187 Open source projects that are alternatives of or similar to Java Deserialization Exploits

漏洞研究

OSINT tool - gets data from services like shodan, censys etc. in one app

Extensible framework for analyzing publicly available information about vulnerabilities

A social experiment

Check linux sources dump for known CVEs.

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

Modified Nuclei Templates Version to FUZZ Host Header

The PHP Security Checker

快速搭建各种漏洞环境(Various vulnerability environment)

#INFILTRATE20 raptor's party pack

log4j2 remote code execution or IP leakage exploit (with examples)

Writeup of CVE-2020-15906

iOS 10.1.1 Project 0 Exploit Compatible with All arm64 devices for Jailbreak Development

patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428

CVE Alerting Platform

Exploiting challenges in Linux and Windows

A simple framework for sending test payloads for known web CVEs.

RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

ES File Explorer Open Port Vulnerability - CVE-2019-6447

This repo has been migrated to https://github.com/github/security-lab/tree/master/SecurityExploits

A collection of android Exploits and Hacks

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found

Collection of things made during my preparation to take on OSCE

HatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.

collection of verified Linux kernel exploits

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

Repository for information about 0-days exploited in-the-wild.

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.

Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities

Exploitation Framework for Embedded Devices

The knife of the Admin & Security auditor

Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments

Experiments on C/C++ Exploits

A collection of electronic hacker magazines carefully curated over the years from multiple sources

REST API backend for Reconmap

Find exploits in local and online databases instantly

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

This custom Fail2Ban filter and jail will deal with all scans for common Wordpress, Joomla and other Web Exploits being scanned for by automated bots and those seeking to find exploitable web sites.

CVE-2021-27928 MariaDB/MySQL-'wsrep provider' 命令注入漏洞

Exploitation on different architectures (x86, x64, arm, mips, avr)

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

#INFILTRATE19 raptor's party pack

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

CVE-2018-8120 Windows LPE exploit

EternalRocks worm

Vulners Python API wrapper

Log4j Vulnerability Scanner for Windows

Red Hat Dependency Analytics extension

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs