Docx Embeddedhtml InjectionWord 2016 vulnerability allows injecting HTML/JS code into a docx file's embeddedHTML="" tags.
Stars: ✭ 91 (-35%)
Kernelhub🌴Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file
Stars: ✭ 972 (+594.29%)
Audit Check🛡️ GitHub Action for security audits
Stars: ✭ 90 (-35.71%)
Spectre Meltdown PocA semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities
Stars: ✭ 127 (-9.29%)
Trackray溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
Stars: ✭ 1,295 (+825%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+505%)
RvdRobot Vulnerability Database. An archive of robot vulnerabilities and bugs.
Stars: ✭ 87 (-37.86%)
WhitewidowSQL Vulnerability Scanner
Stars: ✭ 926 (+561.43%)
HuntrVulnerability Database | huntr.dev
Stars: ✭ 136 (-2.86%)
WhourTool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.
Stars: ✭ 18 (-87.14%)
UnjailmeA sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)
Stars: ✭ 73 (-47.86%)
Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (+247.14%)
Gitlab rceRCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
Stars: ✭ 104 (-25.71%)
Bad PdfSteal Net-NTLM Hash using Bad-PDF
Stars: ✭ 748 (+434.29%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-37.86%)
SarenkaOSINT tool - gets data from services like shodan, censys etc. in one app
Stars: ✭ 120 (-14.29%)
In Spectre MeltdownThis tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-38.57%)
Damn Vulnerable Graphql ApplicationDamn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
Stars: ✭ 567 (+305%)
SecdevlabsA laboratory for learning secure web and mobile development in a practical manner.
Stars: ✭ 547 (+290.71%)
SsrfmapAutomatic SSRF fuzzer and exploitation tool
Stars: ✭ 1,344 (+860%)
Cve 2018 8120CVE-2018-8120 Windows LPE exploit
Stars: ✭ 447 (+219.29%)
PybeltThe hackers tool belt
Stars: ✭ 435 (+210.71%)
A2svAuto Scanning to SSL Vulnerability
Stars: ✭ 524 (+274.29%)
PocProofs-of-concept
Stars: ✭ 467 (+233.57%)
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-48.57%)
SafilerSafari local file reader
Stars: ✭ 118 (-15.71%)
YsoserialA proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Stars: ✭ 4,808 (+3334.29%)
Hackinghacker, ready for more of our story ! 🚀
Stars: ✭ 413 (+195%)
Burp Unauth Checkerburpsuite extension for check unauthorized vulnerability
Stars: ✭ 99 (-29.29%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+195%)
Attack Surface Detector BurpThe Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
Stars: ✭ 63 (-55%)
OpencveCVE Alerting Platform
Stars: ✭ 384 (+174.29%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+172.86%)
XvwaXVWA is intentionally designed with many security flaws and enough technical ground to upskill application security knowledge. This whole idea is to evangelize web application security issues. Do let us know your suggestions for improvement or any more vulnerability you would like to see in XVWA future releases.
Stars: ✭ 1,540 (+1000%)
AmonetA bootrom exploit for MediaTek devices
Stars: ✭ 96 (-31.43%)
Sap exploitHere you can get full exploit for SAP NetWeaver AS JAVA
Stars: ✭ 60 (-57.14%)
GrypeA vulnerability scanner for container images and filesystems
Stars: ✭ 362 (+158.57%)
FuxiPenetration Testing Platform
Stars: ✭ 1,103 (+687.86%)
Javadeserh2hcSample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
Stars: ✭ 361 (+157.86%)
Django cve 2019 19844 pocPoC for CVE-2019-19844(https://www.djangoproject.com/weblog/2019/dec/18/security-releases/)
Stars: ✭ 94 (-32.86%)
Bitp0wnAlgorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.
Stars: ✭ 59 (-57.86%)
WebmapWebMap-Nmap Web Dashboard and Reporting
Stars: ✭ 357 (+155%)
VulnwhispererCreate actionable data from your Vulnerability Scans
Stars: ✭ 1,102 (+687.14%)