Clik here to view.
cmsPoc – A CMS Exploits Framework.
Legal Disclaimer: This project is made for educational and ethical testing purposes only。It is the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no...
View ArticleClik here to view.
kernelpop – kernel privilege escalation enumeration and exploitation framework.
kernelpop is a framework for performing automated kernel privilege escalation exploit enumeration on Linux, Mac-OSX, and Windows hosts. The default mode runs with the command python3 kernelpop.py. This...
View ArticleClik here to view.
WLT3Serial – Native Java-based deserialization exploits for WebLogic T3 (and...
WLT3Serial is an Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners (as outlined HERE). Requires third-party dependencies ysoserial and wlthint3client....
View ArticleClik here to view.
ASLRay – Linux ELF x32/x64 ASLR DEP/NX bypass exploits with stack-spraying.
ASLRay is a Linux ELF x32/x64 ASLR DEP/NX bypass exploit with stack-spraying. Properties: + ASLR bypass + DEP/NX bypass + Cross-platform + Minimalistic + Simplicity + Unpatchable Dependencies: – Linux...
View ArticleClik here to view.
ChimayRed – Reverse engineering of Mikrotik exploits from Vault 7 CIA Leaks.
LEGAL DISCLAMER: The author does not hold any responsibility about the bad use of this script, remember that attacking targets without prior concent its ilegal and punish by law, this script was build...
View ArticleClik here to view.
Meltdown Exploits PoC.
Meltdown Exploit PoC is a Speculative optimizations execute code in a non-secure manner leaving data traces in microarchitecture such as cache. How it works? It works by using /proc/kallsyms to find...
View ArticleClik here to view.
roxysploit is a community-supported, open-source and penetration testing suite.
Legal Disclamer: The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent is illegal and punished by law. roxysploit is a...
View ArticleClik here to view.
AutoSploit – Automated Mass Exploiter.
LEGAL DISCLAMER! The author does not hold any responsibility about the bad use of this script, remember that attacking targets without prior concent its ilegal and punish by law, this script was build...
View ArticleClik here to view.
ROPGenerator is a tool that makes ROP exploits easy.
ROPGenerator is a tool that makes ROP exploits easy. It enables you to automatically find gadgets or build ROP chains. The current version supports x86 and x64 binaries. Overview ROPGenerator uses the...
View ArticleClik here to view.
bst – Binary String Toolkit.
Summary The Binary String Toolkit or BST for short is a rather simple utility to convert binary strings to various formats suitable for later inclusions in source codes such as those used to develop...
View ArticleClik here to view.
Ikeext-Privesc : Windows IKEEXT DLL Hijacking Exploits Tool.
LEGAL DISCLAMER The author does not hold any responsibility about the bad use of this script, remember that attacking targets without prior concent its ilegal and punish by law, this script was build...
View ArticleClik here to view.
SIXNETtools – Tool for exploitation sixnet RTUs.
Legal Disclaimer: This Tools for Research and Learning Purpose Only! The goal of SIXNETtools was to demonstrate the critical lack of security inherent in certain applications on a SCADA network. This...
View Article