Exploit
Browse 50 exploit tools
FEATURED
AI-powered continuous pentesting that finds and fixes vulnerabilities
AI-powered continuous web app pentesting service with human validation
AI-powered continuous web app pentesting service with human validation
Vulnerability threat intelligence platform with risk-based scoring and CVE/CWE data
Vulnerability threat intelligence platform with risk-based scoring and CVE/CWE data
Unified white-box and black-box testing platform for exploitable risks
Unified white-box and black-box testing platform for exploitable risks
Runtime protection preventing supply-chain attacks & exploits via library-level policies
Runtime protection preventing supply-chain attacks & exploits via library-level policies
AI-powered WAF rule automation for instant vulnerability protection
AI-powered PTaaS platform with continuous attack surface discovery and exploit validation
AI-powered PTaaS platform with continuous attack surface discovery and exploit validation
AI-powered automated penetration testing platform for web apps and networks
AI-powered automated penetration testing platform for web apps and networks
Penetration testing software for simulating attacks and validating vulnerabilities
Penetration testing software for simulating attacks and validating vulnerabilities
Find exploits in local and online databases instantly
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
A tool for Local File Inclusion (LFI) exploitation and scanning
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
A payload generator that creates malicious deserialization payloads for testing .NET applications against insecure deserialization vulnerabilities.
A payload generator that creates malicious deserialization payloads for testing .NET applications against insecure deserialization vulnerabilities.
A command line utility for searching and downloading exploits from multiple exploit databases including Exploit-DB and Packet Storm.
A command line utility for searching and downloading exploits from multiple exploit databases including Exploit-DB and Packet Storm.
A tool that generates .NET serialized gadgets for triggering assembly load and execution through BinaryFormatter deserialization in JavaScript, VBScript, and VBA scripts.
A tool that generates .NET serialized gadgets for triggering assembly load and execution through BinaryFormatter deserialization in JavaScript, VBScript, and VBA scripts.
Open-source honeypot tool for detecting and analyzing malicious activities in the Apache Struts exploit.
Open-source honeypot tool for detecting and analyzing malicious activities in the Apache Struts exploit.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
Script to find exploits for vulnerable software packages on Linux systems using an exploit database.
Script to find exploits for vulnerable software packages on Linux systems using an exploit database.
A Linux privilege escalation auditing tool that identifies potential kernel vulnerabilities and suggests applicable exploits based on system analysis.
A Linux privilege escalation auditing tool that identifies potential kernel vulnerabilities and suggests applicable exploits based on system analysis.
Macro_Pack automates the generation and obfuscation of Office documents and scripts for penetration testing and security assessments.
Macro_Pack automates the generation and obfuscation of Office documents and scripts for penetration testing and security assessments.
AFE Android Framework for Exploitation is a framework that provides tools and techniques for exploiting vulnerabilities in Android devices and applications.
AFE Android Framework for Exploitation is a framework that provides tools and techniques for exploiting vulnerabilities in Android devices and applications.
CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.
CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.
