Js Vuln DbA collection of JavaScript engine CVEs with PoCs
Stars: ✭ 2,087 (+1390.71%)
WpreconWPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.
Stars: ✭ 135 (-3.57%)
vulristicsExtensible framework for analyzing publicly available information about vulnerabilities
Stars: ✭ 46 (-67.14%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+2184.29%)
Detect-CVE-2017-15361-TPMDetects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber
Stars: ✭ 34 (-75.71%)
Ossf Cve BenchmarkThe OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.
Stars: ✭ 71 (-49.29%)
advisoriesA collection of my public security advisories.
Stars: ✭ 16 (-88.57%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (-62.86%)
VfeedThe Correlated CVE Vulnerability And Threat Intelligence Database API
Stars: ✭ 826 (+490%)
Cve 2018 20555Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555
Stars: ✭ 78 (-44.29%)
massh-enumOpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).
Stars: ✭ 136 (-2.86%)
VulnixVulnerability (CVE) scanner for Nix/NixOS.
Stars: ✭ 161 (+15%)
rest-apiREST API backend for Reconmap
Stars: ✭ 48 (-65.71%)
Cve Check ToolOriginal Automated CVE Checking Tool
Stars: ✭ 172 (+22.86%)
log4jscanwinLog4j Vulnerability Scanner for Windows
Stars: ✭ 142 (+1.43%)
Cve 2017 0065Exploiting Edge's read:// urlhandler
Stars: ✭ 15 (-89.29%)
VulnogramVulnogram is a tool for creating and editing CVE information in CVE JSON format
Stars: ✭ 103 (-26.43%)
Vulnerability Data ArchiveWith the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
Stars: ✭ 63 (-55%)
CVE-2019-8449CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (-52.86%)
Hardware And Firmware Security GuidanceGuidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
Stars: ✭ 408 (+191.43%)
Uxss Db🔪Browser logic vulnerabilities ☠️
Stars: ✭ 565 (+303.57%)
vulnerablecodeA free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
Stars: ✭ 269 (+92.14%)
PoccollectPoc Collected for study and develop
Stars: ✭ 15 (-89.29%)
LabsVulnerability Labs for security analysis
Stars: ✭ 1,002 (+615.71%)
Docx Embeddedhtml InjectionWord 2016 vulnerability allows injecting HTML/JS code into a docx file's embeddedHTML="" tags.
Stars: ✭ 91 (-35%)
H4ckerThis repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+7365%)
Audit Check🛡️ GitHub Action for security audits
Stars: ✭ 90 (-35.71%)
Spectre Meltdown PocA semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities
Stars: ✭ 127 (-9.29%)
VulrecVulnerability Recurrence:漏洞复现记录
Stars: ✭ 109 (-22.14%)
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (-36.43%)
Trackray溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
Stars: ✭ 1,295 (+825%)
AnsvifA Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.
Stars: ✭ 107 (-23.57%)
JscpwnPoC exploit for CVE-2016-4622
Stars: ✭ 89 (-36.43%)
RvdRobot Vulnerability Database. An archive of robot vulnerabilities and bugs.
Stars: ✭ 87 (-37.86%)
HuntrVulnerability Database | huntr.dev
Stars: ✭ 136 (-2.86%)
Cve Searchcve-search - a tool to perform local searches for known vulnerabilities
Stars: ✭ 1,765 (+1160.71%)
Ble Security Attack Defence✨ Purpose only! The dangers of Bluetooth Low Energy(BLE)implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.
Stars: ✭ 88 (-37.14%)
Gitlab rceRCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
Stars: ✭ 104 (-25.71%)
PattonThe clever vulnerability dependency finder
Stars: ✭ 87 (-37.86%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-37.86%)
SarenkaOSINT tool - gets data from services like shodan, censys etc. in one app
Stars: ✭ 120 (-14.29%)
Nonce DisrespectNonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS
Stars: ✭ 103 (-26.43%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-38.57%)
MrspickyMrsPicky - An IDAPython decompiler script that helps auditing calls to the memcpy() and memmove() functions.
Stars: ✭ 86 (-38.57%)
Nist Data MirrorA simple Java command-line utility to mirror the CVE JSON data from NIST.
Stars: ✭ 135 (-3.57%)
FortiscanA high performance FortiGate SSL-VPN vulnerability scanning and exploitation tool.
Stars: ✭ 120 (-14.29%)
Fuzz.txtPotentially dangerous files
Stars: ✭ 1,382 (+887.14%)
Vulstudy使用docker快速搭建各大漏洞靶场,目前可以一键搭建17个靶场。
Stars: ✭ 1,245 (+789.29%)
UnjailmeA sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)
Stars: ✭ 73 (-47.86%)