RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.

向日葵 RCE

An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability

🚀 一款为了学习go而诞生的漏洞利用工具

Automated penetration and auxiliary systems, providing XSS, XXE, DNS log, SSRF, RCE, web netcat and other Servers,gin-vue-admin，online https://51pwn.com

向日葵RCE，网段扫描/中文显示

A toolkit designed for studying how misconfigurations or insecure patterns in Next.js applications can lead to severe vulnerabilities such as Remote Code Execution (RCE).

Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?

ParamX is a tool designed to extract and categorize interesting subdomains and parameters from URLs.

Cobalt Strike RCE CVE-2022-39197

分支出了些问题，无法合并到main，迁移至https://github.com/hktalent/scan4all

Hi! Agentgo is a tool for making remote command executions from server to client with golang, protocol buffers (protobuf) and grpc.

Scanner to send specially crafted requests and catch callbacks of systems that are impacted by log4j log4shell vulnerability and to detect vulnerable log4j versions on your local file-system

RCE exploitation tool targeting CVE-2025-55182, a critical vulnerability in React Server Components (RSC) affecting React 19.0.0 - 19.2.0 and Next.js applications.

Pi-hole ( <= 4.3.2) authenticated remote code execution.

Remote Code Execution engine in Go

A PoC exploit for CVE-2017-9841 - PHPUnit Remote Code Execution(RCE)

Shenzhen Aitemi M300 Wi-Fi Repeater Unauthenticated RCE (CVE-2025-34152)

CVE-2023-46805 Ivanti POC RCE - Ultra fast scanner.

Not my own work, only Fork.