228 Open source projects that are alternatives of or similar to Bad Pdf

rsGen is a Reverse Shell Payload Generator for hacking.

My exploitDB.

Adobe Experience Manager Vulnerability Scanner

Go Web Application Penetration Test

Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple static/dynamic scans

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

Remote control your Greenbone Community Edition or Greenbone Enterprise Appliance

The hackers tool belt

Android application fuzzing framework with fuzzers and crash monitor.

Vulnerability assessment and penetration testing automation and reporting platform for teams.

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

IoT固件漏洞挖掘工具

CLI to integrate continuous fuzzing with Fuzzit

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb

🐛 A plug-in of sublime 2/3 which is able to find PHP vulnerabilities

A Binary Ninja plugin for vulnerability research.

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

Tutorials and Things to Do while Hunting Vulnerability.

Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.

List of real-world threats against endpoint protection software

hacker, ready for more of our story ! 🚀

An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability

漏洞研究

Java漏洞学习笔记 Deserialization Vulnerability

Apache Shiro 反序列化漏洞检测与利用工具

Advanced vulnerability scanning with Nmap NSE

Juniper Junos Space (CVE-2020-1611) (PoC)

web scanner - exploitation - information gathering

ES File Explorer Open Port Vulnerability - CVE-2019-6447

List of Magento extensions with known security issues.

Kubernetes security and vulnerability tools and utilities.

A vulnerable iOS App with Security Challenges for the Security Researcher inside you.

(Deprecated) Submit all images in your Kubernetes cluster to Anchore for a vulnerability check and check your configuration with kubeaudit

Greenbone Vulnerability Manager

Guest to host VM escape exploit for Parallels Desktop

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

0day安全_软件漏洞分析技术

Vulnerability Database | huntr.dev

Python toolbox to evaluate graph vulnerability and robustness (CIKM 2021)

A high performance FortiGate SSL-VPN vulnerability scanning and exploitation tool.

🕵️‍♀️ Mondoo Cloud-Native Security & Vulnerability Risk Management

XVWA is intentionally designed with many security flaws and enough technical ground to upskill application security knowledge. This whole idea is to evangelize web application security issues. Do let us know your suggestions for improvement or any more vulnerability you would like to see in XVWA future releases.

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

OPCDE Cybersecurity Conference Materials

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

Cumulus is web application weakness monitoring, it would be working by add just 3 codelines

Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

A collection of my public security advisories.

🎯 Command Injection Payload List

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Apache Solr Injection Research

Joint Advanced Defect assEsment for android applications

Common Web Managers Fuzz Wordlists

Vulnogram is a tool for creating and editing CVE information in CVE JSON format