Exploitation Tools

997 tools
ScreenConnect-AuthBypass-RCE
ScreenConnect-AuthBypass-RCE
Free Exploitation

ScreenConnect AuthBypass(cve-2024-1709) --> RCE!!!
Script
Script
Open Source Exploitation

A VSCode Workspace based hacking environment utils. Starting your Note-Driven Hacking experience.
Scripting
Scripting
Open Source Exploitation Forensics

PS / Bash / Python / Other scripts For FUN!
search_vulns
search_vulns
Open Source Exploitation

A modular tool to search for known vulnerabilities, exploits and more across various data sources
search-libc
search-libc
Open Source Exploitation

Web wrapper of niklasb/libc-database
SeaShell
SeaShell
Open Source Exploitation Post-Exploitation

SeaShell Framework is an iOS post-exploitation framework that enables you to access the device remotely, control it and extract sensitive in…
secator
secator
Free Exploitation Reconnaissance

secator - the pentester's swiss knife
Secbuild
Secbuild
Open Source Exploitation Reconnaissance

An automation tool to install the most popular tools for bug bounty or pentesting.
secfiles
secfiles
Open Source Exploitation Password Attacks

My useful files for penetration tests, security assessments, bug bounty and other security related stuff
SecNN-Wiki
SecNN-Wiki
Free Exploitation

Wiki漏洞库管理系统&网络安全知识库-渗透测试常见漏洞知识库文档-该网站收集了Web应用层漏洞、中间件安全缺陷、系统配置不当、移动端(Android)安全问题、权限提升、RCE、网络设备及IOT安全。
SecReport
SecReport
Open Source Exploitation Web Application

ChatGPT加持的,多人在线协同信息安全报告编写平台。目前支持的报告类型:渗透测试报告,APP隐私合规报告。
security-advisories
security-advisories
Free Exploitation

👮 Security advisories of Nextcloud
security-checker-action
security-checker-action
Open Source Exploitation

PHP Security Checker ====================
SecurityResearcher-Note
SecurityResearcher-Note
Free Exploitation Forensics

Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
SecurityTools
SecurityTools
Free Exploitation

搜集大量网络安全行业开源项目,旨在提供安全测试工具,提升渗透测试效率。 项目收集的思路: 一个是以攻击/漏洞视角出发的开源项目,经网络安全爱好者实践总结出的经验。 一个是从渗透测试流程出发,沿着信息收集到内网渗透的思路,总结出漏洞扫描、漏洞利用、后/域渗透等。 这个收集是一个长期…
sh4d0wup
sh4d0wup
Open Source Exploitation

Signing-key abuse and update exploitation framework
ShadowPhish
ShadowPhish
Free Exploitation Social Engineering

ShadowPhish is an advanced APT awareness toolkit designed to simulate real-world phishing, malware delivery, deepfakes, smishing/vishing, an…
ShannonBaseband
ShannonBaseband
Open Source Exploitation Reverse Engineering

Scripts, plugins, and information for working with Samsung's Shannon baseband.
SharpCovertTube
SharpCovertTube
Free Exploitation Post-Exploitation

Youtube as C2 channel - Control Windows systems uploading QR videos to Youtube
SharpGmailC2
SharpGmailC2
Open Source Exploitation Post-Exploitation

Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol
SharpPXE
SharpPXE
Open Source Exploitation

A C# tool for extracting information from SCCM PXE boot media.
SharpShellPipe
SharpShellPipe
Open Source Exploitation

This lightweight C# demo application showcases interactive remote shell access via named pipes and the SMB protocol.
sherlock
sherlock
Open Source Exploitation Forensics

Hunt down social media accounts by username across social networks
Sherlock
Sherlock
Open Source Exploitation Web Application

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublis…