GitHub topics: rce | Ecosyste.ms: Repos

ViRb3/apk-utilities

🛠 Tools and scripts to manipulate Android APKs

Language: Python - Size: 124 MB - Last synced at: about 4 hours ago - Pushed at: over 1 year ago - Stars: 242 - Forks: 43

XiaomingX/proxy-pool

Python ProxyPool for web spider

Language: Python - Size: 1.43 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 80 - Forks: 10

SusmoyNath/CyberSecurity-Server_Side_Template_Injection

💥 ServerSideTemplateInjection (SSTI) Demo with Flask A simple Flask app to demonstrate Server-Side Template Injection vulnerabilities — useful for learning, testing, and understanding how SSTI works and how to avoid it.

Language: Python - Size: 0 Bytes - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 0 - Forks: 0

xsscx/Commodity-Injection-Signatures

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

Language: HTML - Size: 8.49 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 398 - Forks: 118

Repello-AI/mcp-exploit-demo

This repository demonstrates a security vulnerability in MCP (Model Context Protocol ) servers that allows for remote code execution and data exfiltration through tool poisoning.

Language: Python - Size: 18.6 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 2 - Forks: 0

reddelexc/hackerone-reports

Top disclosed reports from HackerOne

Language: Python - Size: 9.25 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 4,458 - Forks: 815

IronLockerRs/IronLocker-Ransomware

STRONGEST RAAS EVER

Language: C++ - Size: 5.86 KB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 0 - Forks: 0

cunhatad/XWorm-RCE-Patch

Patches the RCE Exploit in XWorm

Size: 20.9 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 0 - Forks: 0

joshuavanderpoll/CVE-2021-3129

Laravel RCE Exploit Script - CVE-2021-3129

Language: Python - Size: 338 KB - Last synced at: 1 day ago - Pushed at: 7 months ago - Stars: 104 - Forks: 23

turrab1349/xss-test

A simple XSS payload host for testing and demonstrating stored/reflected XSS using GitHub Pages. Useful for bug bounty & security research.

Language: HTML - Size: 59.6 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 1 - Forks: 1

vladko312/SSTImap

Automatic SSTI detection tool with interactive interface

Language: Python - Size: 161 KB - Last synced at: 4 days ago - Pushed at: 6 months ago - Stars: 1,050 - Forks: 127

unlock-security/wshell

A handy interactive shell through {code,command,template} injection

Language: Python - Size: 192 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 8 - Forks: 0

verylazytech/CVE-2025-29306

Language: Shell - Size: 7.81 KB - Last synced at: 5 days ago - Pushed at: 6 days ago - Stars: 1 - Forks: 0

GhostTroops/TOP

TOP All bugbounty pentesting CVE-2023- POC Exp RCE example payload Things

Language: Shell - Size: 1.38 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 694 - Forks: 119

petercunha/jenkins-rce

:smiling_imp: Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!

Language: Java - Size: 14.6 KB - Last synced at: about 23 hours ago - Pushed at: almost 6 years ago - Stars: 295 - Forks: 66

verylazytech/CVE-2025-3248

Language: Python - Size: 9.77 KB - Last synced at: 6 days ago - Pushed at: 7 days ago - Stars: 1 - Forks: 0

RainbowSoftwares/XWorm-RCE-Patch

Patches the RCE Exploit in XWorm

Size: 0 Bytes - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 0 - Forks: 0

islam-bld/Adobe-Acrobat

Adobe-Acrobat-is-a-powerful-PDF-solution-for-creating,-editing,-managing,-and-securing-documents

Language: JavaScript - Size: 2.93 KB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 0 - Forks: 0

tarunkant/Gopherus

This tool generates gopher link for exploiting SSRF and gaining RCE in various servers

Language: Python - Size: 280 KB - Last synced at: 9 days ago - Pushed at: about 2 years ago - Stars: 3,034 - Forks: 387

1N3/BlackWidow

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Language: Python - Size: 209 KB - Last synced at: 9 days ago - Pushed at: 5 months ago - Stars: 1,607 - Forks: 363

