PybeltThe hackers tool belt
Stars: ✭ 435 (-41.84%)
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: ✭ 242 (-67.65%)
Vulnerable NodeA very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools
Stars: ✭ 282 (-62.3%)
firmeyeIoT固件漏洞挖掘工具
Stars: ✭ 133 (-82.22%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+4299.6%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-64.3%)
hacking-resourcesHacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.
Stars: ✭ 1,386 (+85.29%)
Hackinghacker, ready for more of our story ! 🚀
Stars: ✭ 413 (-44.79%)
CVE-2020-1611Juniper Junos Space (CVE-2020-1611) (PoC)
Stars: ✭ 25 (-96.66%)
hackKubernetes security and vulnerability tools and utilities.
Stars: ✭ 56 (-92.51%)
klustair(Deprecated) Submit all images in your Kubernetes cluster to Anchore for a vulnerability check and check your configuration with kubeaudit
Stars: ✭ 15 (-97.99%)
prl guest to hostGuest to host VM escape exploit for Parallels Desktop
Stars: ✭ 26 (-96.52%)
TIGERPython toolbox to evaluate graph vulnerability and robustness (CIKM 2021)
Stars: ✭ 103 (-86.23%)
mondoo🕵️♀️ Mondoo Cloud-Native Security & Vulnerability Risk Management
Stars: ✭ 60 (-91.98%)
scan-cli-pluginDocker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images
Stars: ✭ 135 (-81.95%)
OpcdeOPCDE Cybersecurity Conference Materials
Stars: ✭ 538 (-28.07%)
cumulusCumulus is web application weakness monitoring, it would be working by add just 3 codelines
Stars: ✭ 43 (-94.25%)
NSE-scriptsNSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (-85.96%)
advisoriesA collection of my public security advisories.
Stars: ✭ 16 (-97.86%)
ExploitsReal world and CTFs exploiting web/binary POCs.
Stars: ✭ 69 (-90.78%)
autoindexPHP - Automatically add an "index.php" in all directories recursively
Stars: ✭ 25 (-96.66%)
SingularityA DNS rebinding attack framework.
Stars: ✭ 621 (-16.98%)
external-protocol-floodingScheme flooding vulnerability: how it works and why it is a threat to anonymous browsing
Stars: ✭ 603 (-19.39%)
Javadeserh2hcSample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
Stars: ✭ 361 (-51.74%)
CVE-2019-8449CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (-91.18%)
Tenable.io-SDK-for-PythonTenable.io SDK offers a scalable and safe way to integrate with the Tenable.io platform.
Stars: ✭ 83 (-88.9%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-95.86%)
Detect-CVE-2017-15361-TPMDetects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber
Stars: ✭ 34 (-95.45%)
exynos-usbdlUnsigned code loader for Exynos BootROM
Stars: ✭ 57 (-92.38%)
RbndrSimple DNS Rebinding Service
Stars: ✭ 343 (-54.14%)
nmap-log4shellNmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
Stars: ✭ 54 (-92.78%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-96.79%)
rest-apiREST API backend for Reconmap
Stars: ✭ 48 (-93.58%)
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+731.28%)
TraditionalMitigationTraditional Mitigation in GCC to defend Memory Corruption Vulnerability
Stars: ✭ 16 (-97.86%)
CVE-2021-33766ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit
Stars: ✭ 37 (-95.05%)
safelog4jSafelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
Stars: ✭ 38 (-94.92%)
FidlA sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 319 (-57.35%)
overflowA command-line tool for exploiting stack-based buffer overflow vulnerabilities.
Stars: ✭ 66 (-91.18%)
break-fast-serialA proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
Stars: ✭ 53 (-92.91%)
PocProofs-of-concept
Stars: ✭ 467 (-37.57%)
TORhunterDesigned to scan and exploit vulnerabilities within Tor hidden services. TORhunter allows most tools to work as normal while resolving .onion
Stars: ✭ 47 (-93.72%)
HerpaderpingProcess Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
Stars: ✭ 614 (-17.91%)
Damn Vulnerable Graphql ApplicationDamn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
Stars: ✭ 567 (-24.2%)
JaadasJoint Advanced Defect assEsment for android applications
Stars: ✭ 304 (-59.36%)