git404hub

what is poc-lab fr?

unclecheng-li/poc-lab — explained in plain English

Analysis updated 2026-05-18

37CAudience · researcherComplexity · 4/5LicenseSetup · hard

tl;dr

Collection of proof of concept scripts and reproduction notes for recently disclosed CVEs across Linux kernel, Windows, macOS, containers, and services.

vibe map

mindmap
  root((poc-lab))
    Inputs
      CVE identifier
      Affected version
      Target system
    Outputs
      Exploit script
      Reproduction notes
      Patch references
    Use Cases
      Reproduce a CVE in a lab
      Study exploit mechanics
      Verify patches
    Tech Stack
      Python
      Shell
      C

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

what do people make with this?

VIBE 1

Reproduce a recent kernel or service CVE inside an isolated lab VM

VIBE 2

Verify whether a patch actually closes a known vulnerability

VIBE 3

Train red team or blue team staff on real exploit mechanics

what's the stack?

PythonShellC

how it stacks up fr

unclecheng-li/poc-labdreamfekk/andriod_unrealmemorytoolshomemadegarbage/selfrisingrobot
Stars373738
LanguageCCC
Setup difficultyhardhardhard
Complexity4/55/54/5
Audienceresearcherresearcherresearcher

Figures from each repo's GitHub metadata at analysis time.

how do i run it?

Difficulty · hard time til it works · 1day+

Each entry needs its own vulnerable target environment (specific kernel, service version, or container) and must only be run against systems you own.

MIT license: free to use, modify, and redistribute with attribution and no warranty.

in plain english

poc-lab is a collection of proof of concept scripts and reproduction steps for recently disclosed software vulnerabilities. The README describes the focus as fresh, high severity CVEs covering the Linux kernel, Windows, macOS, containers, and various services. It is set up as a reference repository for security researchers who want to study how specific bugs work in practice. The layout is the same for every entry. Each vulnerability lives in its own directory, named after the CVE identifier when one exists, or after the vulnerability's public name when no CVE has been assigned. Inside that directory there is an exploit script, either a Python file called exploit.py or a shell file called exploit.sh, and a README that lists the CVE, the affected versions, reproduction steps, and references such as advisories and patch commits. Getting started is described in a short shell snippet. You clone the repository, change into a chosen vulnerability folder, read its README, then run either python3 exploit.py or bash exploit.sh depending on which file is present. There is no central build step or test harness in the top level README. The contributing section invites pull requests that add new vulnerability directories. A new entry should follow the same template: a CVE or name based directory, the exploit script, and a README that includes the CVE identifier, the affected components, a step by step reproduction guide, and links to credits and advisories. The README ends with a clear disclaimer. The author states the repository is for security research and educational use only, asks readers not to use the scripts against systems they do not own or have permission to test, and points to responsible disclosure as the expected practice. A linked sister project called VulnClaw is described as an AI powered penetration testing framework. License is MIT.

prompts (copy fr)

prompt 1
Pick a Linux kernel CVE folder in poc-lab and walk me through running exploit.py inside a Ubuntu VM
prompt 2
Build a Dockerfile that boots the affected version of a service from a poc-lab entry so I can reproduce the CVE safely
prompt 3
Add a new poc-lab directory for CVE-2025-XXXX following the existing template with exploit.sh and a CVE README
prompt 4
Diff a vulnerable and patched build for one poc-lab entry and explain which lines fix the bug

Frequently asked questions

what is poc-lab fr?

Collection of proof of concept scripts and reproduction notes for recently disclosed CVEs across Linux kernel, Windows, macOS, containers, and services.

What language is poc-lab written in?

Mainly C. The stack also includes Python, Shell, C.

What license does poc-lab use?

MIT license: free to use, modify, and redistribute with attribution and no warranty.

How hard is poc-lab to set up?

Setup difficulty is rated hard, with roughly 1day+ to a first successful run.

Who is poc-lab for?

Mainly researcher.

peek the repo → explain another one

This repo across BitVibe Labs

double-check against the repo, no cap.