LandGrey/SpringBootVulExploit

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

Language: Java - Size: 132 KB - Last synced at: 10 days ago - Pushed at: about 4 years ago - Stars: 5,916 - Forks: 1,315

genisis2025/Adobe-Acrobat

Adobe-Acrobat-is-a-powerful-PDF-solution-for-creating,-editing,-managing,-and-securing-documents

Language: JavaScript - Size: 2.93 KB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 0 - Forks: 0

zhzyker/vulmap

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

Language: Python - Size: 3.28 MB - Last synced at: 9 days ago - Pushed at: almost 2 years ago - Stars: 3,456 - Forks: 572

nemesida-waf/waf-bypass

Check your WAF before an attacker does

Language: Python - Size: 727 KB - Last synced at: 11 days ago - Pushed at: 3 months ago - Stars: 1,357 - Forks: 172

k8gege/K8tools

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Language: PowerShell - Size: 595 MB - Last synced at: 12 days ago - Pushed at: 3 months ago - Stars: 5,960 - Forks: 2,068

JoyChou93/java-sec-code

Java web common vulnerabilities and security code which is base on springboot and spring security

Language: Java - Size: 457 KB - Last synced at: 12 days ago - Pushed at: 5 months ago - Stars: 2,493 - Forks: 679

p0dalirius/Awesome-RCE-techniques

Awesome list of step by step techniques to achieve Remote Code Execution on various apps!

Language: Dockerfile - Size: 12.4 MB - Last synced at: 10 days ago - Pushed at: over 1 year ago - Stars: 1,883 - Forks: 223

so1icitx/CVE-2024-25600

Unauthenticated RCE exploit for CVE-2024-25600 in WordPress Bricks Builder <= 1.9.6. Executes arbitrary code remotely.

Language: Python - Size: 23.4 KB - Last synced at: 3 days ago - Pushed at: 18 days ago - Stars: 9 - Forks: 5

IlyaFerens/Adobe-Acrobat

Adobe Acrobat is a powerful PDF solution for creating, editing, managing, and securing documents

Size: 1.95 KB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 0 - Forks: 0

akii2423/Adobe-Acrobat

Adobe Acrobat is a powerful PDF solution for creating, editing, managing, and securing documents

Size: 0 Bytes - Last synced at: 13 days ago - Pushed at: 14 days ago - Stars: 0 - Forks: 0

lucasryan686/Adobe-Acrobat

Adobe Acrobat is a powerful PDF solution for creating, editing, managing, and securing documents

Size: 1.95 KB - Last synced at: 13 days ago - Pushed at: 14 days ago - Stars: 0 - Forks: 0

Feysis/Adobe-Acrobat

Adobe Acrobat is a powerful PDF solution for creating, editing, managing, and securing documents

Size: 1.95 KB - Last synced at: 13 days ago - Pushed at: 14 days ago - Stars: 0 - Forks: 0

XiaomingX/awesome-codeql-note

学习 CodeQL 过程中参考的资料

Language: CodeQL - Size: 8.81 MB - Last synced at: about 23 hours ago - Pushed at: 5 months ago - Stars: 3 - Forks: 0

n3rada/toboggan

🛝 Toboggan is a CLI tool that transforms any Remote Command Execution (RCE) into a functional dumb shell. Designed for constrained environments (e.g., firewalls) where traditional reverse shells are impractical, it can leverage a TTY shell on Linux using named pipes.

Language: Python - Size: 1.57 MB - Last synced at: 11 days ago - Pushed at: 14 days ago - Stars: 9 - Forks: 1

sickcodes/no-sandbox

No Sandbox - Applications That Run Chromium and Chrome Without The Sandbox. TL;DR exploits in these browser based applications are already sandboxed escaped: https://no-sandbox.io/

Size: 192 KB - Last synced at: 3 days ago - Pushed at: about 4 years ago - Stars: 183 - Forks: 12

mrmtwoj/CVE-2023-25136

This vulnerability is of the "double-free" type, which occurs during the processing of key exchange (KEX) algorithms in OpenSSH. A "double-free" vulnerability happens when memory that has already been freed is freed again. This issue can indirectly lead to remote code execution (RCE) by an attacker.

