228 Open source projects that are alternatives of or similar to Fortiscan

Algorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

✨ Purpose only! The dangers of Bluetooth Low Energy（BLE）implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

Vulnerability Dashboard

🛡️ GitHub Action for security audits

Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)

Automatic SSRF fuzzer and exploitation tool

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

MrsPicky - An IDAPython decompiler script that helps auditing calls to the memcpy() and memmove() functions.

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

A DNS rebinding attack framework.

Word 2016 vulnerability allows injecting HTML/JS code into a docx file's embeddedHTML="" tags.

Here you can get full exploit for SAP NetWeaver AS JAVA

Potentially dangerous files

It's a simple tool for test vulnerability shellshock

PoC exploit for CVE-2016-4622

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Vulnerability Recurrence:漏洞复现记录

Poc Collected for study and develop

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

CVE-2020-10199、CVE-2020-10204漏洞一键检测工具，图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.

A bootrom exploit for MediaTek devices

Steal Net-NTLM Hash using Bad-PDF

使用docker快速搭建各大漏洞靶场，目前可以一键搭建17个靶场。

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Securify v2.0

A curated list of awesome baseband research resources

Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Penetration Testing Platform

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

Create actionable data from your Vulnerability Scans

溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）

Asynchronous Python implementation of SlowLoris DoS attack

Test a host for susceptibility to CVE-2019-19781

An MSBuildTask that checks for known vulnerabilities. Inspired by OWASP SafeNuGet.

Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.

Vulnerability Labs for security analysis

XVWA is intentionally designed with many security flaws and enough technical ground to upskill application security knowledge. This whole idea is to evangelize web application security issues. Do let us know your suggestions for improvement or any more vulnerability you would like to see in XVWA future releases.

Exploiting Edge's read:// urlhandler

Reverse Shell as a Service

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

burpsuite extension for check unauthorized vulnerability

SQL Vulnerability Scanner

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.

A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

The Correlated CVE Vulnerability And Threat Intelligence Database API

Huorong Internet Security vulnerabilities 火绒安全软件漏洞

🎯 Command Injection Payload List

PoC for CVE-2019-19844(https://www.djangoproject.com/weblog/2019/dec/18/security-releases/)

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

Safari local file reader

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

A web crawler (for bug hunting) that gathers more than you can imagine.

Penetration tests guide based on OWASP including test cases, resources and examples.

A sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)