Recently updated Proof-of-Concepts

2025

Latest 20 of 43 Repositories

Stars	Updated	Name	Description
489⭐	2 days ago	CVE-2018-20250	exp for https://research.checkpoint.com/extracting-code-execution-from-winrar
201⭐	17 hours ago	CVE-2025-24071_PoC	CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File
153⭐	12 hours ago	CVE-2025-30208-EXP	CVE-2025-30208-EXP
87⭐	1 day ago	POC-CVE-2025-24813	his repository contains an automated Proof of Concept (PoC) script for exploiting CVE-2025-24813, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attacker to upload a malicious serialized payload to the server, leading to arbitrary code execution via deserialization when specific conditions are met.
125⭐	3 minutes ago	CVE-2025-26125	(0day) Local Privilege Escalation in IObit Malware Fighter
73⭐	2 days ago	CVE-2025-24813-PoC	Apache Tomcat 远程代码执行漏洞批量检测脚本(CVE-2025-24813)
25⭐	1400 days ago	CVE-2018-20250	010 Editor template for ACE archive format & CVE-2018-2025[0-3]
35⭐	15 days ago	CVE-2025-0282	PoC for CVE-2025-0282: A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways
26⭐	3 days ago	CVE-2025-0108-PoC	Palo Alto Networks PAN-OS 身份验证绕过漏洞批量检测脚本(CVE-2025-0108)
39⭐	17 hours ago	CVE-2025-1974
44⭐	12 days ago	CVE-2025-0282-Ivanti-exploit	CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overflow exploit.
22⭐	33 days ago	CVE-2025-0282	Ivanti Connect Secure IFT TLS Stack Overflow pre-auth RCE (CVE-2025-0282)
33⭐	18 days ago	CVE-2025-24016	CVE-2025-24016: Wazuh Unsafe Deserialization Remote Code Execution (RCE)
41⭐	30 days ago	CVE-2025-24118	An XNU kernel race condition bug
28⭐	11 days ago	CVE-2025-27636-Apache-Camel-PoC
23⭐	12 days ago	CVE-2025-1094-Exploit	WebSocket and SQL Injection Exploit Script
36⭐	6 hours ago	ingressNightmare-CVE-2025-1974-exps	IngressNightmare POC. world first remote exploitation and with multi-advanced exploitation methods. allow on disk exploitation. CVE-2025-1974 https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities#how-did-we-discover-ingressnightmare-24
35⭐	4 days ago	CVE-2025-23369	GitHub Entreprise Server SAML authentication bypass (CVE-2025-23369) exploit
9⭐	13 days ago	CVE-2025-27840	Expanded version of the code shown at RootedCON redone in python - CVE-2025-27840
7⭐	13 days ago	CVE-2025-0087-	CVE-2025-0087 EoP full PoC

2024

Latest 20 of 558 Repositories

Stars	Updated	Name	Description
2352⭐	7 hours ago	CVE-2024-1086	Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
655⭐	3 days ago	CVE-2024-38063	poc for CVE-2024-38063 (RCE in tcpip.sys)
475⭐	11 days ago	cve-2024-6387-poc	a signal handler race condition in OpenSSH's server (sshd)
484⭐	3 days ago	CVE-2024-49113	LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113
481⭐	1 day ago	CVE-2024-6387_Check	CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH
378⭐	5 days ago	cve-2024-6387-poc	32-bit PoC for CVE-2024-6387 — mirror of the original 7etsuo/cve-2024-6387-poc
214⭐	2 days ago	CVE-2024-38077	RDL的堆溢出导致的RCE
339⭐	1 day ago	CVE-2024-26229	CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code
292⭐	9 hours ago	CVE-2024-0044	CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13
275⭐	6 days ago	CVE-2024-4577	PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC
290⭐	1 day ago	CVE-2024-21338	Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.
276⭐	3 days ago	CVE-2024-35250	PoC for the Untrusted Pointer Dereference in the ks.sys driver
725⭐	3 days ago	CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability	Microsoft-Outlook-Remote-Code-Execution-Vulnerability
236⭐	47 days ago	CVE_2024_30078_POC_WIFI	basic concept for the latest windows wifi driver CVE
8⭐	69 days ago	CVE-2024-38077-POC
197⭐	12 days ago	CVE-2024-23897	CVE-2024-23897
162⭐	9 days ago	CVE-2024-25600	Unauthenticated Remote Code Execution – Bricks <= 1.9.6
159⭐	55 days ago	CVE-2024-21413	Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC
137⭐	11 days ago	cve-2024-20017	exploits for CVE-2024-20017
121⭐	13 hours ago	cve-2024-6387-poc	MIRROR of the original 32-bit PoC for CVE-2024-6387 "regreSSHion" by 7etsuo/cve-2024-6387-poc

