RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.

向日葵 RCE

An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability

🚀 一款为了学习go而诞生的漏洞利用工具

Automated penetration and auxiliary systems, providing XSS, XXE, DNS log, SSRF, RCE, web netcat and other Servers,gin-vue-admin，online https://51pwn.com

向日葵RCE，网段扫描/中文显示

Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?

ParamX is a tool designed to extract and categorize interesting subdomains and parameters from URLs.

Cobalt Strike RCE CVE-2022-39197

分支出了些问题，无法合并到main，迁移至https://github.com/hktalent/scan4all

Hi! Agentgo is a tool for making remote command executions from server to client with golang, protocol buffers (protobuf) and grpc.

Scanner to send specially crafted requests and catch callbacks of systems that are impacted by log4j log4shell vulnerability and to detect vulnerable log4j versions on your local file-system

This is just an SDK call; you can download the binary file using Releases and then use the tools. 这只是一个 SDK 调用；您可以在Releases 下载二进制文件，使用完整版。

A toolkit designed for studying how misconfigurations or insecure patterns in Next.js applications can lead to severe vulnerabilities such as Remote Code Execution (RCE).

Pi-hole ( <= 4.3.2) authenticated remote code execution.

A PoC exploit for CVE-2017-9841 - PHPUnit Remote Code Execution(RCE)

Code execution service for AI agent skills. Runs in isolated subprocesses with skill caching.

Remote Code Execution engine in Go

Interactive RCE exploitation tool for CVE-2025-55182 (React Server Components)