Exploit
Explore 43 curated cybersecurity tools, with 14,601+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
XBOW is an AI-driven tool that autonomously discovers and exploits web application vulnerabilities, aiming to match the capabilities of experienced human pentesters.
XBOW is an AI-driven tool that autonomously discovers and exploits web application vulnerabilities, aiming to match the capabilities of experienced human pentesters.
Find exploits in local and online databases instantly
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
A tool for Local File Inclusion (LFI) exploitation and scanning
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
A payload generator that creates malicious deserialization payloads for testing .NET applications against insecure deserialization vulnerabilities.
A payload generator that creates malicious deserialization payloads for testing .NET applications against insecure deserialization vulnerabilities.
A command line utility for searching and downloading exploits from multiple exploit databases including Exploit-DB and Packet Storm.
A command line utility for searching and downloading exploits from multiple exploit databases including Exploit-DB and Packet Storm.
A tool that generates .NET serialized gadgets for triggering assembly load and execution through BinaryFormatter deserialization in JavaScript, VBScript, and VBA scripts.
A tool that generates .NET serialized gadgets for triggering assembly load and execution through BinaryFormatter deserialization in JavaScript, VBScript, and VBA scripts.
Open-source honeypot tool for detecting and analyzing malicious activities in the Apache Struts exploit.
Open-source honeypot tool for detecting and analyzing malicious activities in the Apache Struts exploit.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
Script to find exploits for vulnerable software packages on Linux systems using an exploit database.
Script to find exploits for vulnerable software packages on Linux systems using an exploit database.
A Linux privilege escalation auditing tool that identifies potential kernel vulnerabilities and suggests applicable exploits based on system analysis.
A Linux privilege escalation auditing tool that identifies potential kernel vulnerabilities and suggests applicable exploits based on system analysis.
A collection of 132 exploits added to Packet Storm in April 2024
A collection of 132 exploits added to Packet Storm in April 2024
Macro_Pack automates the generation and obfuscation of Office documents and scripts for penetration testing and security assessments.
Macro_Pack automates the generation and obfuscation of Office documents and scripts for penetration testing and security assessments.
AFE Android Framework for Exploitation is a framework that provides tools and techniques for exploiting vulnerabilities in Android devices and applications.
AFE Android Framework for Exploitation is a framework that provides tools and techniques for exploiting vulnerabilities in Android devices and applications.
CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.
CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.
Tplmap is a command-line tool that detects and exploits server-side template injection vulnerabilities in web applications across multiple template engines.
Tplmap is a command-line tool that detects and exploits server-side template injection vulnerabilities in web applications across multiple template engines.
InvalidSign is a security research tool that bypasses endpoint solutions by obtaining valid signed files with different hashes to evade signature-based detection mechanisms.
InvalidSign is a security research tool that bypasses endpoint solutions by obtaining valid signed files with different hashes to evade signature-based detection mechanisms.
Hash Extender is a command-line tool that automates length extension attacks against various hashing algorithms including MD5, SHA-1, SHA-256, and others.
Hash Extender is a command-line tool that automates length extension attacks against various hashing algorithms including MD5, SHA-1, SHA-256, and others.
ElasticSearch honeypot to capture attempts to exploit CVE-2014-3120, with logging and daemon options.
ElasticSearch honeypot to capture attempts to exploit CVE-2014-3120, with logging and daemon options.
A comprehensive guide to using Metasploit, including searching for modules, specifying exploits and payloads, and using auxiliary modules.
A comprehensive guide to using Metasploit, including searching for modules, specifying exploits and payloads, and using auxiliary modules.
A tool for exploiting SSRF and gaining RCE in various servers
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.