Language: Python - Size: 3.91 KB - Last synced at: 12 days ago - Pushed at: 3 months ago - Stars: 1 - Forks: 0

shahidmanzoor1/Adobe-Acrobat

Adobe Acrobat is a powerful PDF solution for creating, editing, managing, and securing documents

Size: 1.95 KB - Last synced at: 14 days ago - Pushed at: 14 days ago - Stars: 0 - Forks: 0

gquere/pwn_jenkins

Notes about attacking Jenkins servers

Language: Python - Size: 174 KB - Last synced at: 11 days ago - Pushed at: 10 months ago - Stars: 2,047 - Forks: 335

nemmusu/php-in-jpg

php-in-jpg is a simple yet flexible tool that generates .jpg image files embedding PHP payloads, designed to support PHP RCE polyglot techniques.

Language: Python - Size: 44.9 KB - Last synced at: 14 days ago - Pushed at: 14 days ago - Stars: 1 - Forks: 0

cocomelonc/vulnexipy

Vulnerabilities exploitation examples, python

Language: Python - Size: 52.1 MB - Last synced at: 2 days ago - Pushed at: almost 2 years ago - Stars: 20 - Forks: 6

Err0r-ICA/SCANter

Websites Vulnerability Scanner

Language: Python - Size: 99.6 KB - Last synced at: 13 days ago - Pushed at: 6 months ago - Stars: 70 - Forks: 14

tr0uble-mAker/POC-bomber

利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点

Language: Python - Size: 51.3 MB - Last synced at: 15 days ago - Pushed at: almost 2 years ago - Stars: 2,296 - Forks: 381

robertugo2/ha_rce Fork of jacek2511/ha_rce

Rynkowa cena energii elektrycznej (RCE)

Language: Python - Size: 227 KB - Last synced at: 5 days ago - Pushed at: 17 days ago - Stars: 2 - Forks: 0

pen4uin/java-echo-generator

一款支持自定义的 Java 回显载荷生成工具｜A customizable Java echo payload generation tool.

Language: Java - Size: 1.95 MB - Last synced at: 15 days ago - Pushed at: 3 months ago - Stars: 422 - Forks: 40

insightglacier/Dictionary-Of-Pentesting

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Language: Shell - Size: 240 MB - Last synced at: 17 days ago - Pushed at: almost 2 years ago - Stars: 1,967 - Forks: 361

JKornev/hidden

🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

Language: C - Size: 665 KB - Last synced at: 15 days ago - Pushed at: almost 3 years ago - Stars: 1,889 - Forks: 496

andripwn/PayloadsAll

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Language: HTML - Size: 439 KB - Last synced at: about 9 hours ago - Pushed at: almost 6 years ago - Stars: 46 - Forks: 15

Whoopsunix/JavaRce

Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式

Language: Java - Size: 572 KB - Last synced at: 18 days ago - Pushed at: about 2 months ago - Stars: 508 - Forks: 59

VoidSec/Exploit-Development

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

Language: Python - Size: 265 MB - Last synced at: 10 days ago - Pushed at: almost 2 years ago - Stars: 220 - Forks: 52

VisualCodings/VisualSploit

Language: C# - Size: 4.18 MB - Last synced at: 21 days ago - Pushed at: 21 days ago - Stars: 1 - Forks: 0

TheRedP4nther/limesurvey-6.6.4-authenticated-rce

Authenticated RCE exploit for LimeSurvey 6.6.4 using a malicious plugin upload. Python script for ethical security testing.

Language: Python - Size: 19.5 KB - Last synced at: 22 days ago - Pushed at: 22 days ago - Stars: 1 - Forks: 1

LandGrey/spring-boot-upload-file-lead-to-rce-tricks

spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧

Language: Java - Size: 208 KB - Last synced at: 18 days ago - Pushed at: about 4 years ago - Stars: 700 - Forks: 74

cn-panda/JavaCodeAudit

Getting started with java code auditing 代码审计入门的小项目

Language: JavaScript - Size: 58 MB - Last synced at: 19 days ago - Pushed at: about 2 years ago - Stars: 908 - Forks: 119

leonjza/log4jpwn

log4j rce test environment and poc

Language: Python - Size: 1.09 MB - Last synced at: 15 days ago - Pushed at: over 3 years ago - Stars: 310 - Forks: 88

operatorequals/covertutils 📦

A framework for Backdoor development!

