#exploits

Shells
sponsor
Shells

A script for generating common revshells fast and easily.

JNDI-Injection-Exploit
featured
JNDI-Injection-Exploit

Generates JNDI links can start several servers to exploit JNDI Injection vulnerabilities.

Kwetza
featured
Kwetza

Infect an existing Android application with a Meterpreter payload.

SiCat
SiCat

Advanced exploit search tool designed to identify and gather information about exploits.

D3m0n1z3dShell
D3m0n1z3dShell

An advanced tool for persistence in Linux.

whonow
whonow

A malicious DNS server for executing DNS Rebinding attacks on the fly.

Rootkit Hunter
Rootkit Hunter

Scans for rootkits, backdoors and possible local exploits.

Kage
Kage

Graphical user interface for Metasploit Meterpreter and session handler.

chkrootkit
chkrootkit

Locally checks for signs of a rootkit.

peda
peda

Python Exploit Development Assistance for GDB.

merlin
merlin

Cross-platform post-exploitation HTTP/2 Command & Control server and agent.

pwntools
pwntools

CTF framework and exploit development library.

Xenotix
Xenotix

An advanced Cross Site Scripting vulnerability detection and exploitation framework.

LFIDump
LFIDump

Dump remote files through a local file read or Local File Inclusion web vulnerability.

msfpc
msfpc

A quick way to generate various basic Meterpreter payloads via MSFvenom.

mitm6
mitm6

pwning IPv4 via IPv6.

NetExec
NetExec

Network service exploitation tool that helps automate assessing the security of large networks.

ufonet
ufonet

Denial of Service Toolkit.

fuxploider
fuxploider

File upload vulnerability scanner and exploitation tool.

BloodHound
BloodHound

Six Degrees of Domain Admin.

cve
cve

Gather and update all available and newest CVEs with their PoC.

P4wnP1 A.L.O.A.
P4wnP1 A.L.O.A.

Turn a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming or PE.

HTSHELLS
HTSHELLS

Self contained web shells and other attacks via .htaccess files.

Shellcrypt
Shellcrypt

A QoL tool to obfuscate shellcode.

DNSExfiltrator
DNSExfiltrator

Data exfiltration over DNS request covert channel.

toxssin
toxssin

Open-source penetration testing tool that automates the process of exploiting XSS.

DripLoader
DripLoader

Evasive shellcode loader for bypassing injection detection.

Nishang
Nishang

Offensive PowerShell for red team, penetration testing and offensive security.

unicorn
unicorn

Simple tool for using a PowerShell downgrade attack and inject shellcode into memory.

Hades
Hades

Go shellcode loader that combines multiple evasion techniques.

gef
gef

A modern experience for GDB with advanced debugging capabilities.

PyShell
PyShell

Multiplatform Python webshell.

Kraken
Kraken

A modular multi-language webshell.

Mimicry
Mimicry

A dynamic deception tool that actively deceives an attacker.

Reverse Shell Generator
Reverse Shell Generator

A tool to generate various ways to do a reverse shell.

phpsploit
phpsploit

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor.

LAZYPARIAH
LAZYPARIAH

Generate reverse shell payloads on the fly.

Storm breaker
Storm breaker

Social engineering tool, access eebcam & microphone & location finder.

mimikittenz
mimikittenz

A post-exploitation powershell tool for extracting juicy info from memory.

PowerShdll
PowerShdll

Run PowerShell with rundll32 in order to bypass software restrictions.

PSByPassCLM
PSByPassCLM

Bypass for PowerShell Constrained Language Mode.

Invoke-BSOD
Invoke-BSOD

For when you want a computer to be done - without admin!.

Invoke-PSImage
Invoke-PSImage

Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute.

unix-privesc-check
unix-privesc-check

Shell script to check for simple privilege escalation vectors on Unix systems.

windows-privesc-check
windows-privesc-check

Standalone executable to check for simple privilege escalation vectors.

VBad
VBad

VBA obfuscation tools combined with an MS Office document generator .

PowerSploit
PowerSploit

A PowerShell Post-Exploitation Framework.

FakeImageExploiter
FakeImageExploiter

Use a Fake image.jpg to exploit targets (hide known file extensions).

Vegile
Vegile

Post exploitation tool to maintain some level of acces.

Phishery
Phishery

An SSL enabled basic auth credential harvester with a Word document template URL injector.

upload_bypass
upload_bypass

File upload restrictions bypass by using different techniques!

reDuh
reDuh

Create a TCP circuit through validly formed HTTP requests.

reGeorg
reGeorg

Pwn a bastion webserver and create SOCKS proxies through the DMZ.

weevely3
weevely3

Weaponized web shell.

BetterBackdoor
BetterBackdoor

A backdoor with a multitude of features.

SUDO_KILLER
SUDO_KILLER

A tool to identify and exploit sudo rules misconfigurations and vulnerabilities.

Responder
Responder

Responder is a LLMNR, NBT-NS and MDNS poisoner.

linuxprivchecker
linuxprivchecker

A Linux privilege escalation check script.

Snaffler
Snaffler

A tool to help at finding delicious candy needles in a bunch of horrible boring haystacks.

TrevorC2
TrevorC2

A legitimate website that tunnels client/server communications for covert command execution.

Vulmap
Vulmap

Online local vulnerability scanners project.

Bypass URL Parser
Bypass URL Parser

Tool that tests MANY url bypasses to reach a 40X protected page.

SpoolSploit
SpoolSploit

Collection of Windows print spooler exploits and other utilities for practical exploitation.

PayGen
PayGen

Tool to generate stable undetected payload.

awesome-cve-poc
awesome-cve-poc

A collection about Proof of Concepts of Common Vulnerabilities and Exposures.

reapoc
reapoc

OpenSource Poc && Vulnerable-Target Storage Box.

ShellPop
ShellPop

Pop shells like a master.

yersinia
yersinia

A framework for layer 2 attacks.

Core Impact
Core Impact

Designed to enable security teams to conduct advanced penetration tests with ease.

GitHacker
GitHacker

A Git source leak exploit tool that restores the entire Git repository, including data from stash.

XSSRocket
XSSRocket

Written by Black Hat Ethical Hacking and #ChatGPT for offensive security and XSS attacks.

Ronin
Ronin

A free and open source Ruby toolkit for security research and development.

Canvas
Canvas

Assessment tool that allows penetration testing and hostile attack simulations.

windows-kernel-exploits
windows-kernel-exploits

A list of Windows kernel exploits.

Linux Exploit Suggester
Linux Exploit Suggester

Based on operating system release number.

AdvancedKeyHacks
AdvancedKeyHacks

API key/token exploitation made easy.

IntelSpy
IntelSpy

Perform automated network reconnaissance scans to gather network intelligence.

WES-NG
WES-NG

Windows Exploit Suggester - Next Generation.

Windows Exploit Suggester
Windows Exploit Suggester

Compares target patch levels against the Microsoft vulnerability DB to detect missing patches.

WinPwn
WinPwn

Automation for internal Windows pentest / AD-Security.

SharpImpersonation
SharpImpersonation

A User Impersonation tool - via Token or Shellcode injection.

DroneSploit
DroneSploit

Drone pentesting framework console.

Print-My-Shell
Print-My-Shell

Automate the process of generating various reverse shells.

pwncat
pwncat

Netcat on steroids with many extra features.

Rubeus
Rubeus

Rubeus is a toolkit for Kerberos interaction and abuses.

malicious-pdf
malicious-pdf

Generates a bunch of malicious pdf files with phone-home functionality.

AutoSploit
AutoSploit

Automated Mass Exploiter.

Hawkeye
Hawkeye

Filesystem analysis tool/directory looking for interesting stuff.

barq
barq

The AWS Cloud Post Exploitation framework!

RouterSploit
RouterSploit

Exploitation framework for embedded devices.

GyoiThon
GyoiThon

Growing penetration test tool using Machine Learning.

