VulnogramVulnogram is a tool for creating and editing CVE information in CVE JSON format
Stars: ✭ 103 (+139.53%)
FIDLA sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 421 (+879.07%)
PTEyePhantom eye——A passive business logic vulnerability auditing tool
Stars: ✭ 55 (+27.91%)
trivy-vulnerability-explorerWeb application that allows to load a Trivy report in json format and displays the vulnerabilities of a single target in an interactive data table.
Stars: ✭ 63 (+46.51%)
ExphubExphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
Stars: ✭ 3,056 (+7006.98%)
SmmExploitThe report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303.
Stars: ✭ 98 (+127.91%)
dheaterD(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Stars: ✭ 142 (+230.23%)
AthenaTest your Security Skills, and Clean Code Development as a Pythonist, Hacker & Warrior 🥷🏻
Stars: ✭ 43 (+0%)
Api FuzzerAPI Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities
Stars: ✭ 238 (+453.49%)
apachrotApache (Linux) CVE-2021-41773/2021-42013 Mass Vulnerability Checker
Stars: ✭ 21 (-51.16%)
PapersSlowMist Vulnerability Research Advisories
Stars: ✭ 197 (+358.14%)
gradejsGradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Stars: ✭ 362 (+741.86%)
vrt-rubyRuby library for interacting with Bugcrowd's VRT
Stars: ✭ 15 (-65.12%)
exploitsSome of my public exploits
Stars: ✭ 50 (+16.28%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (+20.93%)
vulnscanA static binary vulnerability scanner
Stars: ✭ 47 (+9.3%)
cloudrasp-log4j2一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.
Stars: ✭ 105 (+144.19%)
GemsuranceGem vulnerability checker using rubysec/ruby-advisory-db
Stars: ✭ 207 (+381.4%)
weblogic honeypotWebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.
Stars: ✭ 30 (-30.23%)
HowtohuntTutorials and Things to Do while Hunting Vulnerability.
Stars: ✭ 2,996 (+6867.44%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-27.91%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (+41.86%)
dnstakeDNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
Stars: ✭ 723 (+1581.4%)
exynos-usbdlUnsigned code loader for Exynos BootROM
Stars: ✭ 57 (+32.56%)
rsGenrsGen is a Reverse Shell Payload Generator for hacking.
Stars: ✭ 71 (+65.12%)
nmap-log4shellNmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
Stars: ✭ 54 (+25.58%)
aemscanAdobe Experience Manager Vulnerability Scanner
Stars: ✭ 161 (+274.42%)
astam-correlatorVulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple static/dynamic scans
Stars: ✭ 22 (-48.84%)
rest-apiREST API backend for Reconmap
Stars: ✭ 48 (+11.63%)
gvm-toolsRemote control your Greenbone Community Edition or Greenbone Enterprise Appliance
Stars: ✭ 143 (+232.56%)
advisoriesA collection of my public security advisories.
Stars: ✭ 16 (-62.79%)
TraditionalMitigationTraditional Mitigation in GCC to defend Memory Corruption Vulnerability
Stars: ✭ 16 (-62.79%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (+460.47%)
CVE-2019-8449CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (+53.49%)
KillshotA Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner
Stars: ✭ 237 (+451.16%)
safelog4jSafelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
Stars: ✭ 38 (-11.63%)
FuzzitCLI to integrate continuous fuzzing with Fuzzit
Stars: ✭ 220 (+411.63%)
autoindexPHP - Automatically add an "index.php" in all directories recursively
Stars: ✭ 25 (-41.86%)
PubVulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb
Stars: ✭ 217 (+404.65%)
overflowA command-line tool for exploiting stack-based buffer overflow vulnerabilities.
Stars: ✭ 66 (+53.49%)
VulnfanaticA Binary Ninja plugin for vulnerability research.
Stars: ✭ 203 (+372.09%)
Tenable.io-SDK-for-PythonTenable.io SDK offers a scalable and safe way to integrate with the Tenable.io platform.
Stars: ✭ 83 (+93.02%)
break-fast-serialA proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
Stars: ✭ 53 (+23.26%)
Python-For-Ethical-HackingThis is a complete project series on implementing hacking tools available in Kali Linux into python.
Stars: ✭ 29 (-32.56%)
quick-scriptsA collection of my quick and dirty scripts for vulnerability POC and detections
Stars: ✭ 73 (+69.77%)
massh-enumOpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).
Stars: ✭ 136 (+216.28%)
turing-machineA Python program implementing and exploiting the Minsky Turing machine considered in the paper "Intrinsic Propensity for Vulnerability in Computers? Arbitrary Code Execution in the Universal Turing Machine" as per CVE-2021-32471 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32471)
Stars: ✭ 70 (+62.79%)