XvwaXVWA is intentionally designed with many security flaws and enough technical ground to upskill application security knowledge. This whole idea is to evangelize web application security issues. Do let us know your suggestions for improvement or any more vulnerability you would like to see in XVWA future releases.
Stars: ✭ 1,540 (+600%)
HonggfuzzSecurity oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
Stars: ✭ 2,400 (+990.91%)
FuzzinatorFuzzinator Random Testing Framework
Stars: ✭ 164 (-25.45%)
KaflA fuzzer for full VM kernel/driver targets
Stars: ✭ 204 (-7.27%)
Wooyunwooyun public information backup
Stars: ✭ 112 (-49.09%)
GrammarinatorANTLR v4 grammar-based test generator
Stars: ✭ 162 (-26.36%)
Fisy FuzzThis is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.
Stars: ✭ 110 (-50%)
PapersAcademic papers and articles that I read related to web hacking, fuzzing, etc. / 阅读过的Web安全方向、模糊测试方向的一些论文与阅读笔记
Stars: ✭ 181 (-17.73%)
Zeebsploitweb scanner - exploitation - information gathering
Stars: ✭ 159 (-27.73%)
Crlf Injection ScannerCommand line tool for testing CRLF injection on a list of domains.
Stars: ✭ 91 (-58.64%)
JfsConstraint solver based on coverage-guided fuzzing
Stars: ✭ 215 (-2.27%)
Fuzz.txtPotentially dangerous files
Stars: ✭ 1,382 (+528.18%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+5466.36%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+520%)
AvpwnList of real-world threats against endpoint protection software
Stars: ✭ 179 (-18.64%)
SsrfmapAutomatic SSRF fuzzer and exploitation tool
Stars: ✭ 1,344 (+510.91%)
MagevulndbList of Magento extensions with known security issues.
Stars: ✭ 152 (-30.91%)
Afl Snapshot LkmA Linux Kernel Module that implements a fast snapshot mechanism for fuzzing.
Stars: ✭ 97 (-55.91%)
GemsuranceGem vulnerability checker using rubysec/ruby-advisory-db
Stars: ✭ 207 (-5.91%)
AmonetA bootrom exploit for MediaTek devices
Stars: ✭ 96 (-56.36%)
RapidRapid is a Go library for property-based testing that supports state machine ("stateful" or "model-based") testing and fully automatic test case minimization ("shrinking")
Stars: ✭ 213 (-3.18%)
VulnfanaticA Binary Ninja plugin for vulnerability research.
Stars: ✭ 203 (-7.73%)
Vfuzzvfuzz
Stars: ✭ 178 (-19.09%)
CfbCanadian Furious Beaver is a tool for hijacking IRPs handler in Windows drivers, and facilitating the process of analyzing Windows drivers for vulnerabilities
Stars: ✭ 146 (-33.64%)
H4ckerThis repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+4650.45%)
Django cve 2019 19844 pocPoC for CVE-2019-19844(https://www.djangoproject.com/weblog/2019/dec/18/security-releases/)
Stars: ✭ 94 (-57.27%)
QrgenSimple script for generating Malformed QRCodes.
Stars: ✭ 178 (-19.09%)
Exploit Framework🔥 An Exploit framework for Web Vulnerabilities written in Python
Stars: ✭ 144 (-34.55%)
Docx Embeddedhtml InjectionWord 2016 vulnerability allows injecting HTML/JS code into a docx file's embeddedHTML="" tags.
Stars: ✭ 91 (-58.64%)
UafuzzUAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities
Stars: ✭ 217 (-1.36%)
Audit Check🛡️ GitHub Action for security audits
Stars: ✭ 90 (-59.09%)
Fuzzing StuffResources About Fuzzing, For Multiple Platforms And All Popular Fuzzers. 500+ Open Source Tools Sorted By Star Count, 800+ Blog Posts Sorted By Publish Time.
Stars: ✭ 144 (-34.55%)
FirmaeTowards Large-Scale Emulation of IoT Firmware for Dynamic Analysis
Stars: ✭ 91 (-58.64%)
DomatoDOM fuzzer
Stars: ✭ 1,303 (+492.27%)
Fast CheckProperty based testing framework for JavaScript (like QuickCheck) written in TypeScript
Stars: ✭ 2,604 (+1083.64%)
GvmdGreenbone Vulnerability Manager
Stars: ✭ 140 (-36.36%)
Trackray溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
Stars: ✭ 1,295 (+488.64%)
LinuxflawThis repo records all the vulnerabilities of linux software I have reproduced in my local workspace
Stars: ✭ 140 (-36.36%)
JscpwnPoC exploit for CVE-2016-4622
Stars: ✭ 89 (-59.55%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-9.55%)
JanusJanus: a state-of-the-art file system fuzzer on Linux
Stars: ✭ 139 (-36.82%)
RvdRobot Vulnerability Database. An archive of robot vulnerabilities and bugs.
Stars: ✭ 87 (-60.45%)
Reverse ShellReverse Shell as a Service
Stars: ✭ 1,281 (+482.27%)
WpreconWPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.
Stars: ✭ 135 (-38.64%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-60.45%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-60.91%)
GodnslogAn exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Stars: ✭ 172 (-21.82%)
MrspickyMrsPicky - An IDAPython decompiler script that helps auditing calls to the memcpy() and memmove() functions.
Stars: ✭ 86 (-60.91%)
HuntrVulnerability Database | huntr.dev
Stars: ✭ 136 (-38.18%)
Vulstudy使用docker快速搭建各大漏洞靶场,目前可以一键搭建17个靶场。
Stars: ✭ 1,245 (+465.91%)
PapersSlowMist Vulnerability Research Advisories
Stars: ✭ 197 (-10.45%)
Cve Check ToolOriginal Automated CVE Checking Tool
Stars: ✭ 172 (-21.82%)