Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8.078Nuclei 4.190Metasploit 3.462✓ só verificadosrecentespopularesrisco
13.140 exploits
GitHub PoC
Conducted a full SOC investigation into a Conti ransomware compromise of an Exchange server using Splunk 8.2.2. Analysed 28,145 events across Windows Security, Sysmon, and IIS log sources to reconstruct the complete attack chain. Identified three exploited CVEs (CVE-2020-0796, CVE-2018-13374, CVE-2018-13379), located a trojanised cmd.exe
A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 al
75RISCO
abrir ↗GitHub PoC
Drupal 7 CMS vulnerable to CVE-2018-7600 (Drupalgeddon2), allowing unauthenticated remote code execution.
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbi
100RISCO
abrir ↗GitHub PoC
Sicherheitsaudit einer Drupal-Webanwendung, CVE-2018-7600 geprüft, Nmap/Burp/Metasploit
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbi
100RISCO
abrir ↗GitHub PoC
cisco-ise rce poc
Cisco ISE API Unauthenticated Remote Code Execution Vulnerability
48RISCO
abrir ↗GitHub PoC★ 1
Apache Tomcat RCE
Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
100RISCO
abrir ↗GitHub PoC
PoC exploit for CVE-2025-34282 - ThingsBoard SSRF via SVG Image Upload
ThingsBoard < v4.2.1 SVG Image SSRF
33RISCO
abrir ↗GitHub PoC★ 1
Explore CVE-2021-44228, a vulnerability in log4j affecting almost all software under the sun.
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISCO
abrir ↗GitHub PoC
Python port of the Linksys tmUnblock.cgi RCE exploit
Linksys Routers E/WAG/WAP/WES/WET/WRT-Series
85RISCO
abrir ↗GitHub PoC
CVE-2025-64446
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb
100RISCO
abrir ↗GitHub PoC
HikvisionExploiter - это Python утилита созданная для автоматизации сканирования и проверки прямого доступа к сети камер Hikvision, нацеленная на поиск уязвимости Web interface версии 3.1.3.150324 + CVE-2021-36260
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation,
100RISCO
abrir ↗GitHub PoC★ 11
scanner/exploiter CVE-2026-24061 & CVE-2026-32746
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment
100RISCO
abrir ↗GitHub PoC
An attacker can execute arbitrary JavaScript in the victim's browser, potentially leading to session hijacking or privilege escalation.
A reflected cross-site scripting (XSS) vulnerability exists in WebFileSys version before 2.32.0 and fixed in v.2.32.0. U
33RISCO
abrir ↗GitHub PoC★ 1
Static Malware Analysis of Follina (CVE-2022-30190) from Blue Team Labs Online
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
100RISCO
abrir ↗GitHub PoC
PoC for CVE-2025-49596 on linux targets
MCP Inspector proxy server lacks authentication between the Inspector client and proxy
75RISCO
abrir ↗GitHub PoC
Researched and executed real-world CVE exploits in a controlled sandbox: CVE-2000-0168 DoS on Windows 95, ARP Spoofing with NTLMv2 credential interception on Windows XP, and Shellshock RCE via Burp Suite. All activities performed legally for educational purposes.
Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file
28RISCO
abrir ↗GitHub PoC
pream-totaram/CVE-2024-52302-reproduction
common-user-management Unrestricted File Upload Leading to Remote Code Execution (RCE)
41RISCO
abrir ↗GitHub PoC★ 1
Advanced Linux Privilege Escalation research on CVE-2021-4034 (PwnKit). Features an optimized exploit with 7 polymorphic payload modes (Interactive Shell, Backdoor, User Creation, Reverse Shell, etc). Portfolio piece focused on memory corruption logic, environment variable manipulation, and anti-forensic techniques.
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISCO
abrir ↗GitHub PoC
Master's Thesis research on CVE-2024-30051 (Windows DWM Heap Overflow). Features a high-reliability exploit with automated heap spray optimization, real-time logging, and empirical success-rate analysis. Portfolio piece demonstrating advanced Windows binary exploitation, heap layout manipulation, and LPE via Desktop Window Manager.
Windows DWM Core Library Elevation of Privilege Vulnerability
71RISCO
abrir ↗GitHub PoC★ 5
WinRAR < 7.13 path traversal for persistency
Path traversal vulnerability in WinRAR
93RISCO
abrir ↗GitHub PoC
NeoArtemis37/OverlayFS-PrivEsc-CVE-2022-0944
Template injection in connection test endpoint leads to RCE in sqlpad/sqlpad
48RISCO
abrir ↗GitHub PoC
A proof-of-concept exploit demonstrating local privilege escalation to root in sudo (CVE-2025-32463) by abusing the --chroot (-R) option and injecting a malicious NSS configuration
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RISCO
abrir ↗GitHub PoC★ 2
A Python 3 reimplementation of the classic CVE-2018-15473 OpenSSH user enumeration exploit, extended with multi-threading, wordlist support, automatic vulnerability detection, and thread-safe exploit patching.
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticati
70RISCO
abrir ↗GitHub PoC
If you've been grinding through HackTheBox machines, Mailing is one of those boxes that genuinely teaches you something. It's rated Easy, runs on Windows, and chains together a few real-world vulnerabilities — a directory traversal, a credential leak, CVE-2024-21413, and a LibreOffice macro exploit. Let's walk through it step by step.
Microsoft Outlook Remote Code Execution Vulnerability
100RISCO
abrir ↗GitHub PoC
Intentionally vulnerable Next.js RSC Docker lab for CVE-2025-55182 (React2Shell) local testing
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISCO
abrir ↗GitHub PoC
Advanced security research on CVE-2025-55182 (React2Shell). Features an exploitation framework with 6 functional impact scenarios (RCE to Secret Exfiltration), an interactive reverse shell, and a complete laboratory. Portfolio piece demonstrating deep analysis of Prototype Pollution and Insecure Deserialization in React Server Components
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISCO
abrir ↗GitHub PoC
CVE-2025-55182 — React2Shell
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISCO
abrir ↗GitHub PoC
Khai thác lỗ hổng bảo mật CVE-2025-55182
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISCO
abrir ↗GitHub PoC
Technical investigation and host containment of a Critical-severity Zero-Click RCE exploit (CVE-2025-21298) using EDR telemetry and static malware analysis.
Windows OLE Remote Code Execution Vulnerability
70RISCO
abrir ↗GitHub PoC
Investigating CVE-2022-36804
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 bef
100RISCO
abrir ↗GitHub PoC
CVE-2026-32794: TLS Certificate Verification Bypass in Apache Airflow Databricks Provider
Apache Airflow Provider for Databricks: TLS Certificate Verification Disabled in Databricks Provider K8s Token Exchange
13RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.