Detect-CVE-2017-15361-TPMDetects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber
Stars: ✭ 34 (-91.67%)
Cve 2018 20555Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555
Stars: ✭ 78 (-80.88%)
PoccollectPoc Collected for study and develop
Stars: ✭ 15 (-96.32%)
Vulnerability Data ArchiveWith the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
Stars: ✭ 63 (-84.56%)
VfeedThe Correlated CVE Vulnerability And Threat Intelligence Database API
Stars: ✭ 826 (+102.45%)
CVE-2019-8449CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (-83.82%)
Cve Check ToolOriginal Automated CVE Checking Tool
Stars: ✭ 172 (-57.84%)
WpreconWPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.
Stars: ✭ 135 (-66.91%)
VulnogramVulnogram is a tool for creating and editing CVE information in CVE JSON format
Stars: ✭ 103 (-74.75%)
Ossf Cve BenchmarkThe OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.
Stars: ✭ 71 (-82.6%)
LabsVulnerability Labs for security analysis
Stars: ✭ 1,002 (+145.59%)
vulristicsExtensible framework for analyzing publicly available information about vulnerabilities
Stars: ✭ 46 (-88.73%)
rest-apiREST API backend for Reconmap
Stars: ✭ 48 (-88.24%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (-64.22%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (-87.25%)
Uxss Db🔪Browser logic vulnerabilities ☠️
Stars: ✭ 565 (+38.48%)
VulnixVulnerability (CVE) scanner for Nix/NixOS.
Stars: ✭ 161 (-60.54%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-78.92%)
Audit Check🛡️ GitHub Action for security audits
Stars: ✭ 90 (-77.94%)
Js Vuln DbA collection of JavaScript engine CVEs with PoCs
Stars: ✭ 2,087 (+411.52%)
LinuxflawThis repo records all the vulnerabilities of linux software I have reproduced in my local workspace
Stars: ✭ 140 (-65.69%)
advisoriesA collection of my public security advisories.
Stars: ✭ 16 (-96.08%)
massh-enumOpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).
Stars: ✭ 136 (-66.67%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+683.82%)
Spectre Meltdown PocA semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities
Stars: ✭ 127 (-68.87%)
Cve 2017 0065Exploiting Edge's read:// urlhandler
Stars: ✭ 15 (-96.32%)
vulnerablecodeA free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
Stars: ✭ 269 (-34.07%)
log4jscanwinLog4j Vulnerability Scanner for Windows
Stars: ✭ 142 (-65.2%)
Spectre Meltdown CheckerSpectre, Meltdown, Foreshadow, Fallout, RIDL, ZombieLoad vulnerability/mitigation checker for Linux & BSD
Stars: ✭ 3,482 (+753.43%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+845.59%)
Cve 2019 1003000 Jenkins Rce PocJenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
Stars: ✭ 270 (-33.82%)
GrypeA vulnerability scanner for container images and filesystems
Stars: ✭ 362 (-11.27%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (-18.87%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+621.08%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-34.56%)
Iblessingiblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.
Stars: ✭ 326 (-20.1%)
Mr.sipSIP-Based Audit and Attack Tool
Stars: ✭ 266 (-34.8%)
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (-37.01%)
EnlightnYour performance & security consultant, an artisan command away.
Stars: ✭ 378 (-7.35%)
NoscriptThe popular NoScript Security Suite browser extension.
Stars: ✭ 366 (-10.29%)
FidlA sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 319 (-21.81%)
Droid Hunter(deprecated) Android application vulnerability analysis and Android pentest tool
Stars: ✭ 256 (-37.25%)
HubbleHubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe. https://github.com/adobe
Stars: ✭ 313 (-23.28%)
ElectriceyeContinuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: ✭ 255 (-37.5%)
VersionscanA PHP version scanner for reporting possible vulnerabilities
Stars: ✭ 254 (-37.75%)
Javadeserh2hcSample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
Stars: ✭ 361 (-11.52%)
ApiVulners Python API wrapper
Stars: ✭ 313 (-23.28%)
CVE-StockpileMaster list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.
Stars: ✭ 41 (-89.95%)
Smart-Contract-Security-AuditsCertified Smart Contract Audits (Ethereum, Hyperledger, xDAI, Huobi ECO Chain, Binance Smart Chain, Fantom, EOS, Tezos) by Chainsulting
Stars: ✭ 325 (-20.34%)
SQL-XSSA few SQL and XSS attack tools
Stars: ✭ 29 (-92.89%)
klustair(Deprecated) Submit all images in your Kubernetes cluster to Anchore for a vulnerability check and check your configuration with kubeaudit
Stars: ✭ 15 (-96.32%)
NmapIdiomatic nmap library for go developers
Stars: ✭ 391 (-4.17%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-6.37%)