Language: Python - Size: 2.01 MB - Last synced at: 4 days ago - Pushed at: about 7 years ago - Stars: 437 - Forks: 68

ekomsSavior/HID-bluetooth-injection-for-spam-jam

Bluetooth HID Injection for spam jam and GeeekPi nRF52840 USB Dongle

Language: C++ - Size: 20.5 KB - Last synced at: 23 days ago - Pushed at: 23 days ago - Stars: 2 - Forks: 0

SafeBreach-Labs/SirepRAT

Remote Command Execution as SYSTEM on Windows IoT Core (releases available for Python2.7 & Python3)

Language: Python - Size: 6.25 MB - Last synced at: 17 days ago - Pushed at: over 4 years ago - Stars: 379 - Forks: 89

Mr-xn/Penetration_Testing_POC

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Language: HTML - Size: 2.62 GB - Last synced at: 24 days ago - Pushed at: 24 days ago - Stars: 6,770 - Forks: 1,976

AabyssZG/Docker-TCP-Scan

旨在以攻促防，针对Docker TCP socket的开源利用工具

Language: Python - Size: 1.19 MB - Last synced at: 17 days ago - Pushed at: 8 months ago - Stars: 336 - Forks: 32

z3k0sec/CVE-2024-9264-RCE-Exploit

Grafana RCE exploit (CVE-2024-9264)

Language: Python - Size: 7.81 KB - Last synced at: 21 days ago - Pushed at: 6 months ago - Stars: 16 - Forks: 3

flast101/php-8.1.0-dev-backdoor-rce

PHP 8.1.0-dev Backdoor System Shell Script

Language: Python - Size: 1.69 MB - Last synced at: 8 days ago - Pushed at: almost 4 years ago - Stars: 91 - Forks: 22

XiphosResearch/exploits

Miscellaneous exploit code

Language: Python - Size: 2.41 MB - Last synced at: 21 days ago - Pushed at: over 1 year ago - Stars: 1,548 - Forks: 585

DeveloperAvik/Hacking-payloads

The **Hacking-Payloads** repository on GitHub offers a collection of payloads and scripts for ethical hacking, penetration testing, and cybersecurity research. It provides a diverse set of tools for security professionals to test system vulnerabilities in a controlled, legal environment.

Size: 18.6 KB - Last synced at: 26 days ago - Pushed at: 26 days ago - Stars: 0 - Forks: 0

j0wittmann/Attacking-DVWA

A step-by-step guide to exploiting common web vulnerabilities using DVWA (Damn Vulnerable Web Application)

Size: 147 KB - Last synced at: 26 days ago - Pushed at: 26 days ago - Stars: 0 - Forks: 0

LandGrey/CVE-2019-7609

exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts

Language: Python - Size: 32.2 KB - Last synced at: 23 days ago - Pushed at: over 1 year ago - Stars: 162 - Forks: 64

carinewlimits/Adobe-Acrobat-Reader

industry-leading software for viewing, printing, and annotating PDF documents.

Size: 2.93 KB - Last synced at: 26 days ago - Pushed at: 26 days ago - Stars: 0 - Forks: 0

ricardojoserf/emqx-RCE

EMQX Dashboard Malicious Plugin leading to RCE

Language: Erlang - Size: 27.3 KB - Last synced at: 27 days ago - Pushed at: 27 days ago - Stars: 2 - Forks: 0

DRAGOWN/CVE-2025-26264

CVE-2025-26264 - GeoVision GV-ASWeb with the version 6.1.2.0 or less, contains a Remote Code Execution (RCE) vulnerability within its Notification Settings feature. An authenticated attacker with "System Settings" privileges in ASWeb can exploit this flaw to execute arbitrary commands on the server, leading to a full system compromise.

Size: 10.7 KB - Last synced at: 27 days ago - Pushed at: 27 days ago - Stars: 0 - Forks: 0

k8gege/CiscoExploit

Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)

Language: Python - Size: 1.4 MB - Last synced at: 15 days ago - Pushed at: almost 6 years ago - Stars: 133 - Forks: 59

SummerSec/SpringExploit

🚀 一款为了学习go而诞生的漏洞利用工具

Language: Go - Size: 187 KB - Last synced at: 17 days ago - Pushed at: almost 3 years ago - Stars: 446 - Forks: 53

herwonowr/exprolog

ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)

Language: Python - Size: 368 KB - Last synced at: 4 days ago - Pushed at: over 3 years ago - Stars: 179 - Forks: 40

GhostTroops/go4Hacker

Automated penetration and auxiliary systems, providing XSS, XXE, DNS log, SSRF, RCE, web netcat and other Servers,gin-vue-admin，online https://51pwn.com

Language: Go - Size: 12 MB - Last synced at: 18 days ago - Pushed at: about 1 month ago - Stars: 147 - Forks: 26

Mr-xn/sunlogin_rce

向日葵 RCE

Language: Go - Size: 13.3 MB - Last synced at: 18 days ago - Pushed at: about 3 years ago - Stars: 483 - Forks: 195

AiGptCode/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956

WordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries

Language: Python - Size: 59.6 KB - Last synced at: 11 days ago - Pushed at: 10 months ago - Stars: 105 - Forks: 25

gh0x0st/RCE_Web_Shell_Python

A python approach to interacting with web shells.

Language: Python - Size: 1.77 MB - Last synced at: 18 days ago - Pushed at: over 4 years ago - Stars: 30 - Forks: 9

XiaomingX/awesome-webshell

A curated collection of webshells for various platforms, including PHP, ASP, JSP, and more. This repository provides a comprehensive and organized list of webshells used for testing, penetration testing, or educational purposes

Language: PHP - Size: 98.1 MB - Last synced at: about 22 hours ago - Pushed at: 5 months ago - Stars: 8 - Forks: 3

jm33-m0/mec

for mass exploiting

Language: Python - Size: 46.9 MB - Last synced at: 19 days ago - Pushed at: almost 3 years ago - Stars: 602 - Forks: 155

Acceis/exploit-CVE-2022-24780

iTop < 2.7.6 - (Authenticated) Remote command execution

Language: Ruby - Size: 9.77 KB - Last synced at: 15 days ago - Pushed at: over 2 years ago - Stars: 6 - Forks: 4

bdbhaislive/Adobe-Acrobat

Adobe Acrobat is a powerful PDF solution for creating, editing, managing, and securing documents

Size: 3.91 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

XiphosResearch/netelf

Run executables from memory, over the network, on Windows, Linux, OpenVMS... routers... spaceships... toasters etc.

Language: C - Size: 480 KB - Last synced at: 24 days ago - Pushed at: over 7 years ago - Stars: 283 - Forks: 33

safebuffer/CVE-2024-32002

CVE-2024-32002 RCE PoC

Language: Shell - Size: 2.93 KB - Last synced at: 20 days ago - Pushed at: 11 months ago - Stars: 105 - Forks: 26

Dliv3/redis-rogue-server

Redis 4.x/5.x RCE

Language: Python - Size: 24.4 KB - Last synced at: 18 days ago - Pushed at: over 4 years ago - Stars: 541 - Forks: 149

klezVirus/CVE-2021-40444

CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit

Language: HTML - Size: 999 KB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 806 - Forks: 171

sec-report/SecReport

ChatGPT加持的，多人在线协同信息安全报告编写平台。目前支持的报告类型：渗透测试报告，APP隐私合规报告。

Language: Python - Size: 407 KB - Last synced at: 18 days ago - Pushed at: about 2 months ago - Stars: 173 - Forks: 19

brightio/penelope

Penelope Shell Handler

Language: Python - Size: 244 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 847 - Forks: 113

p0dalirius/Joomla-webshell-plugin

A webshell plugin and interactive shell for pentesting a Joomla website.

Language: Python - Size: 3.14 MB - Last synced at: 16 days ago - Pushed at: almost 3 years ago - Stars: 50 - Forks: 12

nollium/CVE-2024-9264

Exploit for Grafana arbitrary file-read and RCE (CVE-2024-9264)

Language: Python - Size: 53.7 KB - Last synced at: 17 days ago - Pushed at: 4 months ago - Stars: 90 - Forks: 17

geniuszly/CVE-2022-46080

it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.

Language: Python - Size: 8.79 KB - Last synced at: 12 days ago - Pushed at: 8 months ago - Stars: 6 - Forks: 0