Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

收集本人自接触渗透测试用于漏洞验证的所有热门CVE、POC、CNVD攻击有效载荷+测试工具+FUZZ,一个仓库满足许多攻击测试场景,开箱即用.

POC: download documents from doc88.com as images and convert them to searchable PDFs

Chromium Browser DoS Attack via document.title Exploitation

prove of concept using angularjs (1.x) accessing github api

Writing Spyware Made Easy - POC spyware Chrome Extension/Server

IOTA Proof of Concept, store MQTT messages on the tangle.

🌱 An experimental lightweight (remote procedure call) API pattern.

The Dependency Confusion vulnerability scanner and autoexploitation tool to help identifying and mitigating supply chain attacks

A Proof of Capacity proxy which supports solo and pool mining upstreams

A learning management system built with Node.js (In progress...)

This repository contains multiple exploits I have written for various CVEs and CTFs

PoC exposing a critical IndexedDB vulnerability that enables a disk flooding attack by exploiting the lack of restrictions.

Using React framework on server-side with Demandware

CVE-2014-1303 (WebKit Heap based BOF) proof of concept for Linux

CVE-2023-52251 There is a Remote Code Execution vulnerability provectus/kafka-ui.

A scavenger / conqueror wrapper for collision free multi mining of PoC coins

🔮🔬Front-End testing tool which can be used to create a side by side visual comparison between your live site and local site.

PoC CVE-2023-28205: Apple WebKit Use-After-Free Vulnerability