All sorted by Year With Links to Original. https://github.com/nomi-sec/PoC-in-GitHub
New PoC's from Zero Day Initiative researchers Source of disclosure: https://www.zerodayinitiative.com/advisories/published/ Repo: https://github.com/thezdi/PoC
Proof of Concepts As the result of plugin writing or just general bug hunting, researchers at Tenable often stumble upon new and interesting vulnerabilities. These vulnerabililities are shared with the community. We've decided to create a more centralized repository for our proof of concepts. Everything is sorted by vendor with…
GhostPack A collection of security related toolsets. https://github.com/GhostPack
CVE-2017-13082: Key Reinstall in FT Handshake: The Krack Attack the KRACK attack website for details: https://www.krackattacks.com/ the KRACK attack original PoC: https://github.com/vanhoefm/krackattacks-test-ap-ft
CrunchRAT CrunchRAT currently supports the following features: File upload File download Command execution It is currently single-threaded (only one task at a time), but multi-threading (or multi-tasking) is currently in the works. Additional features will be included at a later date. Crunch RAT (Remote Admin Tool, Not Trojan) https://github.com/t3ntman/CrunchRAT/tree/dev
PHP OPcache Override This project contains the demo website and the tools presented in the following blog post http://blog.gosecure.ca/2016/04/27/binary-webshell-through-opcache-in-php-7 https://github.com/GoSecure/php7-opcache-override
Proof-of-concept BSoD (Blue Screen of Death) and Elevation of Privilege (to SYSTEM) code for my CVE-2016-0051 (MS-016). this PoC will run from CMD and the shell will spwan in the same CMD -pid vulnerabilty poc auhor: koczkatamas https://twitter.com/koczkatamas Original code: https://github.com/koczkatamas/CVE-2016-0051 Thanks to koczkatamas
ImageTragick POCs How To Use git clone https://github.com/ImageTragick/PoCs.git cd PoCs ./test.sh To test a policy.xml file place it in the script directory and run test.sh.
Conventional WPA2 attacks work by listening for a handshake between client and Access Point. This full fourway handshake is then used in a dictonary attack. This tool is a Proof of Concept to show it is not necessary to have the Access Point present. A person can simply listen for…