RoothelperA Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.
Stars: ✭ 416 (+188.89%)
Openvas ScannerOpen Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)
Stars: ✭ 1,056 (+633.33%)
Audit Check🛡️ GitHub Action for security audits
Stars: ✭ 90 (-37.5%)
NugetdefenseAn MSBuildTask that checks for known vulnerabilities. Inspired by OWASP SafeNuGet.
Stars: ✭ 44 (-69.44%)
Spectre Meltdown PocA semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities
Stars: ✭ 127 (-11.81%)
LabsVulnerability Labs for security analysis
Stars: ✭ 1,002 (+595.83%)
Trackray溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
Stars: ✭ 1,295 (+799.31%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+515.97%)
Nonce DisrespectNonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS
Stars: ✭ 103 (-28.47%)
PoccollectPoc Collected for study and develop
Stars: ✭ 15 (-89.58%)
RvdRobot Vulnerability Database. An archive of robot vulnerabilities and bugs.
Stars: ✭ 87 (-39.58%)
FeatherdusterAn automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction
Stars: ✭ 876 (+508.33%)
TrivyScanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
Stars: ✭ 9,673 (+6617.36%)
Reverse ShellReverse Shell as a Service
Stars: ✭ 1,281 (+789.58%)
Cve 2020 10199 cve 2020 10204CVE-2020-10199、CVE-2020-10204漏洞一键检测工具,图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.
Stars: ✭ 20 (-86.11%)
Hisilicon Dvr TelnetPoC materials for article https://habr.com/en/post/486856/
Stars: ✭ 101 (-29.86%)
CdkCDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
Stars: ✭ 1,264 (+777.78%)
Fail2ban.webexploitsThis custom Fail2Ban filter and jail will deal with all scans for common Wordpress, Joomla and other Web Exploits being scanned for by automated bots and those seeking to find exploitable web sites.
Stars: ✭ 67 (-53.47%)
Hardware And Firmware Security GuidanceGuidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
Stars: ✭ 408 (+183.33%)
PompemFind exploit tool
Stars: ✭ 786 (+445.83%)
SafilerSafari local file reader
Stars: ✭ 118 (-18.06%)
Bad PdfSteal Net-NTLM Hash using Bad-PDF
Stars: ✭ 748 (+419.44%)
MrspickyMrsPicky - An IDAPython decompiler script that helps auditing calls to the memcpy() and memmove() functions.
Stars: ✭ 86 (-40.28%)
IsfISF(Industrial Control System Exploitation Framework),a exploitation framework based on Python
Stars: ✭ 690 (+379.17%)
Kernelpopkernel privilege escalation enumeration and exploitation framework
Stars: ✭ 628 (+336.11%)
Vulstudy使用docker快速搭建各大漏洞靶场,目前可以一键搭建17个靶场。
Stars: ✭ 1,245 (+764.58%)
LinuxflawThis repo records all the vulnerabilities of linux software I have reproduced in my local workspace
Stars: ✭ 140 (-2.78%)
HoundsploitAn advanced graphical search engine for Exploit-DB
Stars: ✭ 81 (-43.75%)
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+4218.06%)
SsrfmapAutomatic SSRF fuzzer and exploitation tool
Stars: ✭ 1,344 (+833.33%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+22753.47%)
UnjailmeA sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)
Stars: ✭ 73 (-49.31%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+813.89%)
Attack Surface Detector BurpThe Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
Stars: ✭ 63 (-56.25%)
EqgrpDecrypted content of eqgrp-auction-file.tar.xz
Stars: ✭ 3,743 (+2499.31%)
Ossf Cve BenchmarkThe OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.
Stars: ✭ 71 (-50.69%)
Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (+237.5%)
ToolsSecurity and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
Stars: ✭ 1,343 (+832.64%)
PocProofs-of-concept
Stars: ✭ 467 (+224.31%)
OseeCollection of things made during my preparation to take on OSEE
Stars: ✭ 69 (-52.08%)
Mecfor mass exploiting
Stars: ✭ 448 (+211.11%)
YsoserialA proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Stars: ✭ 4,808 (+3238.89%)
ExploitsMiscellaneous exploit code
Stars: ✭ 1,157 (+703.47%)
Hackinghacker, ready for more of our story ! 🚀
Stars: ✭ 413 (+186.81%)
Django cve 2019 19844 pocPoC for CVE-2019-19844(https://www.djangoproject.com/weblog/2019/dec/18/security-releases/)
Stars: ✭ 94 (-34.72%)
Vulnerability Data ArchiveWith the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
Stars: ✭ 63 (-56.25%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+165.28%)
Poc ExploitsSelect proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.
Stars: ✭ 111 (-22.92%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (+162.5%)
Computer Science ResourcesA list of resources in different fields of Computer Science (multiple languages)
Stars: ✭ 1,316 (+813.89%)
FuxiPenetration Testing Platform
Stars: ✭ 1,103 (+665.97%)
Bitp0wnAlgorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.
Stars: ✭ 59 (-59.03%)
Sap exploitHere you can get full exploit for SAP NetWeaver AS JAVA
Stars: ✭ 60 (-58.33%)
GvmdGreenbone Vulnerability Manager
Stars: ✭ 140 (-2.78%)