Skip to content

@xsec xsec

Change the repository type filter

All

    Repositories list

    127 repositories

    • CVE-2024-38193-Nephster

      Public
      C++
      24000Updated Nov 18, 2024Nov 18, 2024

    • Chrome-App-Bound-Encryption-Decryption

      Public
      Tool to decrypt App-Bound encrypted keys in Chrome 127+, using the IElevator COM interface with path validation and encryption protections.
      C++
      61000Updated Oct 30, 2024Oct 30, 2024

    • CVE-2024-43044-jenkins

      Public
      Exploit for the vulnerability CVE-2024-43044 in Jenkins
      Java
      23000Updated Aug 29, 2024Aug 29, 2024

    • CVE-2024-38063

      Public
      poc for CVE-2024-38063 (RCE in tcpip.sys)
      Python
      MIT License
      118000Updated Aug 27, 2024Aug 27, 2024

    • CVE-2024-38077-POC

      Public
      原文已被作者删除,备份用,非原创,EXP & POC
      Python
      224000Updated Aug 9, 2024Aug 9, 2024

    • cve_2024_0044

      Public
      CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13
      Python
      65000Updated Jul 25, 2024Jul 25, 2024

    • nacos-poc

      Public
      Python
      3000Updated Jul 16, 2024Jul 16, 2024

    • CVE-2024-6387_Check

      Public
      CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH
      Python
      GNU General Public License v3.0
      90000Updated Jul 2, 2024Jul 2, 2024

    • CVE-2024-26229

      Public
      CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code
      C
      63000Updated Jun 17, 2024Jun 17, 2024

    • CVE-2024-1086

      Public
      Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
      C
      MIT License
      308000Updated Apr 17, 2024Apr 17, 2024

    • CVE-2023-4357-Chrome-XXE

      Public
      CVE-2023-4357. Chrome XXE 漏洞 POC, 实现对访客者本地文件读取. Chrome XXE vulnerability POC, allowing attackers to obtain local files of visitors.
      HTML
      34000Updated Nov 20, 2023Nov 20, 2023

    • CVE-2023-35001

      Public
      Pwn2Own Vancouver 2023 Ubuntu LPE exploit
      Go
      24000Updated Sep 1, 2023Sep 1, 2023

    • SCShell

      Public
      Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
      C
      243000Updated Jul 10, 2023Jul 10, 2023

    • JDumpSpider

      Public
      HeapDump敏感信息提取工具
      Java
      Apache License 2.0
      136000Updated Apr 6, 2023Apr 6, 2023

    • akamai-security-research

      Public
      This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.
      C
      Apache License 2.0
      71000Updated Feb 3, 2023Feb 3, 2023

    • vRealizeLogInsightRCE

      Public
      POC for RCE using vulnerabilities described in VMSA-2023-0001
      Python
      24000Updated Jan 31, 2023Jan 31, 2023

    • noPac_DA

      Public
      Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
      Python
      126000Updated Jan 29, 2023Jan 29, 2023

    • zentaopms_poc

      Public
      禅道相关poc
      Python
      39000Updated Jan 13, 2023Jan 13, 2023

    • CVE-2023-21752

      Public
      C++
      66000Updated Jan 10, 2023Jan 10, 2023

    • OWASSRF-CVE-2022-41082-POC

      Public
      PoC for the CVE-2022-41080 , CVE-2022-41082 and CVE-2022-41076 Vulnerabilities Affecting Microsoft Exchange Servers
      Python
      34000Updated Jan 10, 2023Jan 10, 2023

    • CVE-2022-2602

      Public
      CVE-2022-2602
      C
      22000Updated Dec 22, 2022Dec 22, 2022

    • CVE-2022-2602-Kernel-Exploit

      Public
      C
      28000Updated Dec 20, 2022Dec 20, 2022

    • CVE-2022-28672

      Public
      Foxit PDF Reader Remote Code Execution Exploit
      JavaScript
      GNU General Public License v3.0
      25000Updated Dec 16, 2022Dec 16, 2022

    • CVE-2022-33679

      Public
      One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html
      Python
      69000Updated Dec 13, 2022Dec 13, 2022

    • CVE-2022-2639-PipeVersion

      Public
      CVE-2022-2639 Linux kernel openvswitch local privilege escalation
      C
      49000Updated Sep 5, 2022Sep 5, 2022

    • CVE-2022-30190-follina-Office-MSDT-Fixed

      Public
      CVE-2022-30190-follina.py-修改版,可以自定义word模板,方便实战中钓鱼使用。
      Python
      54000Updated Jun 6, 2022Jun 6, 2022

    • noPac

      Public
      CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
      C#
      323000Updated Dec 12, 2021Dec 12, 2021

    • GTFOBins.github.io

      Public
      GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
      HTML
      GNU General Public License v3.0
      1.4k000Updated Nov 27, 2021Nov 27, 2021

    • CVE-2021-42321

      Public
      Microsoft Exchange Server Poc
      Python
      34000Updated Nov 23, 2021Nov 23, 2021

    • InstallerFileTakeOver

      Public
      C++
      MIT License
      394000Updated Nov 22, 2021Nov 22, 2021