Retire.jsscanner detecting the use of JavaScript libraries with known vulnerabilities
SecurityexploitsThis repo has been migrated to https://github.com/github/security-lab/tree/master/SecurityExploits
Insecureprogrammingmirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/
Cve Bin ToolThis tool scans for a number of common, vulnerable components (openssl, libpng, libxml2, expat and a few others) to let you know if your system includes common libraries with known vulnerabilities.
Vulnerable KextA WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
DaspThe Decentralized Application Security Project
MysapadventuresA quick methodology on testing / hacking SAP Applications for n00bz and bug bounty hunters
Laravel Security CheckerAdded Laravel functionality to Enlightn Security Checker. Adds a command to check for, and optionally emails you, vulnerabilities when they affect you.
VulnixVulnerability (CVE) scanner for Nix/NixOS.
VulncostFind security vulnerabilities in open source npm packages while you code
Awesome VulnerableA curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Cve Searchcve-search - a tool to perform local searches for known vulnerabilities
Is Website Vulnerablefinds publicly known security vulnerabilities in a website's frontend JavaScript libraries
PakuriPenetration test Achieve Knowledge Unite Rapid Interface
NailgunNailgun attack on ARM devices.
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Poc ExploitsSelect proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.
NodegoatThe OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
S2eS2E: A platform for multi-path program analysis with selective symbolic execution.
Cvebase.comcvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
VwgenVulnerable Web applications Generator
Anchore EngineA service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification
OpenvulnapiDocumentation and Tools for Cisco's PSIRT openVuln API
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
JaelesThe Swiss Army knife for automated Web Application Testing
ClairVulnerability Static Analysis for Containers
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
BugrequestSniffer vulnerabilities in http request (chrome extension)
Dagdaa tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
Hacker Roadmap📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
OssaOpen-Source Security Architecture | 开源安全架构
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Oss FuzzOSS-Fuzz - continuous fuzzing for open source software.
BinexpLinux Binary Exploitation
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
RailsgoatA vulnerable version of Rails that follows the OWASP Top 10