501 Open source projects that are alternatives of or similar to massh-enum

REST API backend for Reconmap

一些漏洞分析

漏洞研究

Log4j Vulnerability Scanner for Windows

This repo records all the vulnerabilities of linux software I have reproduced in my local workspace

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

Original Automated CVE Checking Tool

Material-ui integration with std:accounts-ui

Poc Collected for study and develop

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

Vulnerability Labs for security analysis

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

The Correlated CVE Vulnerability And Threat Intelligence Database API

The Fast, Secure and Scalable Admin Panel / Dashboard for Meteor.js

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

Extensible framework for analyzing publicly available information about vulnerabilities

A collection of JavaScript engine CVEs with PoCs

🔪Browser logic vulnerabilities ☠️

ES File Explorer Open Port Vulnerability - CVE-2019-6447

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

Exploiting Edge's read:// urlhandler

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A collection of my public security advisories.

Vulnogram is a tool for creating and editing CVE information in CVE JSON format

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

Vulnerability (CVE) scanner for Nix/NixOS.

Extraction of iMessage Data via XSS

汽车/安卓/固件/代码安全测试工具集

Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)

OpenSSH public key parser for Python

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

OpenSSH remote DOS exploit and vulnerable container

Vulnerability database and package search for sources such as OSV, NVD, GitHub and npm.

一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.

Some of my public exploits

Personal finance manager, command-line interface, in C++

Tenable.io SDK offers a scalable and safe way to integrate with the Tenable.io platform.

Code source du premier générateur d'Europe de 2016 à 2021. Fermé en 2021 par Lukas et TRH pour raisons personelles.

A simple module for signing Ethereum transactions.

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

Mass querying whois records

Automated Enumeration Script for Pentesting

Get a list, or check if a user or organization name is reserved by GitHub

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/

Phantom eye——A passive business logic vulnerability auditing tool

SFTP Server for Docker

The open source components from rake.red

A Handy-Dandy Personal Toolkit for Enumeration and a headstart on attacking a machine!

Making my local storage of useful AD Scripts available to everyone.

A Python program implementing and exploiting the Minsky Turing machine considered in the paper "Intrinsic Propensity for Vulnerability in Computers? Arbitrary Code Execution in the Universal Turing Machine" as per CVE-2021-32471 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32471)

Traditional Mitigation in GCC to defend Memory Corruption Vulnerability

Simple Membership plugin for Kirby CMS

A lightweight OpenSSH Docker Image built atop Alpine Linux.

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.