com/r/Pentesting | 2022-06-15

    Yeah sure, I'm creating a vulnerable machine using pkexec utility which is vulnerable by this payload but I didn't downgrade the current version and didn't find any old package.

  • awesome-list-of-secrets-in-environment-variables

    🦄🔒 Awesome list of secrets in environment variables 🖥️

    Project mention: List of Secrets in Environment Variables | news.ycombinator.com | 2022-01-20
  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

  • Drupalgeddon2

    Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)

    Project mention: drupalgeddon2 is it allowed on the exam? | reddit.com/r/oscp | 2021-11-03

    I am referring to this:https://github.com/dreadlocked/Drupalgeddon2

  • PocOrExp_in_Github

    聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

    Project mention: List of public collections of PoCs on github to learn from 🍻🇺🇸❤ | reddit.com/r/hacking | 2021-12-16
  • CVE-2022-26134

    [PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE) (by Nwqda)

    Project mention: CVE-2022-26134 – Confluence Zero Day Remote Code Execution - live threat | reddit.com/r/blueteamsec | 2022-06-04
  • Exploit-Discord-Cache-System-PoC

    🗄️ Exploit Discord's cache system to remote upload payloads to Discord users machines (possible malware dropper for e.g. targeting specific victims)

  • PoC-CVE-2022-30190

    Project mention: Zero-Click MS Office RCE Proof of Concept (MSDT Follina) | news.ycombinator.com | 2022-06-01
  • revealin

    Uncover the full name of a target on Linkedin.

    Project mention: Revealin - Exploits a design flaw in Linkedin to uncover the fullname of a target when he has his name masked. | reddit.com/r/OSINT | 2021-07-28
  • corona-sniffer

    Contact Tracing BLE sniffer PoC

  • rwa-faunadb-reaflow-nextjs-magic

    Real-world app example - Real-time Editor, using FaunaDB (realtime stream), Reaflow (graph editor), Next.js framework and a bit of Magic (auth)!

  • DogWalk-rce-poc

    🐾Dogwalk PoC (using diagcab file to obtain RCE on windows)

    Project mention: If you want to play with Dogwalk windows vulnerability | reddit.com/r/hacking | 2022-06-14
  • blankspace

    Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893)

    Project mention: blankspace: Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893) | reddit.com/r/purpleteamsec | 2022-02-14
  • DNS-Fender

    A Proof-of-Concept tool utilizing open DNS resolvers to produce an amplification attack against web servers. Using Shodan APIs and native Linux commands, this tool is in development to cripple web servers using spoofed DNS recursive queries.

    Project mention: DNS-Fender: A Proof-of-Concept tool utilizing open DNS resolvers to produce an amplification attack against web servers. Using Shodan APIs and native Linux commands, this tool is in development to cripple web servers using spoofed DNS recursive queries. | reddit.com/r/blueteamsec | 2021-09-25
  • breaking-telegram

    Simple PoC script that allows you to exploit telegram's "send with timer" feature by saving any media sent with this functionality.

    Project mention: A Simple Script to Break Telegram Send with Timer Feature | news.ycombinator.com | 2021-11-24
  • Ethereum-Recurring-Payments

    A PoC for recurring payments on Ethereum using the ERC20 standard and a timelocked proxy of transferFrom().

    Project mention: PoC for Recurring Payments on Ethereum | reddit.com/r/eth | 2021-10-29
  • foxy-miner

    A scavenger / conqueror wrapper for collision free multi mining of PoC coins

  • unity-websocket-multiplayer

    POC for a Unity game client and dedicated server with websockets!

    Project mention: POC of a multiplayer game server with websockets. Feedback is appreciated. | reddit.com/r/golang | 2021-12-05
  • OnLearn

    A learning management system built with Node.js (In progress...)

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-06-15.

Poc related posts


What are some of the best open-source Poc projects? This list will help you:

Project Stars
1 ysoserial 5,424
2 cve 3,096
3 awesome-cve-poc 2,943
4 CVE-2020-0796 1,199
5 poc 1,021
6 CVE-2021-4034 871
7 awesome-list-of-secrets-in-environment-variables 716
8 Drupalgeddon2 515
9 PocOrExp_in_Github 444
10 CVE-2022-26134 233
11 Exploit-Discord-Cache-System-PoC 165
12 PoC-CVE-2022-30190 130
13 revealin 113
14 corona-sniffer 75
15 rwa-faunadb-reaflow-nextjs-magic 67
16 DogWalk-rce-poc 60
17 blankspace 54
18 DNS-Fender 47
19 breaking-telegram 43
20 Ethereum-Recurring-Payments 21
21 foxy-miner 17
22 unity-websocket-multiplayer 15
23 OnLearn 9
Find remote jobs at our new job board 99remotejobs.com. There are 2 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives