✍️ A curated list of CVE PoCs.Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you might also want to check out awesome-web-security.
awesome cve pocA proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. Originally released as part of AppSecCali 2015 Talk "Marshalling Pickles: how deserializing objects will ruin your day" with gadget chains for Apache Commons Collections (3.x and 4.x), Spring Beans/Core (4.x), and Groovy (2.3.x). Later updated to include additional gadget chains for JRE <= 1.7u21 and several other libraries.
deserialization gadget exploit javadeser jvm serialization poc vulnerabilityChecks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN. The basic idea is that user will know whether or not the running system is properly patched with something like KAISER patchset (https://lkml.org/lkml/2017/10/31/884) for example.
meltdown kpti kaiser pti exploit poc security intelbugIMPORTANT: Is provided only for educational or information purposes. CVE-2018-7600 / SA-CORE-2018-002 Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
poc drupalgeddon2 exploit drupal cve-2018-7600 sa-core-2018-002Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)
exploit drupal drupalgeddon2 sa-core-2018-002 cve-2018-7600 drupal7 drupal8 drupalgeddon pocThis is just a proof-of-concept to see if we can get react work on server-side but it should not be used on production as performance for react is very poor.
react demandware server-side-rendering poc reactjsA proof of concept prototype of new HBase + Hadoop Map Reduce integration
hbase pocAuthenticate against a MySQL server without knowing the cleartext password. This PoC shows how it is possible to authenticate against a MySQL server under certain circumstances without knowing the cleartext password when the Secure Password Authentication authentication plugin (aka mysql_native_password, the default method) is used.
mysql sha1 authentication password bypass sniffer attacker poca free Modbus library for Go. This library is inspired by this modbus library.
poc modbus unmaintained dont-use-this-no-really dont-useExploit PoCs and tools for vulnerabilities disclosed by tintinweb.
vulnerability exploit poc ethereum-mist cve-2016-5725 cve-2016-3116 cve-2016-3115 cve-2016-2563 cve-2016-0772 cve-2015-5477 cve-2014-2023 cve-2014-2022 cve-2014-2021 cve-2017-8798 cve-2017-18016 cve-2017-16930 cve-2017-16929 cve-2017-13208 cve-2018-10057 cve-2018-10058Collection of malware samples, research and guides to understand it and to practice, learn and build mechanism to defeat it. Collection of Malware samples, research and guides to understand it and to practice, learn and build mechanism to defeat it.
malware security research malware-examples code-inspection exploits cve pocA little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability. Clone this repository to a website you use for testing purposes, publish everything, and you will be able to use all of the proof of concepts under the /proof-of-concepts/ directory (e.g. http://example.com/proof-of-concepts/pastejacking_reflected_xss_payload.html).
security infosec bugbounty poc proof-of-conceptISF(Industrial Security Exploitation Framework) is a exploitation framework based on Python. It's based on NSA Equation Group Fuzzbunch toolkit which is realsed by Shadow Broker. It's developed by the ICSMASTER Security Team. Please use them only for researching purposes.
isf ics-poc ics-exp poc plcscan plc-injecterDepends, Got any kernel vulnerability? You're welcome chain them together. This one allow you to have huge attack surface from within the sandbox.
pocCVE-2017-15944 Palo Alto Networks firewalls remote root code execution POC
poc cve-2017-15944 palo-alto-networks-firewalls⚠️ this example is not up to date with the last version of flutter platform API. Same principles but somes method names changed. An example of native ios swift videoplayer on top of a flutter app using the Platform messaging API.
flutter dartlang video-player pocIn this repository you'll end up finding a mish-mash of information around a project that @dougbtv and @leifmadsen are working on. For this project, we intend to build out an Asterisk-based VNF (virtual network function). This VNF will not be intended to be deployed to production, but rather provide a set of reference material and examples of how you might go about building one. You can think of this as more of a demo or research project.
asterisk kubernetes nfv vnf vnf-asterisk containers pocmkaas provides a declarative way to create Kubernetes clusters using minikube within 1-2 minutes each. This is a Proof-of-Concept Kubernetes Operator providing Minikube-as-a-Service or mkaas through the use of CRDs and the Operator Framework from CoreOS.
operator-framework kubernetes experimental poc crds minikube kvm kubernetes-on-kubernetes
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.