Top 23 Poc Open-Source Projects

• ysoserial

  13 7,382 4.6 Java

  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Project mention: anybody got ysoserial to work in kali 2022 running java v17? | /r/oscp | 2023-06-24

• cve

  13 6,173 9.8 HTML

  Gather and update all available and newest CVEs with their PoC.

  

Project mention: Strange subdomain found during nmap scan | /r/cybersecurity | 2023-12-06

Did you try using https://trickest.com?

• Scout Monitoring

  www.scoutapm.com featured

  Free Django app performance insights with Scout Monitoring. Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.

  

• PoC-in-GitHub

  3 6,065 9.9

  📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

  

Project mention: How do you stay on top of new vulnerabilities or CVEs? | /r/cybersecurity | 2023-12-07

• awesome-cve-poc

  2 3,213 0.0

  ✍️ A curated list of CVE PoCs.

• afrog

  1 2,904 9.6 Go

  A Security Tool for Bug Bounty, Pentest and Red Teaming.

Project mention: Afrog explained for bug bounty hunters | dev.to | 2023-12-28

• CVE-2024-1086

  2 1,966 6.8 C

  Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

Project mention: Universal local privilege escalation exploit for CVE-2024-1086 | news.ycombinator.com | 2024-04-11

• CVE-2020-0796

  2 1,286 0.0 C

  CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

• InfluxDB

  www.influxdata.com featured

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• poc

  1 1,189 3.0 Python

  Proof of Concepts (by tenable)

  

• CVE-2021-4034

  3 1,021 0.0 C

  PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034) (by arthepsy)

• CVE-2021-44228-PoC-log4j-bypass-words

  8 924 0.0 Java

  🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

• awesome-list-of-secrets-in-environment-variables

  8 843 0.0

  🦄🔒 Awesome list of secrets in environment variables 🖥️

• PocOrExp_in_Github

  1 846 10.0 Python

  聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

• Drupalgeddon2

  2 562 0.0 Ruby

  Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)

• DeepfakeHTTP

  34 503 1.8 Java

  DeepfakeHTTP is a web server that uses HTTP dumps as a source for responses.

• cve-maker

  6 434 5.8 Python

  Tool to find CVEs and Exploits.

• SBSCAN

  1 426 8.3 Python

  SBSCAN是一款专注于spring框架的渗透测试工具，可以对指定站点进行springboot未授权扫描/敏感信息扫描以及进行spring框架漏洞扫描与验证的综合利用工具。 [SBSCAN is a penetration testing tool focused on the spring framework that can scan springboot sensitive information/unauthorized for specified sites and scan and validate spring related vulnerabilities]

Project mention: A penetration testing tool for the spring framework | /r/cybersecurity | 2023-10-27

$ git clone https://github.com/sule01u/SBSCAN.git $ cd SBSCAN $ pip3 install -r requirements.txt $ python3 sbscan.py --help

• CVE-2022-21894

  5 276 2.4 C

  baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability

• CVE-2023-25690-POC

  2 254 4.7 Dockerfile

  CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.

• ransomwhere

  3 198 5.1 Go

  A PoC ransomware sample to test out your ransomware response strategy.

• dheater

  9 174 6.4 Python

  D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange. (read-only clone of the original GitLab project)

  

• hackEmbedded

  1 168 5.6 Python

  This tool is used for backdoor,shellcode generation,Information retrieval and POC arrangement for various architecture devices

• PoC-CVE-2022-30190

  1 157 2.6 Python

  POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina

• PoC_CVEs

  41 156 9.5

  PoC_CVEs

• SaaSHub

  www.saashub.com featured

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Poc related posts

• Universal local privilege escalation exploit for CVE-2024-1086

  1 project | news.ycombinator.com | 11 Apr 2024

• Strange subdomain found during nmap scan

  1 project | /r/cybersecurity | 6 Dec 2023

• A folosit cineva până acum Trickest?

  1 project | /r/programare | 5 Dec 2023

• CVE POCs

  1 project | /r/fixmybrain | 30 Aug 2023

• windows exploit dev ctfs

  1 project | /r/ExploitDev | 18 Apr 2023

• Asking for Advice - How can we find Linux N-days to develop exploits for?

  1 project | /r/ExploitDev | 18 Apr 2023

• Can someone point me to a list of exploited vulnerabilities and the incident or breach that exploited them?

  2 projects | /r/AskNetsec | 15 Mar 2023
• A note from our sponsor - InfluxDB
  www.influxdata.com | 1 Jun 2024

  Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com