Latest Vulnerabilities and Exploits

CVE-2021-3449 OpenSSL denial-of-service exploit
https://github.com/terorie/cve-2021-3449

ProxyToken
https://github.com/bhdresh/CVE-2021-33766-ProxyToken

CVES Xstream-1.4.17
https://github.com/zwjjustdoit/Xstream-1.4.17

CVE-2021-36934/HiveNightmare/SeriousSAM
https://github.com/cube0x0/CVE-2021-36934

How to exploit a vulnerable windows driver Exploit for AsrDrv104 sys
https://github.com/stong/CVE-2020-15368

CVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel
https://github.com/0vercl0k/CVE-2021-32537

CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch sys
https://github.com/0vercl0k/CVE-2021-28476

CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
https://github.com/klezVirus/CVE-2021-40444

Exploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack
https://github.com/lhashashinl/CVE-2021-37152

Proof on Concept Exploit for CVE-2021-38647 (OMIGOD)
https://github.com/horizon3ai/CVE-2021-38647

Proof of Concept Exploit for vCenter CVE-2021-21972
https://github.com/horizon3ai/CVE-2021-21972

Proof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893
https://github.com/ZephrFish/CVE-2021-22893

CVE-2021-33766 (ProxyToken)
https://github.com/demossl/CVE-2021-33766-ProxyToken

CVE-2021-2456
https://github.com/peterjson31337/CVE-2021-2456

CVE-2021-38647 POC for RCE
https://github.com/midoxnet/CVE-2021-38647

CVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection
https://github.com/alt3kx/CVE-2021-26084_PoC
https://github.com/r0ckysec/CVE-2021-26084_Confluence
https://github.com/march0s1as/CVE-2021-26084


CVE-2021-21551 Dell Driver EoP
https://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551

A basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)
https://github.com/lntrx/CVE-2021-28663

CVE-2021-40353 openSIS 8.0 SQL Injection
https://github.com/5qu1n7/CVE-2021-40353

CVE-2021-28476 Ubuntu 20.04
https://github.com/sh4m2hwz/CVE-2021-28476-tools-env

my exp for chrome V8 CVE-2021-30551
https://github.com/xmzyshypnc/CVE-2021-30551

POC of CVE-2021-2394
https://github.com/lz2y/CVE-2021-2394

WordPress Backup Guard Authenticated Remote Code Execution Exploit
https://github.com/0dayNinja/CVE-2021-24155.rb

Exploit code for CVE-2021-33909,Just a dump of removed
https://github.com/bbinfosec43/CVE-2021-33909

Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts
https://github.com/nullsecuritynet/tools

Hacker tools on Go
https://github.com/dreddsa5dies/goHackTools

Red Team Scripts
https://github.com/d0nkeys/redteam

hack tools 2017 - 2020
https://github.com/hacktoolspack/hack-tools

قائمة شاملة لأفضل اختصارات و أوامر لينكس

https://gto76.github.io/linux-cheatsheet/

بعض أدوات التخمين
وقوائم كلمات المرور

أدوات الشبكة
hydra
https://github.com/vanhauser-thc/thc-hydra

patator
https://github.com/lanjelot/patator

cerbrutus
https://github.com/Cerbrutus-BruteForcer/cerbrutus

bruteforce SSH
https://github.com/kitabisa/ssb

BruteX
https://github.com/1N3/BruteX

الشبكات الإجتماعية
facebook
https://github.com/IAmBlackHacker/Facebook-BruteForce

instagram
https://github.com/Bitwise-01/Instagram-

twitter
https://github.com/0xfff0800/Brute-Forc-Twitter-

gmail
https://github.com/Ha3MrX/Gemail-Hack

المواقع وإدارة المحتوى
XBruteForcer
https://github.com/Moham3dRiahi/XBruteForcer

CMSeeK
https://github.com/Tuhinshubhra/CMSeeK

Brute-Force-Login
https://github.com/Sanix-Darker/Brute-Force-Login
------------ ------------ ------------
قوائم بأسماء المستخدمين وكلمات المرور المختلفة
SecLists
https://github.com/danielmiessler/SecLists

pydictor
https://github.com/LandGrey/pydictor

bruteforce-database
https://github.com/duyet/bruteforce-database

wordlists
https://github.com/assetnote/wordlists

crunch
https://github.com/crunchsec/crunch

GENESIS
https://github.com/Sanix-Darker/GENESIS

20 أداة مختلفة
أفضل بديل لـ TeamViewer و AnyDesk بلغة Rust مجانية ومفتوحة المصدر وتعمل على ويندوز ولينكس وأندرويد
https://github.com/rustdesk/rustdesk

