Cve Bin ToolThis tool scans for a number of common, vulnerable components (openssl, libpng, libxml2, expat and a few others) to let you know if your system includes common libraries with known vulnerabilities.
Cve 2020 16898CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Js Vuln DbA collection of JavaScript engine CVEs with PoCs
VulnixVulnerability (CVE) scanner for Nix/NixOS.
ExploitsContaining Self Made Perl Reproducers / PoC Codes
ExploitsExploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity
LinuxflawThis repo records all the vulnerabilities of linux software I have reproduced in my local workspace
Pigatpigat ( Passive Intelligence Gathering Aggregation Tool ) 被动信息收集聚合工具
WpreconWPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.
Nist Data MirrorA simple Java command-line utility to mirror the CVE JSON data from NIST.
Awesome CsirtAwesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Cve Searchcve-search - a tool to perform local searches for known vulnerabilities
SarenkaOSINT tool - gets data from services like shodan, censys etc. in one app
Gitlab rceRCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
Cvebase.comcvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
PattonThe clever vulnerability dependency finder
Cve 2018 20555Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555
Ossf Cve BenchmarkThe OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.
Vulnerability Data ArchiveWith the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
IvaIVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.
Kernelhub🌴Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file
LabsVulnerability Labs for security analysis
Cve ApiUnofficial api for cve.mitre.org
VfeedThe Correlated CVE Vulnerability And Threat Intelligence Database API
Medusa🐈Medusa是一个红队武器库平台,目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能,持续开发中 http://medusa.ascotbe.com
Uxss Db🔪Browser logic vulnerabilities ☠️
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Hardware And Firmware Security GuidanceGuidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
WebmapWebMap-Nmap Web Dashboard and Reporting
Vulapps快速搭建各种漏洞环境(Various vulnerability environment)
BootstompBootStomp: a bootloader vulnerability finder
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Cve 2019 1003000 Jenkins Rce PocJenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
VersionscanA PHP version scanner for reporting possible vulnerabilities
CVE-StockpileMaster list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
moonwalkCover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