PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (+62.22%)
Detect-CVE-2017-15361-TPMDetects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber
Stars: ✭ 34 (-62.22%)
Hardware And Firmware Security GuidanceGuidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
Stars: ✭ 408 (+353.33%)
Web AccessibilityA Visual Studio Extension for Web accessibility
Stars: ✭ 55 (-38.89%)
VulnwhispererCreate actionable data from your Vulnerability Scans
Stars: ✭ 1,102 (+1124.44%)
UnjailmeA sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)
Stars: ✭ 73 (-18.89%)
MrspickyMrsPicky - An IDAPython decompiler script that helps auditing calls to the memcpy() and memmove() functions.
Stars: ✭ 86 (-4.44%)
Openvas ScannerOpen Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)
Stars: ✭ 1,056 (+1073.33%)
NugetdefenseAn MSBuildTask that checks for known vulnerabilities. Inspired by OWASP SafeNuGet.
Stars: ✭ 44 (-51.11%)
Bitp0wnAlgorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.
Stars: ✭ 59 (-34.44%)
Cve 2018 20555Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555
Stars: ✭ 78 (-13.33%)
Ssl BaselineDevSec SSL/TLS Baseline - InSpec Profile
Stars: ✭ 56 (-37.78%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-3.33%)
ShellshockhunterIt's a simple tool for test vulnerability shellshock
Stars: ✭ 52 (-42.22%)
Nginx BaselineDevSec Nginx Baseline - InSpec Profile
Stars: ✭ 71 (-21.11%)
RvdRobot Vulnerability Database. An archive of robot vulnerabilities and bugs.
Stars: ✭ 87 (-3.33%)
Audit StashFlexible and rock solid audit log tracking for CakePHP 3
Stars: ✭ 66 (-26.67%)
Lighthouse BatchRun Lighthouse analysis over multiple sites in a single command
Stars: ✭ 83 (-7.78%)
Cve 2017 0065Exploiting Edge's read:// urlhandler
Stars: ✭ 15 (-83.33%)
Vulnerability Data ArchiveWith the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
Stars: ✭ 63 (-30%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+841.11%)
FuxiPenetration Testing Platform
Stars: ✭ 1,103 (+1125.56%)
Perftools RunnerGoogle Performance Tools runner using Puppeteer
Stars: ✭ 79 (-12.22%)
Publisher Ads Lighthouse PluginPublisher Ads Lighthouse Plugin is a tool to improve ad speed and overall quality through a series of automated audits. This tool will aid in resolving discovered problems, providing a tool to be used to evaluate effectiveness of iterative changes while suggesting actionable feedback.
Stars: ✭ 58 (-35.56%)
Reverse ShellReverse Shell as a Service
Stars: ✭ 1,281 (+1323.33%)
TarpaulinA code coverage tool for Rust projects
Stars: ✭ 1,097 (+1118.89%)
Cargo ContributeCargo subcommand for contributing to your dependencies
Stars: ✭ 56 (-37.78%)
Cargo Remotecargo subcommand to compile rust projects remotely
Stars: ✭ 87 (-3.33%)
Vim CratesHandle Cargo dependencies like a Rustavimean.
Stars: ✭ 54 (-40%)
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-20%)
SlowlorisAsynchronous Python implementation of SlowLoris DoS attack
Stars: ✭ 51 (-43.33%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-4.44%)
MacchinaA system information fetcher, with a focus on performance and minimalism.
Stars: ✭ 45 (-50%)
Ossf Cve BenchmarkThe OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.
Stars: ✭ 71 (-21.11%)
Owasp MasvsThe Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.
Stars: ✭ 1,030 (+1044.44%)
JscpwnPoC exploit for CVE-2016-4622
Stars: ✭ 89 (-1.11%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+1021.11%)
Rust Python ExtDistutils helpers for rust Python extensions
Stars: ✭ 69 (-23.33%)
LabsVulnerability Labs for security analysis
Stars: ✭ 1,002 (+1013.33%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+885.56%)
Natnat - the 'ls' replacement you never knew you needed
Stars: ✭ 1,129 (+1154.44%)
PoccollectPoc Collected for study and develop
Stars: ✭ 15 (-83.33%)
Ble Security Attack Defence✨ Purpose only! The dangers of Bluetooth Low Energy(BLE)implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.
Stars: ✭ 88 (-2.22%)
Webterminalssh rdp vnc telnet sftp bastion/jump web putty xshell terminal jumpserver audit realtime monitor rz/sz 堡垒机 云桌面 linux devops sftp websocket file management rz/sz otp 自动化运维 审计 录像 文件管理 sftp上传 实时监控 录像回放 网页版rz/sz上传下载/动态口令 django
Stars: ✭ 1,124 (+1148.89%)
Vulstudy使用docker快速搭建各大漏洞靶场,目前可以一键搭建17个靶场。
Stars: ✭ 1,245 (+1283.33%)
TrivyScanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
Stars: ✭ 9,673 (+10647.78%)
Attack Surface Detector BurpThe Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
Stars: ✭ 63 (-30%)
XargoThe sysroot manager that lets you build and customize `std`
Stars: ✭ 841 (+834.44%)
WhitewidowSQL Vulnerability Scanner
Stars: ✭ 926 (+928.89%)
Drydockdrydock provides a flexible way of assessing the security of your Docker daemon configuration and containers using editable audit templates
Stars: ✭ 60 (-33.33%)
Trackray溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
Stars: ✭ 1,295 (+1338.89%)
Windows Secure Host BaselineConfiguration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber
Stars: ✭ 1,288 (+1331.11%)