unclecheng-li/poc-lab

poc-lab is a collection of proof of concept scripts and reproduction steps for recently disclosed software vulnerabilities. The README describes the focus as fresh, high severity CVEs covering the Linux kernel, Windows, macOS, containers, and various services. It is set up as a reference repository for security researchers who want to study how specific bugs work in practice. The layout is the same for every entry. Each vulnerability lives in its own directory, named after the CVE identifier when one exists, or after the vulnerability's public name when no CVE has been assigned. Inside that directory there is an exploit script, either a Python file called exploit.py or a shell file called exploit.sh, and a README that lists the CVE, the affected versions, reproduction steps, and references such as advisories and patch commits. Getting started is described in a short shell snippet. You clone the repository, change into a chosen vulnerability folder, read its README, then run either python3 exploit.py or bash exploit.sh depending on which file is present. There is no central build step or test harness in the top level README. The contributing section invites pull requests that add new vulnerability directories. A new entry should follow the same template: a CVE or name based directory, the exploit script, and a README that includes the CVE identifier, the affected components, a step by step reproduction guide, and links to credits and advisories. The README ends with a clear disclaimer. The author states the repository is for security research and educational use only, asks readers not to use the scripts against systems they do not own or have permission to test, and points to responsible disclosure as the expected practice. A linked sister project called VulnClaw is described as an AI powered penetration testing framework. License is MIT.