聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or CVE from Github by CVE ID.

Related tags

Security related resourcesPocOrExp_in_Github
Overview

PocOrExp in Github

聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网

注意:只通过通用的CVE号聚合,因此对于MS17-010等Windows编号漏洞以及著名的有绰号的漏洞,还是自己检索一下比较好

Usage

python3 exp.py -h
usage: exp.py [-h]
              [-y {1999,2000,2001,2002,2003,2004,2005,2006,2007,2008,2009,2010,2011,2012,2013,2014,2015,2016,2017,2018,2019,2020,2021,all}]
              [-i {y,n}] [-w {y,n}]

CVE Details and Collect PocOrExp in Github

optional arguments:
  -h, --help            show this help message and exit
  -y {1999,2000,2001,2002,2003,2004,2005,2006,2007,2008,2009,2010,2011,2012,2013,2014,2015,2016,2017,2018,2019,2020,2021,all}, --year {1999,2000,2001,2002,2003,2004,2005,2006,2007,2008,2009,2010,2011,2012,2013,2014,2015,2016,2017,2018,2019,2020,2021,all}
                        get Poc or CVE of certain year or all years
  -i {y,n}, --init {y,n}
                        init or not
  -w {y,n}, --watch {y,n}
                        keep an eye on them or not

参数说明:

  • -y指定处理某年的CVE
  • -i说明是否为首次初始化,y表示初次,对于已处理的CVE不会处理,n表示否,会处理已处理的CVE
  • -w监控PoC变化:当前策略为更新本年前的已知有PoC的CVE,以及本年的所有CVE

使用步骤:

  • STEP1:安装依赖

    pip3 install tqdm aiohttp_requests

  • STEP2:申请github api token写入项目目录下的TOKENS文件中,格式如下,可以使用多个token:

    token:your_token

  • STEP3:处理cve信息

    python3 exp.py -y 2021 -i y
python3 exp.py -y all -i y

  • 如果想要加快速度,可使用异步版脚本exp_async.py

PocOrExps

Log

  • 20200412: 修复了github搜索时,例如搜索CVE-2020-3618,会搜索到CVE-2020-36184的结果的问题
  • 20200413: 由于NVD官网CVE编号缺失,改用CVE官网数据,发布异步版脚本
  • 20200414: 完成第一轮PocOrExp的爬取,目前使用20个github api token,可以做到12小时内轮询所有CVE并更新
  • 20200414: 做了一些简单数据统计,见Statistics
  • 20200416: 增加-w参数
  • 20200417: 新增每日更新脚本today.py,更新内容见Today,可以在上面修改,例如将get_today_update的返回结果通过server酱,wxpusher等发送给自己
  • 20200420: 发现一些非PoC的repo, 通过增加黑名单去除,同时更新异步脚本v2。
  • 20200423: 发现今日更新的结果里有的repo并不是近期更新的,原因如下:
      1. repo从private转public
      1. 通过api查询时,脚本策略为取star数目前30的结果,因此当同一CVE的其他repo数目增加时,会进入前30列表中,表现为今日新增。统计发现按照CVE号搜索结果超过100的大洞只有CVE-2019-0708,因此不使用分页爬取所有,修改为每次取star数目前100的结果。
  • 20200430: download下载所有PoC/Exp,防止repo被发布者删除

Reference

Owner
UCAS
GitHub Repository
A python script to bypass 403-forbidden.

4nought3 A python script to bypass 403-forbidden. It covers methods like Host-Header Injections, Changing HTTP Requests Methods and URL-Injections. Us

11 Aug 27, 2022
A Docker based LDAP RCE exploit demo for CVE-2021-44228 Log4Shell

log4j-poc An LDAP RCE exploit for CVE-2021-44228 Log4Shell Description This demo Tomcat 8 server has a vulnerable app deployed on it and is also vulne

60 Dec 10, 2022
"Video Moment Retrieval from Text Queries via Single Frame Annotation" in SIGIR 2022.

ViGA: Video moment retrieval via Glance Annotation This is the official repository of the paper "Video Moment Retrieval from Text Queries via Single F

