4 repository-uri
Curated archives of proof-of-concept exploit code and vulnerability data used for security research and testing.
Distinct from Exploit Collections: The candidates are nested under awesome-lists, whereas this is the actual primary archive/database itself.
Explore 4 awesome GitHub repositories matching security & cryptography · Exploit Databases. Refine with filters or upvote what's useful.
ExploitDB is a curated archive of exploit code and vulnerability data designed for penetration testing and security research. It serves as an offensive security knowledge base and a repository of publicly available proof-of-concept code used to validate software flaws. The project provides a searchable collection of historical and current exploit vectors. It supports security threat intelligence by tracking public releases and aids in vulnerability research by providing a reference library for analyzing how specific systems can be compromised. The archive is managed through a curated input p
A curated collection of exploit code and vulnerability data for penetration testing and security research.
Traitor is a Linux privilege escalation framework and automated root exploit suite. It provides specialized utilities for scanning system misconfigurations and deploying automated exploit scripts on local Linux hosts to elevate user privileges to the root level. The tool identifies insecure system setups and binary vulnerabilities, such as GTFOBins, to map potential routes for gaining root access. It automates the process of discovering and exploiting these local vulnerabilities through targeted exploit execution and the deployment of sequential scripts. The system covers vulnerability asses
Executes a sequence of known exploits and misconfiguration attacks to automatically obtain a root shell.
w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities in web applications. It functions as a vulnerability scanner that crawls targets to find injection points and a fuzzer used to discover hidden endpoints and test input validation. The project distinguishes itself by providing an intercepting HTTP proxy for capturing and modifying traffic, combined with a knowledge-base driven exploitation system. It enables the execution of security exploits to gain remote shell access and supports post-exploitation activities, such as routing
Employs a curated knowledge base of vulnerability patterns to automate the selection and delivery of exploit payloads.
lscript este un framework de pentesting pentru rețele wireless și o consolă de comandă bazată pe tastatură. Funcționează ca un orchestrator de instrumente de securitate pentru instalarea și gestionarea framework-urilor de recunoaștere, alături de un toolkit de automatizare pentru executarea atacurilor wireless. Proiectul se distinge printr-o interfață bazată pe tastatură care mapează taste specifice către scripturi de securitate complexe și operațiuni shell la nivel de sistem. Acest lucru permite automatizarea recunoașterii wireless, capturarea handshake-urilor și fluxurile de lucru de recuperare a parolelor fără tastarea manuală a comenzilor. Sistemul acoperă gestionarea adaptorului wireless, inclusiv spoofing-ul adresei MAC și comutarea modului monitor. Oferă capabilități pentru analiza rețelei prin scanare wireless și monitorizarea handshake-urilor, precum și testarea securității prin injectarea de pachete, deautentificarea clienților și automatizarea fluxului de lucru de exploit.
Automates the delivery of targeted attacks and the creation of payloads and listeners.