Kadimus
Kadimus

Check for and exploit LFI vulnerabilities with a focus on PHP systems.

RevShells
RevShells

Hosted Reverse Shell generator with a ton of functionality.

Exploitalert
Exploitalert

Exploits found on the INTERNET.

The Exploit Database
The Exploit Database

Archive of public exploits and corresponding vulnerable software.

Betterscan
Betterscan

Code Scanning/SAST/static analysis/linting using many tools/scanners with one report.

Hackingtool
Hackingtool

ALL IN ONE Hacking Tool For Hackers.

Payloads All The Things
Payloads All The Things

A list of useful payloads and bypass for Web Application Security.

SearchSploit
SearchSploit

Cli tool for Exploit-DB that also allows you to take a copy of Exploit Database with you.

Findsploit
Findsploit

Find exploits in local and online databases instantly.

getsploit
getsploit

Command line utility for searching and downloading exploits.

lnkbomb
lnkbomb

Malicious shortcut generator for collecting NTLM hashes from insecure file shares.

Shadow Workers
Shadow Workers

C2 and proxy designed to help in the exploitation of XSS and malicious Service Workers.

XSS'OR
XSS'OR

Hack with JavaScript.

XSS Hunter Express
XSS Hunter Express

The fastest way to set up XSS Hunter to test and find blind XSS vulnerabilities.

XSSer
XSSer

Automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications.

XSpear
XSpear

Powerfull XSS Scanning and Parameter analysis tool&gem.

JSShell
JSShell

An interactive multi-user web JS shell.

metahttp
metahttp

Script that automates the scanning of a target network for HTTP resources through XXE.

oxml_xxe
oxml_xxe

Embeds XXE/XML exploits into different filetypes.

XXEinjector
XXEinjector

Exploitation of XXE vulnerability using direct and different out of band methods.

XXExploiter
XXExploiter

Tool to help exploit XXE vulnerabilities.

LFI-Enum
LFI-Enum

Scripts to execute enumeration via LFI

Burp-to-SQLMap
Burp-to-SQLMap

Performing SQLInjection test on Burp Suite Bulk Requests using SQLMap.

Evil SQL Client
Evil SQL Client

Interactive .NET SQL console client with enhanced SQL Server discovery/access/exfiltration features.

grafana-ssrf
grafana-ssrf

Authenticated SSRF in Grafana.

Gopherus
Gopherus

Generates gopher link for exploiting SSRF and gaining RCE in various servers.

SSRFmap
SSRFmap

Automatic SSRF fuzzer and exploitation tool.

Requests-Racer
Requests-Racer

Exploit race conditions in web apps with Requests.

Oralyzer
Oralyzer

Open Redirection Analyzer.

ysoserial
ysoserial

Generates payloads that exploit unsafe Java object deserialization.

LFI Suite
LFI Suite

Totally Automatic LFI Exploiter and Scanner.

Liffy
Liffy

Local file inclusion exploitation tool.

XSRFProbe
XSRFProbe

The Prime Cross Site Request Forgery Audit and Exploitation Toolkit.

BeEF
BeEF

The Browser Exploitation Framework is a penetration testing tool that focuses on the web browser.

sns
sns

IIS shortname scanner written in Go.

Nginxpwner
Nginxpwner

Simple tool to look for common Nginx misconfigurations and vulnerabilities.

Metasploit
Metasploit

The world’s most used penetration testing framework.

Ghauri
Ghauri

Automates the process of detecting and exploiting SQL injection security flaws.

Wapiti
Wapiti

The web-application vulnerability scanner.

sqlmap
sqlmap

Automatic SQL injection and database takeover tool.

Commix
Commix

Automated All-in-One OS Command Injection Exploitation Tool.

DalFox
DalFox

Powerful open source XSS scanning tool and parameter analyzer.

XSStrike
XSStrike

Most advanced XSS scanner.

git-dumper
git-dumper

A tool to dump a git repository from a website.

Drupwn
Drupwn

Drupal enumeration & exploitation tool.