My other github repo for vendor testing against fileless attacks - https://github.com/smgorelik/VendorSimTestScripts
The exploit samples database is a repository for RCE (remote code execution) exploits and Proof-of-Concepts for WINDOWS, the samples are uploaded for education purposes for red and blue teams.
Proof of Concepts are alwayes idetified by #PoC# in the name of the relevant exploit folder, and those samples will alwayes pop out a calculator or a message box and therefore will be easily identified by many AV's (which prevent the calculator shellcode).
The respository is separated to categories and it's sub-categories based on the different attack vectors(e.g. Web attack vector contain known subcategories which are flash, silverlight or javascript).
Each sub-category includes a list of folders that represent the different CVE's (vulerabilities).
Please remember that some of the samples are live and dangerous! They come encrypted and locked for a reason! Do NOT run them unless you are absolutely sure of what you are doing! They are to be used only for educational purposes (and we mean that!) !!!
All the samples are zipped with the password: infected