Insecureprogrammingmirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Cod Exploits☠️ Call of Duty - Vulnerabilities and proof-of-concepts
Securityadvisories🔐 Security advisories as a simple composer exclusion list, updated daily
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Ssl CheckerPython script that collects SSL/TLS information from hosts
Btle SnifferPassively scan for Bluetooth Low Energy devices and attempt to fingerprint them
Kunpengkunpeng是一个Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。
Network Threats TaxonomyMachine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Chimay RedMikrotik RouterOS (6.x < 6.38.5) exploit kit. Reverse engineered from the "Vault 7" WikiLeaks publication.
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
SafetySafety checks your installed dependencies for known security vulnerabilities
OssaOpen-Source Security Architecture | 开源安全架构
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
ExploitpackExploit Pack -The next generation exploit framework
Spectre AttackExample of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)
SqliscannerAutomatic SQL injection with Charles and sqlmap api
HerpaderpingProcess Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
FuzzapiFuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
Hackinghacker, ready for more of our story ! 🚀
PyupA tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.
ThreatmapperIdentify vulnerabilities in running containers, images, hosts and repositories
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Commit WatcherFind interesting and potentially hazardous commits in git projects
Syzkallersyzkaller is an unsupervised coverage-guided kernel fuzzer
TlsfuzzerSSL and TLS protocol test suite and fuzzer
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
RopiumROPium is a tool that helps you building ROP exploits by finding and chaining gadgets together
SubzySubdomain takeover vulnerability checker
SoteriaPlugin to block compilation when unapproved dependencies are used or code styling does not comply.
ekolabsEKOLABS esta dedicada para investigadores independientes y para la comunidad del Software Libre. Vamos a proveer de stands completos con monitor, alimentacion de energia y acceso a internet por cable, y vos vas a traer tu maquina para mostrar tu trabajo y responder preguntas de los participantes de Ekoparty Security Conference
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
RockYou2021.txtRockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!
packagerLaravel Package Skeleton Generator - https://youtu.be/kQRQWzDEbGk
BeFreeWebsite Security, Antivirus & Firewall || a powerful application that can secure your website against hackers, attacks and other incidents of abuse
lokiProof-of-concept of emotion-targeted content delivery using machine learning and ARKit.
bentoBento Toolkit is a minimal fedora-based container for penetration tests and CTF with the sweet addition of GUI applications.
ai-cmsFree and open source Manga CMS (Deprecated!)
CVE-2020-4463IBM Maximo Asset Management is vulnerable to Information Disclosure via XXE Vulnerability (CVE-2020-4463)
moodlescanTool for scan vulnerabilities in Moodle platforms
bWAPPbWAPP latest modified for PHP7
NetworkAlarmA tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.
Puma6FailCVE-2017-5693 Denial of service vulnerability in Puma 6 modems