A collection of hacking / penetration testing resources to make you better!

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

CTF framework and exploit development library

windows-kernel-exploits Windows平台提权漏洞集合

This repository contains several applications, demonstrating the Meltdown bug.

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

linux-kernel-exploits Linux平台提权漏洞集合

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

GEF - GDB Enhanced Features for exploit devs & reversers

A collection of links related to Linux kernel security and exploitation

CTF竞赛权威指南(Pwn篇)

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

大型内网渗透扫描器&Cobalt Strike，Ladon7.2内置94个模块，包含信息收集/存活主机/IP扫描/端口扫描/服务识别/网络资产/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010、SMBGhost、Weblogic、ActiveMQ、Tomcat、Struts2系列，密码口令爆破(Mysql、Oracle、MSSQL)、FTP、SSH(Linux)、VNC、Windows(IPC、WMI、SMB、Netbios、LDAP、SmbHash、WmiHash、Winrm),远程执行命令(wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Windows Exploit Suggester - Next Generation

Advanced vulnerability scanning with Nmap NSE

JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

A container repository for my public web hacks!

Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.

The best tool for finding one gadget RCE in libc.so.6

Reverse Shell as a Service

Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.

My proof-of-concept exploits for the Linux kernel

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

pentest framework

Vulnerability Labs for security analysis

Fully chained kernel exploit for the PS Vita on firmwares 3.65-3.68

PegaSwitch is an exploit toolkit for the Nintendo Switch