Ran Cui 38 Dec 31, 2022
Proof-of-concept obfuscation toolkit for C# post-exploitation tools

InvisibilityCloak Proof-of-concept obfuscation toolkit for C# post-exploitation tools. This will perform the below actions for a C# visual studio proj

259 Dec 19, 2022
edgedressing leverages a Windows "feature" in order to force a target's Edge browser to open. This browser is then directed to a URL of choice.

edgedressing One day while experimenting with airpwn-ng, I noticed unexpected GET requests on the target node. The node in question happened to be a W

stryngs 43 Dec 23, 2022
Backdoor is a term that refers to the access of the software or hardware of a computer system without being detected.

This program is an non-object oriented opensource, hidden and undetectable backdoor/reverse shell/RAT for Windows made in Python 3 which contains many features such as multi-client support and cross-

35 Apr 17, 2022
Password Manager is a simple Python project which helps users in managing their passwords in a easier way

Password Manager is a simple Python project which helps users in managing their passwords in a easier way

Manish Jalui 4 Sep 29, 2021
The ultimate Metasploit apk binder with legit apk written in python3

Infector is a python3 based script which is officially made for linux based distro . It binds metasploit payload with original apk with avast antivirus bypassed .

27 Dec 25, 2022
Just another script for automatize boolean-based blind SQL injections.

SQL Blind Injection Tool A script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwi

RIM 51 Dec 15, 2022
Northwave Log4j CVE-2021-44228 checker

Northwave Log4j CVE-2021-44228 checker Friday 10 December 2021 a new Proof-of-Concept 1 addressing a Remote code Execution (RCE) vulnerability in the

Northwave 125 Dec 09, 2022
Windows Server 2016, 2019, 2022 Extracter & Recovery

Parsing files from Deduplicated volumes. It can also recover deleted files from NTFS Filesystem that were deduplicated. Installation git clone https:/

0 Aug 28, 2022
Generate malicious files using recently published homoglyphic-attack (CVE-2021-42694)

CVE-2021-42694 Generate malicious files using recently published homoglyph-attack vulnerability, which was discovered at least in C, C++, C#, Go, Pyth

js-on 17 Dec 11, 2022
CVE-2022-22963 PoC

CVE-2022-22963 CVE-2022-22963 PoC Slight modified for English translation and detection of https://github.com/chaosec2021/Spring-cloud-function-SpEL-R

Nicolas Krassas 104 Dec 08, 2022
This is a simple tool to create ZIP payloads using a provided wordlist for the symlink attack (present in some file upload vulnerabilities)

zip-symlink-payload-creator This is a simple tool to create ZIP payloads using a provided wordlist for the symlink attack (present in some file upload

stark0de 6 Aug 18, 2022
Some Attacks of Exchange SSRF ProxyLogon&ProxyShell

Some Attacks of Exchange SSRF This project is heavily replicated in ProxyShell, NtlmRelayToEWS https://mp.weixin.qq.com/s/GFcEKA48bPWsezNdVcrWag Get 1

Jumbo 129 Dec 30, 2022
STATS305C: Applied Statistics III (Spring, 2022)

STATS305C: Applied Statistics III Instructor: Scott Linderman TA: Matt MacKay, James Yang Term: Spring 2022 Stanford University Course Description: Pr

Scott Linderman 14 Aug 11, 2022
A python implementation of the windows 95 product key check.

Windows 95 Product Key Check Info: This is a python implementation of the windows 95 product key check. This was just a bit of fun and a massive 5 hou

11 Aug 07, 2022
Experimental musig2 python code, not for production use!

musig2-py Experimental musig2 python code, not for production use! This is just for testing things out. All public keys are encoded as 32 bytes, assum

Samuel Dobson 14 Jul 08, 2022
If you are worried about being found perhaps try taking cover under a blanket. Pure Python PowerShell Obfuscator

If you are worried about being found perhaps try taking cover under a blanket. Pure Python PowerShell Obfuscator

Ph0tonz 3 Jun 07, 2022
Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password

Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password

Matt Creel 27 Dec 20, 2022