66 Open source projects that are alternatives of or similar to Compsecattacklabs

Website Security, Antivirus & Firewall || a powerful application that can secure your website against hackers, attacks and other incidents of abuse

Tool for scan vulnerabilities in Moodle platforms

A tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.

Misc. Public Reports of Penetration Testing and Security Audits.

Vulnogram is a tool for creating and editing CVE information in CVE JSON format

🎯 Command Injection Payload List

Free and open source Manga CMS (Deprecated!)

Mikrotik RouterOS (6.x < 6.38.5) exploit kit. Reverse engineered from the "Vault 7" WikiLeaks publication.

Some of my public exploits

Find interesting and potentially hazardous commits in git projects

Plugin to block compilation when unapproved dependencies are used or code styling does not comply.

HackerOne "in scope" domains

Example of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)

Advanced Web Browser Fingerprinting

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Bento Toolkit is a minimal fedora-based container for penetration tests and CTF with the sweet addition of GUI applications.

Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem

IBM Maximo Asset Management is vulnerable to Information Disclosure via XXE Vulnerability (CVE-2020-4463)

kunpeng是一个Golang编写的开源POC框架/库，以动态链接库的形式提供各种语言调用，通过此项目可快速开发漏洞检测类的系统。

A tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.

Tracking CVEs for the linux Kernel

Command-line tool for generating recovery codes for Hikvision IP Cameras

Safety checks your installed dependencies for known security vulnerabilities

Static code analysis tool based on Elasticsearch

SSL and TLS protocol test suite and fuzzer

Subdomain takeover vulnerability checker

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Exploit Pack -The next generation exploit framework

EKOLABS esta dedicada para investigadores independientes y para la comunidad del Software Libre. Vamos a proveer de stands completos con monitor, alimentacion de energia y acceso a internet por cable, y vos vas a traer tu maquina para mostrar tu trabajo y responder preguntas de los participantes de Ekoparty Security Conference

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!

Automatic SQL injection with Charles and sqlmap api

Laravel Package Skeleton Generator - https://youtu.be/kQRQWzDEbGk

Passively scan for Bluetooth Low Energy devices and attempt to fingerprint them

Proof-of-concept of emotion-targeted content delivery using machine learning and ARKit.

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

FPGA-based LPC bus sniffing tool for Lattice iCEstick Evaluation Kit

🚗Uber, at your fingertips

Red Hat Dependency Analytics extension

hacker, ready for more of our story ! 🚀

This repository for training application security.

Python script that collects SSL/TLS information from hosts

bWAPP latest modified for PHP7

Identify vulnerabilities in running containers, images, hosts and repositories

CVE-2017-5693 Denial of service vulnerability in Puma 6 modems

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

The official PHP SDK for Shieldfy

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies

Vilicus is an open source tool that orchestrates security scans of container images(docker/oci) and centralizes all results into a database for further analysis and metrics.

syzkaller is an unsupervised coverage-guided kernel fuzzer

mirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/

Open-Source Security Architecture | 开源安全架构

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告

Command line tool for testing CRLF injection on a list of domains.

Local Exploit for Meltdown

A static analysis security vulnerability scanner for Ruby on Rails applications

ROPium is a tool that helps you building ROP exploits by finding and chaining gadgets together