Thanks to visit codestin.com
Credit goes to github.com

sixteen250

Follow

sixteen250

Follow

6 followers · 23 following

Stars

Poc&Exp

Poc&Exp

117 repositories

horizon3ai / CVE-2022-1388

POC for CVE-2022-1388

Python 231 38 Updated May 9, 2022

SummerSec / ShiroAttack2

shiro反序列化漏洞综合利用,包含（回显执行命令/注入内存马）修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack

Java 2,328 281 Updated Apr 10, 2024

Mr-xn / JNDIExploit-1

一款用于 JNDI注入利用的工具，大量参考/引用了 Rogue JNDI 项目的代码，支持直接植入内存shell，并集成了常见的bypass 高版本JDK的方式，适用于与自动化工具配合使用。（from https://github.com/feihong-cs/JNDIExploit）

Java 333 128 Updated Aug 8, 2025

fox-it / log4j-finder

Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)

Python 437 97 Updated Dec 27, 2022

jas502n / Log4j2-CVE-2021-44228

Remote Code Injection In Log4j

469 118 Updated Jan 18, 2022

0x727 / SpringBootExploit

项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。

Java 1,889 317 Updated Jan 15, 2024

z1un / TongdaOA-exp

TongdaOA 11.7 ~11.8 通达OA，任意用户登录+后台getshell

Python 86 24 Updated Jul 16, 2021

fullhunt / log4j-scan

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

Python 3,435 740 Updated Nov 23, 2022

welk1n / JNDI-Injection-Exploit

JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）

Java 2,761 738 Updated Mar 22, 2023

safesword / WebExp

2020年~2021年网站CMS、中间件、框架系统漏洞集合

Ruby 100 36 Updated Mar 3, 2021

dr0op / WeblogicScan

增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618，CVE-2019-2729检测，Python3支持

Python 965 182 Updated Jun 16, 2024

shack2 / Struts2VulsTools

Struts2系列漏洞检查工具

C# 433 85 Updated Sep 27, 2019

veracode-research / rogue-jndi

A malicious LDAP server for JNDI injection attacks

Java 1,069 227 Updated Sep 28, 2023

wyzxxz / heapdump_tool

heapdump敏感信息查询工具，例如查找 spring heapdump中的密码明文，AK,SK等

1,425 142 Updated May 21, 2024

Lotus6 / ThinkphpGUI

Thinkphp(GUI)漏洞利用工具，支持各版本TP漏洞检测，命令执行，getshell。

Java 1,537 184 Updated Jun 1, 2022

Jumbo-WJB / Exchange_SSRF

Some Attacks of Exchange SSRF ProxyLogon&ProxyShell

Python 167 34 Updated Oct 12, 2021

XiaoLi996 / OA-EXP

红队工具：各大OA利用工具，万户、致远、通达等

Python 260 41 Updated Jul 23, 2021

b1tg / CVE-2018-6065-exploit

JavaScript 2 Updated Apr 29, 2021

H4ckTh3W0r1d / Exploit_Scripts

Exploit_Scripts

Python 24 6 Updated Jul 22, 2021

luck-ying / Library-POC

基于Pocsuite3、goby编写的漏洞poc&exp存档

Python 876 202 Updated Apr 12, 2024

DawnFlame / POChouse

POC&EXP仓库、hvv弹药库、Nday、1day

Python 1,082 274 Updated Nov 11, 2022

GTX690 / pocsuite3-pocs

整理一些利用pocsuite3编写的poc和exp

Python 14 Updated Jan 26, 2021

ym2011 / POC-EXP

Collecting and writing PoC or EXP for vulnerabilities on some application

Python 390 169 Updated Jun 2, 2021

rouze-d / pocsuite3-pocs

Simple Some POCs for Pocsuite3

Python 25 5 Updated Jan 7, 2021

mmioimm / shiro_echo

shiro 反序列化回显检测

Python 39 4 Updated Jul 5, 2021

sma11new / PocList

漏洞POC、EXP合集，持续更新。Apache Druid-任意文件读取（CVE-2021-36749）、ConfluenceRCE（CVE-2021-26084）、ZeroShell防火墙RCE（CVE-2019-12725）、ApacheSolr任意文件读取、蓝凌OA任意文件读取、phpStudyRCE、ShowDoc任意文件上传、原创先锋后台未授权、Kyan账号密码泄露、TerraMa…

Python 172 36 Updated Nov 21, 2021

safe6Sec / ThinkPHPLogScan

tp日志泄露扫描工具

Java 86 20 Updated Jul 10, 2025

zer0yu / Open-PoC

PoC for pocsuite3 and nuclei

Python 56 13 Updated Oct 5, 2022

fupinglee / ShiroScan

Shiro RememberMe 1.2.4 反序列化漏洞图形化检测工具(Shiro-550)

Java 862 98 Updated Dec 16, 2022

jas502n / CVE-2019-7238

Nexus Repository Manager 3 Remote Code Execution without authentication < 3.15.0

Python 84 27 Updated Aug 19, 2019