1165 Open source projects that are alternatives of or similar to Ansvif

Advanced vulnerability scanning with Nmap NSE

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

A high performance offensive security tool for reconnaissance and vulnerability scanning

🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs

A semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities

RAS(RAndom Subdomain) Fuzzer

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

DoS PoC's for SAP products

American Fuzzy Lop + Dyninst == AFL Fuzzing blackbox binaries

Some of my public exploits

RTSPhuzz - An RTSP Fuzzer written using the Boofuzz framework

Unsigned code loader for Exynos BootROM

Safari local file reader

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

run AFL with pintool

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

A curated list of awesome Fuzzing(or Fuzz Testing) for software security

HTTP fuzzer engine security oriented

A MS OpenXML Format Fuzzing Framework

expansion of afl-unicorn using c++

Generation-based, context-free grammar fuzzer.

Fast web fuzzer written in Go

ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit

Customizable TCP fuzzing tool to test for remote buffer overflows.

Powerful dork searcher and vulnerability scanner for windows platform

SQL Injection Payload List

Summary of online learning materials

Real world and CTFs exploiting web/binary POCs.

Android application fuzzing framework with fuzzers and crash monitor.

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

Apache Shiro 反序列化漏洞检测与利用工具

Go Web Application Penetration Test

A few SQL and XSS attack tools

Patches to afl to fix bugs or add enhancements

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

ClusterFuzzLite - Simple continuous fuzzing that runs in CI.

swiss army knife for hackers

Proofs-of-concept

A collection of electronic hacker magazines carefully curated over the years from multiple sources

🤖 Repeat tests. Repeat tests. Repeat tests.

Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

IoT 固件漏洞复现环境

hack tools

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Xbox One Symbolic Link Exploit: Access restricted/encrypted volumes using the Xbox File Explorer.

Command line helpers for fuzzing

OSS-Fuzz - continuous fuzzing for open source software.

Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.

Recent Fuzzing Paper

Exploiting Edge's read:// urlhandler

Vulnerability Labs for security analysis

✨ Purpose only! The dangers of Bluetooth Low Energy（BLE）implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

🐇 Fuzzing Rust code with American Fuzzy Lop

pentest framework

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Here you can get full exploit for SAP NetWeaver AS JAVA

Structure-aware, in-process, coverage-guided, evolutionary fuzzing engine for Rust functions.