552 Open source projects that are alternatives of or similar to PatrowlHearsData

cve-search - a tool to perform local searches for known vulnerabilities

Hourly updated database of exploit and exploitation reports

A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

Vulnogram is a tool for creating and editing CVE information in CVE JSON format

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

Check linux sources dump for known CVEs.

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

Vulnerability (CVE) scanner for Nix/NixOS.

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

A collection of electronic hacker magazines carefully curated over the years from multiple sources

A simple framework for sending test payloads for known web CVEs.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam

PatrowlHears - Vulnerability Intelligence Center / Exploits

Multi source CVE/exploit parser.

Advanced Web Browser Fingerprinting

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

log4j2 remote code execution or IP leakage exploit (with examples)

CVE-2018-8120 Windows LPE exploit

Extraction of iMessage Data via XSS

Exploiting Edge's read:// urlhandler

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

The knife of the Admin & Security auditor

Vulnerability Labs for security analysis

NVD/CVE as JSON files

Extensible framework for analyzing publicly available information about vulnerabilities

CVE Alerting Platform

快速搭建各种漏洞环境(Various vulnerability environment)

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

A social experiment

This tool scans for a number of common, vulnerable components (openssl, libpng, libxml2, expat and a few others) to let you know if your system includes common libraries with known vulnerabilities.

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability

CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

Nailgun attack on ARM devices.

Writeup of CVE-2020-15906

RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1

Advanced vulnerability scanning with Nmap NSE

PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM

Metasploit framework with steroids

rsGen is a Reverse Shell Payload Generator for hacking.

A remote administration tool for Windows, written in C#

Red-team tool to hook libc read syscall with a buffer overflow vulnerability.

Brahma - Privilege elevation exploit for Nintendo 3DS

CyberQueens lesson materials - learning resources and exercises for aspiring reverse engineers, exploit developers, and hackers 👩‍💻👨‍💻

Hack The Printer

Pretty vulnerable flask app..

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

Some of my public exploits

Framework for exploiting local vulnerabilities