A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
Updated
Jul 29, 2025 - Python
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
一个攻防知识库。A knowledge base for red teaming and offensive security.
Fancy reverse and bind shell handler
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
ODAT: Oracle Database Attacking Tool
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
Collection of things made during my OSCP journey
MSDAT: Microsoft SQL Database Attacking Tool
Linux privilege escalation exploit via snapd (CVE-2019-7304)
A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
linuxprivchecker.py -- a Linux Privilege Escalation Check Script
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.
Python AV Evasion Tools
A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.
A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
Modular penetration testing platform that enables you to write, test, and execute exploit code.
Linux privilege escalation checks (systemd, dbus, socket fun, etc)
CVE-2020-0796 Local Privilege Escalation POC
Add a description, image, and links to the privilege-escalation topic page so that developers can more easily learn about it.
To associate your repository with the privilege-escalation topic, visit your repo's landing page and select "manage topics."