304 Open source projects that are alternatives of or similar to Js Vuln Db

Extraction of iMessage Data via XSS

Vulnerability (CVE) scanner for Nix/NixOS.

Vulnerability Labs for security analysis

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

This repo records all the vulnerabilities of linux software I have reproduced in my local workspace

The Correlated CVE Vulnerability And Threat Intelligence Database API

漏洞研究

🔪Browser logic vulnerabilities ☠️

A collection of my public security advisories.

Log4j Vulnerability Scanner for Windows

汽车/安卓/固件/代码安全测试工具集

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

REST API backend for Reconmap

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

Original Automated CVE Checking Tool

OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).

Vulnogram is a tool for creating and editing CVE information in CVE JSON format

ES File Explorer Open Port Vulnerability - CVE-2019-6447

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

一些漏洞分析

Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

Extensible framework for analyzing publicly available information about vulnerabilities

Poc Collected for study and develop

Exploiting Edge's read:// urlhandler

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

A web crawler (for bug hunting) that gathers more than you can imagine.

Wordpress Vulnerability Scanner

RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1

Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS

List of Magento extensions with known security issues.

Vulnerability Database | huntr.dev

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

Potentially dangerous files

A simple Java command-line utility to mirror the CVE JSON data from NIST.

Test a host for susceptibility to CVE-2019-19781

Automatic SSRF fuzzer and exploitation tool

web scanner - exploitation - information gathering

Audit tool to find common vulnerabilities in PHP source code

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

burpsuite extension for check unauthorized vulnerability

A bootrom exploit for MediaTek devices

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

PoC for CVE-2019-19844(https://www.djangoproject.com/weblog/2019/dec/18/security-releases/)

Penetration tests guide based on OWASP including test cases, resources and examples.

A vulnerable iOS App with Security Challenges for the Security Researcher inside you.

A semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities

Securify v2.0

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

cve-search - a tool to perform local searches for known vulnerabilities

Word 2016 vulnerability allows injecting HTML/JS code into a docx file's embeddedHTML="" tags.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.

🔥 An Exploit framework for Web Vulnerabilities written in Python

OSINT tool - gets data from services like shodan, censys etc. in one app

🛡️ GitHub Action for security audits

PatrowlHears - Vulnerability Intelligence Center / Exploits

A high performance FortiGate SSL-VPN vulnerability scanning and exploitation tool.