187 Open source projects that are alternatives of or similar to Kernelhub

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

A collection of curated Java Deserialization Exploits

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity

Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.

The Correlated CVE Vulnerability And Threat Intelligence Database API

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

PatrowlHears - Vulnerability Intelligence Center / Exploits

Containing Self Made Perl Reproducers / PoC Codes

Some personal exploits/pocs

WebMap-Nmap Web Dashboard and Reporting

Advisories, proof of concept files and exploits that have been made public by @pedrib.

kernel privilege escalation enumeration and exploitation framework

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

Vulners Python API wrapper

RouterOS Security Research Tooling and Proof of Concepts

BootStomp: a bootloader vulnerability finder

Exploits and Security Tools Framework 2.0.1

🔪Browser logic vulnerabilities ☠️

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

A PHP version scanner for reporting possible vulnerabilities

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Resources for Windows exploit development

Tracking CVEs for the linux Kernel

A Ruby framework designed to aid in the penetration testing of WordPress systems.

A handy collection of my public exploits, all in one place.

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

快速搭建各种漏洞环境(Various vulnerability environment)

Exploitation on different architectures (x86, x64, arm, mips, avr)

A collection of android Exploits and Hacks

ES File Explorer Open Port Vulnerability - CVE-2019-6447

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

CVE-2018-8120 Windows LPE exploit

Challenges and vulnerabilities exploitation.

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Writeup of CVE-2020-15906

Log4j Vulnerability Scanner for Windows

for mass exploiting

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Find exploit tool

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

Exploiting Edge's read:// urlhandler

Check linux sources dump for known CVEs.

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Just some exploits :P

log4j2 remote code execution or IP leakage exploit (with examples)

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

Botnet targeting Windows machines written entirely in Python & open source security project.

Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

Exploit Pack -The next generation exploit framework

EternalRocks worm

Cybersecurity stuff for both the blue team and the red team, mostly red though.