2023

Latest 20 of 475 Repositories

Stars	Updated	Name	Description
787⭐	4 days ago	CVE-2023-38831-winrar-exploit	CVE-2023-38831 winrar exploit generator
371⭐	18 days ago	CVE-2023-32233	CVE-2023-32233: Linux内核中的安全漏洞
486⭐	2 days ago	Windows_LPE_AFD_CVE-2023-21768	LPE exploit for CVE-2023-21768
389⭐	3 days ago	CVE-2023-0386	CVE-2023-0386在ubuntu22.04上的提权
384⭐	43 days ago	CVE-2023-4911	PoC for CVE-2023-4911
81⭐	2 days ago	CVE-2023-21839	Weblogic CVE-2023-21839 RCE (无需Java依赖一键RCE)
269⭐	26 days ago	CVE-2023-21608	Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
316⭐	1 day ago	CVE-2023-4863
230⭐	10 days ago	CVE-2023-44487	Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487
162⭐	11 days ago	CVE-2023-36745
343⭐	11 days ago	CVE-2023-23397-POC-Powershell
231⭐	3 days ago	CVE-2023-20887	VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)
223⭐	10 days ago	CVE-2023-3519	RCE exploit for CVE-2023-3519
239⭐	1 day ago	CVE-2023-7028	This repository presents a proof-of-concept of CVE-2023-7028
177⭐	2 days ago	CVE-2023-28252
234⭐	35 days ago	Weblogic-CVE-2023-21839
204⭐	15 days ago	CVE-2023-46747-RCE	exploit for f5-big-ip RCE cve-2023-46747
166⭐	17 days ago	CVE-2023-25157	CVE-2023-25157 - GeoServer SQL Injection - PoC
230⭐	5 days ago	CVE-2023-29357	Microsoft SharePoint Server Elevation of Privilege Vulnerability
124⭐	8 days ago	CVE-2023-2640-CVE-2023-32629	GameOver(lay) Ubuntu Privilege Escalation

2022

Latest 20 of 540 Repositories

Stars	Updated	Name	Description
1095⭐	11 days ago	CVE-2022-0847-DirtyPipe-Exploit	A root exploit for CVE-2022-0847 (Dirty Pipe)
565⭐	8 hours ago	CVE-2022-23222	CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation
361⭐	67 days ago	CVE-2022-21907	HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907
369⭐	105 days ago	CVE-2022-29464	WSO2 RCE (CVE-2022-29464) exploit and writeup.
349⭐	29 days ago	CVE-2022-40684	A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
427⭐	3 days ago	CVE-2022-25636	CVE-2022-25636
483⭐	11 days ago	CVE-2022-2588	exploit for CVE-2022-2588
496⭐	3 days ago	CVE-2022-0995	CVE-2022-0995 exploit
380⭐	12 hours ago	CVE-2022-39197	CobaltStrike <= 4.7.1 RCE
586⭐	2 days ago	CVE-2022-0847-DirtyPipe-Exploits	A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.
403⭐	1 day ago	CVE-2022-33679	One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html
280⭐	1 day ago	CVE-2022-0847	CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞，可覆盖重写任意可读文件中的数据，从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞（Dirty Cow），但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”
318⭐	12 days ago	CVE-2022-21894	baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability
368⭐	32 days ago	CVE-2022-0185	CVE-2022-0185
267⭐	29 days ago	CVE-2022-39952	POC for CVE-2022-39952
275⭐	43 days ago	cve-2022-27255
218⭐	2 days ago	CVE-2022-30075	Tp-Link Archer AX50 Authenticated RCE (CVE-2022-30075)
239⭐	49 days ago	CVE-2022-20699	Cisco Anyconnect VPN unauth RCE (rwx stack)
218⭐	3 days ago	CVE-2022-34918	CVE-2022-34918 netfilter nf_tables 本地提权 POC
231⭐	4 days ago	CVE-2022-1388	POC for CVE-2022-1388

2021

Latest 20 of 504 Repositories

Stars	Updated	Name	Description
1984⭐	3 days ago	CVE-2021-4034	CVE-2021-4034 1day
1078⭐	2 days ago	CVE-2021-4034	PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
971⭐	11 days ago	CVE-2021-3156
1043⭐	2 days ago	CVE-2021-1675	Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)
743⭐	3 days ago	CVE-2021-3156	Sudo Baron Samedit Exploit
822⭐	5 days ago	CVE-2021-31166	Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.
857⭐	9 days ago	CVE-2021-44228-Scanner	Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228
489⭐	1 day ago	CVE-2021-21972	CVE-2021-21972 Exploit
417⭐	11 days ago	CVE-2021-3493	Ubuntu OverlayFS Local Privesc
434⭐	67 days ago	CVE-2021-3156	PoC for CVE-2021-3156 (sudo heap overflow)
270⭐	16 days ago	CVE-2021-22205	CVE-2021-22205& GitLab CE/EE RCE
260⭐	10 days ago	CVE-2021-21972	Proof of Concept Exploit for vCenter CVE-2021-21972
260⭐	5 days ago	CVE-2021-36260	command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
355⭐	3 days ago	Grafana-CVE-2021-43798	Grafana Unauthorized arbitrary file reading vulnerability
345⭐	15 days ago	CVE-2021-44228_scanner	Scanners for Jar files that may be vulnerable to CVE-2021-44228
273⭐	15 days ago	CVE-2021-34527
333⭐	11 days ago	CVE-2021-1675-LPE	Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527
308⭐	11 days ago	CVE-2021-26084_Confluence	Confluence Server Webwork OGNL injection
233⭐	2 days ago	CVE-2021-38647	Proof on Concept Exploit for CVE-2021-38647 (OMIGOD)
342⭐	3 days ago	CVE-2021-4034	Proof of concept for pwnkit vulnerability