A collection of electronic hacker magazines carefully curated over the years from multiple sources

Reverse Shell as a Service

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.

A curated list of awesome baseband research resources

Penetration tests guide based on OWASP including test cases, resources and examples.

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

🛡️ GitHub Action for security audits

使用docker快速搭建各大漏洞靶场，目前可以一键搭建17个靶场。

MrsPicky - An IDAPython decompiler script that helps auditing calls to the memcpy() and memmove() functions.

PoC exploit for CVE-2016-4622

A sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)

Word 2016 vulnerability allows injecting HTML/JS code into a docx file's embeddedHTML="" tags.

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

✨ Purpose only! The dangers of Bluetooth Low Energy（BLE）implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.

PoC for CVE-2019-19844(https://www.djangoproject.com/weblog/2019/dec/18/security-releases/)

Securify v2.0

溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）