Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

Chromium Browser DoS Attack via document.title Exploitation

收集本人自接触渗透测试用于漏洞验证的所有热门CVE、POC、CNVD攻击有效载荷+测试工具+FUZZ,一个仓库满足许多攻击测试场景,开箱即用.

POC: download documents from doc88.com as images and convert them to searchable PDFs

Docker poc lab for CVE-2025-55182 / CVE-2025-66478 (React2Shell) detection and exploitation

prove of concept using angularjs (1.x) accessing github api

WhatsApp Intelligence & Resource Exhaustion Tool. Features real-time device tracking, silent RTT probing, and protocol stress testing for security research.

Writing Spyware Made Easy - POC spyware Chrome Extension/Server

IOTA Proof of Concept, store MQTT messages on the tangle.

🌱 An experimental lightweight (remote procedure call) API pattern.

The Dependency Confusion vulnerability scanner and autoexploitation tool to help identifying and mitigating supply chain attacks

A Proof of Capacity proxy which supports solo and pool mining upstreams

A learning management system built with Node.js (In progress...)

This repository contains multiple exploits I have written for various CVEs and CTFs

PoC exposing a critical IndexedDB vulnerability that enables a disk flooding attack by exploiting the lack of restrictions.

Using React framework on server-side with Demandware

CVE-2014-1303 (WebKit Heap based BOF) proof of concept for Linux

Proof of Concept for CVE-2026-23745: Arbitrary File Overwrite vulnerability in node-tar (versions < 7.5.3).

CVE-2023-52251 There is a Remote Code Execution vulnerability provectus/kafka-ui.