SQL-XSSA few SQL and XSS attack tools
Stars: ✭ 29 (-96.12%)
log4jscanwinLog4j Vulnerability Scanner for Windows
Stars: ✭ 142 (-81.02%)
GrypeA vulnerability scanner for container images and filesystems
Stars: ✭ 362 (-51.6%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+327.54%)
lachesis👨💻 A work-in-progress web services mass scanner written in Rust
Stars: ✭ 55 (-92.65%)
Hardware And Firmware Security GuidanceGuidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
Stars: ✭ 408 (-45.45%)
waithaxAn implementation of the waithax / slowhax 3DS Kernel11 exploit.
Stars: ✭ 64 (-91.44%)
A2svAuto Scanning to SSL Vulnerability
Stars: ✭ 524 (-29.95%)
Iblessingiblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.
Stars: ✭ 326 (-56.42%)
VbscanOWASP VBScan is a Black Box vBulletin Vulnerability Scanner
Stars: ✭ 295 (-60.56%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (-88.77%)
YsoserialA proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Stars: ✭ 4,808 (+542.78%)
Droid Hunter(deprecated) Android application vulnerability analysis and Android pentest tool
Stars: ✭ 256 (-65.78%)
SecdevlabsA laboratory for learning secure web and mobile development in a practical manner.
Stars: ✭ 547 (-26.87%)
XSS-CheatsheetXSS Cheatsheet - A collection of XSS attack vectors https://xss.devwerks.net/
Stars: ✭ 26 (-96.52%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-48.93%)
xsymlinkXbox One Symbolic Link Exploit: Access restricted/encrypted volumes using the Xbox File Explorer.
Stars: ✭ 18 (-97.59%)
Uxss Db🔪Browser logic vulnerabilities ☠️
Stars: ✭ 565 (-24.47%)
Chimay-Red-tinyThis is a minified exploit for mikrotik routers. It does not require any aditional modules to run.
Stars: ✭ 25 (-96.66%)
log4shell-finderFastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.
Stars: ✭ 22 (-97.06%)
Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (-35.03%)
SecExampleJAVA 漏洞靶场 (Vulnerability Environment For Java)
Stars: ✭ 228 (-69.52%)
ApiVulners Python API wrapper
Stars: ✭ 313 (-58.16%)
GowaptGo Web Application Penetration Test
Stars: ✭ 300 (-59.89%)
TORhunterDesigned to scan and exploit vulnerabilities within Tor hidden services. TORhunter allows most tools to work as normal while resolving .onion
Stars: ✭ 47 (-93.72%)
PybeltThe hackers tool belt
Stars: ✭ 435 (-41.84%)
Vulnerable NodeA very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools
Stars: ✭ 282 (-62.3%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+4299.6%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-64.3%)
Hackinghacker, ready for more of our story ! 🚀
Stars: ✭ 413 (-44.79%)
klustair(Deprecated) Submit all images in your Kubernetes cluster to Anchore for a vulnerability check and check your configuration with kubeaudit
Stars: ✭ 15 (-97.99%)
mondoo🕵️♀️ Mondoo Cloud-Native Security & Vulnerability Risk Management
Stars: ✭ 60 (-91.98%)
OpcdeOPCDE Cybersecurity Conference Materials
Stars: ✭ 538 (-28.07%)
NSE-scriptsNSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (-85.96%)
ExploitsReal world and CTFs exploiting web/binary POCs.
Stars: ✭ 69 (-90.78%)
SingularityA DNS rebinding attack framework.
Stars: ✭ 621 (-16.98%)
external-protocol-floodingScheme flooding vulnerability: how it works and why it is a threat to anonymous browsing
Stars: ✭ 603 (-19.39%)
Javadeserh2hcSample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
Stars: ✭ 361 (-51.74%)
Detect-CVE-2017-15361-TPMDetects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber
Stars: ✭ 34 (-95.45%)
RbndrSimple DNS Rebinding Service
Stars: ✭ 343 (-54.14%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-96.79%)
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+731.28%)
CVE-2021-33766ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit
Stars: ✭ 37 (-95.05%)
FidlA sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 319 (-57.35%)
PocProofs-of-concept
Stars: ✭ 467 (-37.57%)
HerpaderpingProcess Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
Stars: ✭ 614 (-17.91%)
Damn Vulnerable Graphql ApplicationDamn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
Stars: ✭ 567 (-24.2%)
JaadasJoint Advanced Defect assEsment for android applications
Stars: ✭ 304 (-59.36%)