VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+1140.23%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+374.71%)
MetaforgeAn OSINT Metadata analyzing tool that filters through tags and creates reports
Stars: ✭ 63 (-27.59%)
UrsadbTrigram database written in C++, suited for malware indexing
Stars: ✭ 72 (-17.24%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+1133.33%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+10402.3%)
NotrulerThe opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.
Stars: ✭ 72 (-17.24%)
Yard DoctestDoctests from YARD examples
Stars: ✭ 78 (-10.34%)
ShellshockhunterIt's a simple tool for test vulnerability shellshock
Stars: ✭ 52 (-40.23%)
SenvFriends don't let friends leak secrets on their terminal window 🙈
Stars: ✭ 71 (-18.39%)
Gwen WebA web automation engine for Gwen.
Stars: ✭ 47 (-45.98%)
PgenCommand-line passphrase generator
Stars: ✭ 68 (-21.84%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-16.09%)
Vulnerability Data ArchiveWith the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
Stars: ✭ 63 (-27.59%)
ContentSecurity automation content in SCAP, OSCAL, Bash, Ansible, and other formats
Stars: ✭ 1,219 (+1301.15%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-28.74%)
Gscan本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
Stars: ✭ 1,177 (+1252.87%)
Audit scriptsScripts to gather system configuration information for offline/remote auditing
Stars: ✭ 55 (-36.78%)
Doctor CommandDiagnose problems within WordPress by running a series of checks for symptoms
Stars: ✭ 82 (-5.75%)
W13scanPassive Security Scanner (被动式安全扫描器)
Stars: ✭ 1,066 (+1125.29%)
IvaIVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.
Stars: ✭ 49 (-43.68%)
Radio HackboxPoC tool to demonstrate vulnerabilities in wireless input devices
Stars: ✭ 74 (-14.94%)
PystatAdvanced Netstat Using Python For Windows
Stars: ✭ 44 (-49.43%)
Vulnxvulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+1059.77%)
AppmonDocumentation:
Stars: ✭ 1,157 (+1229.89%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+10065.52%)
Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (+1312.64%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+1205.75%)
PoetLets you split your ssh_config into separate files
Stars: ✭ 72 (-17.24%)
Fhe Toolkit LinuxIBM Fully Homomorphic Encryption Toolkit For Linux. This toolkit is a Linux based Docker container that demonstrates computing on encrypted data without decrypting it! The toolkit ships with two demos including a fully encrypted Machine Learning inference with a Neural Network and a Privacy-Preserving key-value search.
Stars: ✭ 1,123 (+1190.8%)
Vxscanpython3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (+1329.89%)
Network Threats TaxonomyMachine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies
Stars: ✭ 79 (-9.2%)
Viewfinderjs📷 ViewFinder - NodeJS product to make the browser into a web app. WTF RBI. CBII. Remote browser isolation, embeddable browserview, secure chrome saas. Licenses, managed, self-hosted. Like S2, WebGap, Bromium, Authentic8, Menlo Security and Broadcom, but open source with free live demos available now! Also, integrated RBI/CDR with CDR from https://github.com/dosyago/p2%2e
Stars: ✭ 1,175 (+1250.57%)
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+1133.33%)
Linux Secureboot KitTool for complete hardening of Linux boot chain with UEFI Secure Boot
Stars: ✭ 54 (-37.93%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-17.24%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-39.08%)
Cve 2018 20555Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555
Stars: ✭ 78 (-10.34%)
Ossf Cve BenchmarkThe OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.
Stars: ✭ 71 (-18.39%)
Kernelhub🌴Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file
Stars: ✭ 972 (+1017.24%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+1237.93%)
Intrigue IdentApplication and Service Fingerprinting
Stars: ✭ 70 (-19.54%)
Envkey AppSecure, human-friendly, cross-platform secrets and config.
Stars: ✭ 83 (-4.6%)
Pentesting CookbookA set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-5.75%)
Nrf24 PlaysetSoftware tools for Nordic Semiconductor nRF24-based devices like wireless keyboards, mice, and presenters
Stars: ✭ 73 (-16.09%)