30 open-source projects similar to questescape/exploit, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Exploit alternative.
dirtyfrag is a proof-of-concept exploit for Linux kernel privilege escalation. It targets page-cache write vulnerabilities to elevate user permissions to administrative root levels. The project demonstrates a deterministic exploit chain that utilizes functional proofs-of-concept for vulnerabilities in the xfrm-ESP protocol implementation and the RxRPC mechanism. By chaining these memory corruption vulnerabilities, the exploit achieves root access without relying on timing-based race conditions. The tool covers kernel memory manipulation and the development of exploit chains to test local pri
Exphub is a CVE exploit script library and enterprise software vulnerability suite designed to verify and exploit known security flaws in server environments such as WebLogic, Struts2, Tomcat, and JBoss. It functions as a remote code execution toolkit and a web shell deployment framework for triggering unauthorized command execution and establishing persistent access on remote systems. The project includes specialized utilities for internal network reconnaissance, specifically using server-side request forgery to scan for open ports and services. It further provides mechanisms for bypassing a
A root exploit for CVE-2022-0847 (Dirty Pipe)
This is where I'm uploading kernel exploits written by me
A Go implementation of copyfail (CVE-2026-31431)
Exploits for Android Binder bug CVE-2020-0041
Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore.
PoC CVE-2017-5123 - LPE - Bypassing SMEP/SMAP. No KASLR
A PoC application demonstrating the power of an Android kernel arbitrary R/W.
Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.
Temproot for Pixel 2 and Pixel 2 XL via CVE-2019-2215
Exploits of Team Orca from Sea Security and Qrious Secure for multiple vulnerabilities in Netfilter's nf_table module.
The exploitation is tested on Ubuntu22.04 official source code 5.15.0-25.25
A basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)
This project is a public exploit code archive and vulnerability database. It serves as a collection of documented software exploits and vulnerability data, providing a reference library of exploit scripts and payloads used to validate security flaws in target environments. The archive supports security threat intelligence, vulnerability research, and penetration testing workflows. It functions as a historical record of software vulnerabilities and the proof-of-concept code used to trigger them. The codebase is organized through directory-based categorization and flat-file data storage, utili
Dirty Pipe root exploit for Android (Pixel 6)
This is proof-of-concept code for leaking host KASLR bits from a KVM guest based on the cool research “TagBleed: Breaking KASLR on the Isolated Kernel Address Space using Tagged TLBs” by VUSec 1. Some notes from the paper and references: