Skip to content

@hakaioffsec Hakai Security

Change the repository type filter

All

    Repositories list

    20 repositories

    • CVE-2026-33725

      Public
      Exploit for CVE-2026-33725 - Remote Code Execution and Arbitrary File Read via H2 JDBC INIT Injection in EE Serialization Import
      Python
      52100Updated Apr 23, 2026Apr 23, 2026

    • chupabase

      Public
      Chupabase is an automated security assessment tool designed to identify and exploit misconfigurations in Supabase-backed applications by reconstructing API endp…
      Python
      51900Updated Mar 25, 2026Mar 25, 2026

    • CVE-2026-25769

      Public
      Remote Code Execution via Insecure Deserialization in Wazuh Cluster
      Python
      84000Updated Mar 17, 2026Mar 17, 2026

    • beerus-android

      Public
      BEERUS Framework for Android
      C
      MIT License
      8160820Updated Mar 17, 2026Mar 17, 2026

    • coffee

      Public
      A COFF loader made in Rust
      rustcobalt-strikebof
      rustcobalt-strikebofcoffcoff-loader
      Rust
      GNU General Public License v3.0
      5333400Updated Mar 14, 2026Mar 14, 2026

    • beerus-server

      Public
      Python
      MIT License
      3100Updated Mar 13, 2026Mar 13, 2026

    • Centreon-Exploits-2026

      Public
      Centreon exploits CVE-2026-2749, CVE-2026-2751 and CVE-2026-2750
      Python
      1900Updated Mar 2, 2026Mar 2, 2026

    • keytabextractor

      Public
      Extracts Key Values from .keytab files
      Python
      0600Updated Jan 15, 2026Jan 15, 2026

    • jwt-hunter

      Public
      Simple tool for exploiting JWT vulnerabilities
      Vue
      41400Updated Dec 1, 2025Dec 1, 2025

    • browservoyage

      Public
      A tool to extract cookies and passwords from major web browsers, passively, with no process injection.
      Rust
      66000Updated Oct 31, 2025Oct 31, 2025

    • APKs-Tips-and-Tricks

      Public
      1100Updated Jul 10, 2025Jul 10, 2025

    • CVE-2025-49113-exploit

      Public
      Proof of Concept demonstrating Remote Code Execution through insecure deserialization in Roundcube (CVE-2025-49113).
      PHP
      178900Updated Jun 6, 2025Jun 6, 2025

    • IngressNightmare-PoC

      Public
      This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).
      Python
      5524900Updated Mar 26, 2025Mar 26, 2025

    • jwt-vulnerabilities-lab

      Public
      JavaScript
      GNU General Public License v3.0
      3500Updated Sep 23, 2024Sep 23, 2024

    • CVE-2024-21338

      Public
      Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.
      C
      GNU General Public License v3.0
      6531820Updated Apr 16, 2024Apr 16, 2024

    • gcp_enum

      Public
      A Python script to authenticate and test access to Google Cloud Platform (GCP) resources.
      Python
      21700Updated Jan 31, 2024Jan 31, 2024

    • BEERUS

      Public
      Java
      51200Updated Dec 29, 2023Dec 29, 2023

    • Reconnaissance-like-a-cyber-scout

      Public
      Enumeration is an essential phase in the hacking process. It involves gathering information about a specific target, such as networks, systems, applications, or…
      0500Updated Jun 28, 2023Jun 28, 2023

    • navgix

      Public
      navgix is a multi-threaded golang tool that will check for nginx alias traversal vulnerabilities
      Go
      57420Updated May 20, 2023May 20, 2023

    • InfoIpFinder

      Public
      Python
      1200Updated Jun 30, 2022Jun 30, 2022
    ProTip! When viewing an organization's repositories, you can use the props. filter to filter by custom property.