MyKings / Docker Vulnerability Environment
Licence: apache-2.0
Use the docker to build a vulnerability environment
Stars: ✭ 370
Projects that are alternatives of or similar to Docker Vulnerability Environment
XSS-Cheatsheet
XSS Cheatsheet - A collection of XSS attack vectors https://xss.devwerks.net/
Stars: ✭ 26 (-92.97%)
Mutual labels: vulnerability
Vbscan
OWASP VBScan is a Black Box vBulletin Vulnerability Scanner
Stars: ✭ 295 (-20.27%)
Mutual labels: vulnerability
Iblessing
iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.
Stars: ✭ 326 (-11.89%)
Mutual labels: vulnerability
Faraday
Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+764.32%)
Mutual labels: vulnerability
Jaadas
Joint Advanced Defect assEsment for android applications
Stars: ✭ 304 (-17.84%)
Mutual labels: vulnerability
waithax
An implementation of the waithax / slowhax 3DS Kernel11 exploit.
Stars: ✭ 64 (-82.7%)
Mutual labels: vulnerability
Javadeserh2hc
Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
Stars: ✭ 361 (-2.43%)
Mutual labels: vulnerability
Vulnerable Node
A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools
Stars: ✭ 282 (-23.78%)
Mutual labels: vulnerability
Fidl
A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 319 (-13.78%)
Mutual labels: vulnerability
Application Security Engineer Interview Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-27.84%)
Mutual labels: vulnerability
Android Kernel Exploitation
Android Kernel Exploitation
Stars: ✭ 313 (-15.41%)
Mutual labels: vulnerability
klustair
(Deprecated) Submit all images in your Kubernetes cluster to Anchore for a vulnerability check and check your configuration with kubeaudit
Stars: ✭ 15 (-95.95%)
Mutual labels: vulnerability
mondoo
🕵️♀️ Mondoo Cloud-Native Security & Vulnerability Risk Management
Stars: ✭ 60 (-83.78%)
Mutual labels: vulnerability
Grype
A vulnerability scanner for container images and filesystems
Stars: ✭ 362 (-2.16%)
Mutual labels: vulnerability
docker-vulnerability-environment
这个项目是为了使用 docker 部署 Web 漏洞测试环境, 可随时创建随时删除。 当前项目包括: bWAPP、DVWA、OWASP Broken Web Applications Project等多个漏洞测试环境。
环境列表
- bWAPP
- xssed
- DVWA
- WebGoat
- DVWA-WooYun-edition
- DSVW
- WAVSEP
- OWASP Security Shepherd
- OWASP Broken Web Applications Project(未完成)
- xvwa(未完成) https://github.com/s4n7h0/xvwa
Docker for Penetration Testing
-
docker pull kalilinux/kali-linux-docker
official Kali Linux -
docker pull owasp/zap2docker-stable
- official OWASP ZAP -
docker pull wpscanteam/wpscan
- official WPScan -
docker pull pandrew/metasploit
- docker-metasploit -
docker pull citizenstig/dvwa
- Damn Vulnerable Web Application (DVWA) -
docker pull wpscanteam/vulnerablewordpress
- Vulnerable WordPress Installation -
docker pull hmlio/vaas-cve-2014-6271
- Vulnerability as a service: Shellshock -
docker pull hmlio/vaas-cve-2014-0160
- Vulnerability as a service: Heartbleed -
docker pull opendns/security-ninjas
- Security Ninjas -
docker pull diogomonica/docker-bench-security
- Docker Bench for Security -
docker pull ismisepaul/securityshepherd
- OWASP Security Shepherd -
docker pull danmx/docker-owasp-webgoat
- OWASP WebGoat Project docker image -
docker-compose build && docker-compose up
- OWASP NodeGoat -
docker pull citizenstig/nowasp
- OWASP Mutillidae II Web Pen-Test Practice Application -
docker pull bkimminich/juice-shop
- OWASP Juice Shop -
docker pull kalilinux/kali-linux-docker
- Kali Linux Docker Image
Docker 镜像源
- https://dev.aliyun.com/
- index.docker.io/library/ubuntu
参考链接
- https://github.com/enaqx/awesome-pentest
- https://github.com/secfigo/Awesome-Fuzzing
- https://github.com/Hack-with-Github/Awesome-Hacking
- https://github.com/re-pronin/Awesome-Vulnerability-Research
- https://github.com/b-mueller/android_app_security_checklist
- https://github.com/GDSSecurity/GWT-Penetration-Testing-Toolset
- https://github.com/shieldfy/API-Security-Checklist
- https://github.com/Microsoft/MSRC-Security-Research
- https://github.com/advanced-threat-research/firmware-security-training
- https://github.com/FallibleInc/security-guide-for-developers
- https://github.com/paralax/awesome-honeypots
- https://github.com/jaredthecoder/awesome-vehicle-security
- https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki
- https://github.com/secretsquirrel/the-backdoor-factory
- https://github.com/enaqx/awesome-pentest
- https://github.com/danielmiessler/SecLists
- https://github.com/nixawk/pentest-wiki
- https://github.com/rshipp/awesome-malware-analysis
- https://github.com/google/oss-fuzz
- https://www.vulnhub.com
- https://pentesterlab.com/
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].