للبحث عن أجهزة أندرويد ضعيفة في جميع أنحاء العالم واستغلالها
https://github.com/0x1CA3/AdbNet

لتحويل الملفات بصيغة DLL إلى صيغة EXE
https://github.com/hasherezade/dll_to_exe

لفحص وتحليل النظام من المواد الضارة
https://github.com/hasherezade/pe-sieve

للبحث عن آخر الأخبار ومقاطع الفيديو ونقاط الضعف والـ CVEs
https://github.com/PwnedShell/Bugs-feed

لإيقاف سجل أحداث الويندوز
https://github.com/hlldz/Phant0m

استغلال بعض نقاط الضعف في معظم كاميرات المراقبة
https://github.com/EntySec/CamOver

لتشفير حركة مرور DNS والمصادقة عليها
https://github.com/DNSCrypt/dnscrypt-proxy

التصيد وهجمات Illicit Consent Grant
https://github.com/AlteredSecurity/365-Stealer

لتحديد نقاط الضعف لمواقع ال من خلال هجمات ddos
https://github.com/Cyberlands-io/epiphany

لمسح واستغلال ثغرات xss
https://github.com/kleiton0x00/ppmap

لتكوين جدار الحماية لتوزيعات لينكس
https://github.com/philippecrowdsec/iptables-nftables-multiroute-firewall

لمسح قائمة من النطاقات الفرعية
وتحديد النطاقات التي يمكن اختراقها
https://github.com/haccer/subjack

لعمل بايلود وأدوات المسح الضوئي و
ddos
https://github.com/Malam-X/DragonMS

للحصول على screenshot لموقع ويب محدد من خلال عنوان url
https://github.com/sensepost/gowitness

الفحص العميق وتحليل الأدلة الجنائية للشبكة
https://github.com/odedshimon/BruteShark

لمنع الإعلانات والتتبع لمواقع الإنترنت
https://github.com/AdguardTeam/AdGuardHome

صفحة ويب html لجمع المعلومات بطريقة سهلة
https://github.com/abhijithb200/investigator

جمع بيانات الإعتماد من خلال زيارة موقع ويب
https://github.com/ustayready/CredSniper

BugBountyScanner
https://github.com/chvancooten/BugBountyScanner

#CVE-2021-38647 - POC to exploit unauthenticated RCE #OMIGOD

https://github.com/AlteredSecurity/CVE-2021-38647

Scan for evidence of #CVE-2021-30860 (FORCEDENTRY) exploit

https://github.com/Levilutz/CVE-2021-30860

#PoC CVE-2021-30632 - Out of bounds write in V8
Tested against Samsung Internet Browser v15.0.2.47, which does not yet have Google's patch

https://github.com/Phuong39/PoC-CVE-2021-30632

[ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains. [ProxyShell] WaitForUpdate

https://github.com/hosch3n/ProxyVulns

#Red_Teaming Tactics
and Techniques

https://github.com/mantvydasb/RedTeam-Tactics-and-Techniques

List of the links to the docs for different services, which explain using of advanced search operators
https://github.com/cipher387/Advanced-search-operators-list

List of Github repositories and articles with list of dorks for different search engines
https://github.com/cipher387/Dorks-collections-list

#CVE-2021-40444--CABless
Modified code so that we don´t need to rely on CAB archives
https://github.com/Edubr2020/CVE-2021-40444--CABless

#CVE-2021-22005
VMWare-CVE-Check

https://github.com/X1pe0/VMWare-CVE-Check

Simple Serv-U CVE-2021-35211 #poc
https://github.com/NattiSamson/Serv-U-CVE-2021-35211

CVE-2021-40346 integer overflow enables http smuggling
https://github.com/donky16/CVE-2021-40346-POC

POC for CVE-2021-31166: Windows HTTP
https://github.com/antx-code/CVE-2021-31166

Offensive RPC #poc
https://github.com/sensepost/offensive-rpc

Simple Serv-U CVE-2021-35211 #poc
https://github.com/5gstudent/CVE-2021-22005-

ios-nehelper-wifi-info-0day #exploit
https://github.com/illusionofchaos/ios-nehelper-wifi-info-0day
https://github.com/illusionofchaos/ios-nehelper-enum-apps-0day

#poc for CVE-2021-3129 (Laravel)
https://github.com/knqyf263/CVE-2021-3129