#Rce
Showing 58 of 58 repositories tagged #rce, ranked by stars
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Top disclosed reports from HackerOne
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
Java web common vulnerabilities and security code which is base on springboot and spring security
Notes about attacking Jenkins servers
🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
Penelope Shell Handler
Miscellaneous exploit code
Automatic SSTI detection tool with interactive interface
Check your WAF before an attacker does
一个旨在通过应用场景 / 标签对 Github 红队向工具 / 资源进行分类收集,降低红队技术门槛的手册【持续更新】
DianXing - AI-Driven End-to-End Code Security Auditing
Kraken, a modular multi-language webshell coded by @secu_x11
JAVA 漏洞靶场 (Vulnerability Environment For Java)
🚀 一款为了学习go而诞生的漏洞利用工具
旨在以攻促防,针对Docker TCP socket的开源利用工具
Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
:smiling_imp: Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!
Run executables from memory, over the network, on Windows, Linux, OpenVMS... routers... spaceships... toasters etc.
NodeJS Red-Team Cheat Sheet
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
ChatGPT加持的,多人在线协同信息安全报告编写平台。目前支持的报告类型:渗透测试报告,APP隐私合规报告。
RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
React2Shell Ultimate - The most comprehensive CVE-2025-66478 Scanner for Next.js RSC RCE vulnerability. Multi-mode detection, WAF bypass, local scanning.
Hacking tools
Peas create serialized payload for deserialization RCE attack on python driven applications where pickle ,pyYAML, ruamel.yaml or jsonpickle module is used for deserialization of serialized data. I will update it with more attack vectors to targets other modules.
AiGPT started from the concept of CVE‑2024‑27956 , the WP Automatic CSV injection — but has been completely rebuilt into a multi‑vector, unauthenticated WordPress exploitation engine. It now chains 13 real‑world CVEs to create an administrator account or drop a web shell directly, then automatically injects a reverse shell into the active theme
Hacking Hotspots: Pre-Auth Remote Code Execution, Arbitrary SMS & Adjacent Attacks on 5G & 4G/LTE Routers
Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.
Docker image to exploit RCE, try for pentest methods and test container security solutions (trivy, falco and etc.)
PHP 8.1.0-dev Backdoor System Shell Script
Black Hat Ruby book | Lab files | Buy the book https://www.amazon.com/dp/B08JHSF6GT
Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution
CVE-2022-41852 Proof of Concept (unofficial)
Next.js React Server Components RCE exploit for CVE-2025-55182
WConsole Extractor is a python library which automatically exploits a Werkzeug development server in debug mode. You just have to write a python function that leaks a file content and you have your shell :)
RCE PoC for Tensorflow using a malicious Lambda layer
A PoC exploit for CVE-2024-25600 - WordPress Bricks Builder Remote Code Execution (RCE)
Juniper Firewalls CVE-2023-36845 - RCE
Hacking Artifactory with server side template injection
DoS PoC's for SAP products
Advanced Exploitation Toolkit for Next.js Server Actions (CVE-2025-55182)
BugBounty Tool
ParamX is a tool designed to extract and categorize interesting subdomains and parameters from URLs.
A python approach to interacting with web shells.
A PoC exploit for CVE-2023-43208 - Mirth Connect Remote Code Execution (RCE)
CatchClaw v5.3.0 — 多平台 AI Agent 安全评估工具,支持 OpenClaw / Dify / FastGPT / LobeChat / NextChat / AnythingLLM / Flowise / RagFlow 等 9 大平台。78 条 DAG 攻击链 | 78 个 Exploit 模块 | ATT&CK 阶段映射 | 多平台指纹识别 | Async Tokio 引擎 | 攻击图可视化
Public PoC + Scanner and research for CVE-2025-68613: Critical RCE in n8n Workflow Automation via Expression Injection (CVSS 10.0). Includes detection tools, full exploit, and remediation guidance.
「💥」CVE-2022-33891 - Apache Spark Command Injection
Point Blank modification tools
Unauthenticated RCE on cups-browsed (exploit and nuclei template)
Turn any RCE primitive into a semi-interactive shell with forward shell (mkfifo) and post-exploitation actions.
php-in-jpg is a simple yet flexible tool that generates .jpg image files embedding PHP payloads, designed to support PHP RCE polyglot techniques.
This repository contains a POC of CVE-2025-55182, a critical (CVSS score 10.0) pre-authentication remote code execution vulnerability affecting React Server Components, also known as React2Shell.
Unauthenticated RCE PoC for CVE-2026-48908 — SP Page Builder for Joomla (≤ 6.6.1): arbitrary file upload via asset.uploadCustomIcon. Self-cleaning, token-guarded. Authorized testing only.
RCEPayloadGen is a context-aware RCE payload generator for authorized security testing, producing 20k+ targeted, executable payloads across 12 environments — with safety tiers, observable indicators, a benign detection mode, and metadata-rich output for validation, fuzzing, and pentest automation.
A handy interactive shell through {code,command,template} injection