350 Open source projects that are alternatives of or similar to myBugAnalyze

Vulnogram is a tool for creating and editing CVE information in CVE JSON format

REST API backend for Reconmap

OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

This repo records all the vulnerabilities of linux software I have reproduced in my local workspace

漏洞研究

Vulnerability (CVE) scanner for Nix/NixOS.

🔪Browser logic vulnerabilities ☠️

Vulnerability Labs for security analysis

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

Extraction of iMessage Data via XSS

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

JSON RSA to HMAC and None Algorithm Vulnerability POC

汽车/安卓/固件/代码安全测试工具集

Poc Collected for study and develop

The Correlated CVE Vulnerability And Threat Intelligence Database API

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

Log4j Vulnerability Scanner for Windows

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Exploiting Edge's read:// urlhandler

ES File Explorer Open Port Vulnerability - CVE-2019-6447

A collection of JavaScript engine CVEs with PoCs

Original Automated CVE Checking Tool

A collection of my public security advisories.

A sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)

Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

Extensible framework for analyzing publicly available information about vulnerabilities

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

No description or website provided.

Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.

Narrowed down reproduction of UIStackView hiding with animation bug

CVE-2020-11651: Proof of Concept

Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam

A command-line tool for exploiting stack-based buffer overflow vulnerabilities.

👮 Security advisories of Nextcloud

Multi source CVE/exploit parser.

Unsigned code loader for Exynos BootROM

A Collection of Notes, Methodologies, POCs and everything else related to Bug Hunting.

A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs

Vulnerability database and package search for sources such as OSV, NVD, GitHub and npm.

Android library for helping you to reach out to best possible answer for your bug/error available on stack overflow and will show it in your Android Studio Console only.

The report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303.

Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...

DoS PoC's for SAP products

Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)

WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.

Proof of concept of VMSA-2017-0012

一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Web application that allows to load a Trivy report in json format and displays the vulnerabilities of a single target in an interactive data table.

Some of my public exploits

DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover

Simple script that utilities discord's flaw in detecting who blocked who.

Test your Security Skills, and Clean Code Development as a Pythonist, Hacker & Warrior 🥷🏻

Tenable.io SDK offers a scalable and safe way to integrate with the Tenable.io platform.

GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.

rsGen is a Reverse Shell Payload Generator for hacking.