FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+6562.5%)
Hardware And Firmware Security GuidanceGuidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
Stars: ✭ 408 (+750%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+695.83%)
Recon-XAdvanced Reconnaissance tool to enumerate attacking surface of the target.
Stars: ✭ 27 (-43.75%)
Js Vuln DbA collection of JavaScript engine CVEs with PoCs
Stars: ✭ 2,087 (+4247.92%)
NatlasScaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.
Stars: ✭ 333 (+593.75%)
nmap-log4shellNmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
Stars: ✭ 54 (+12.5%)
WpreconWPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.
Stars: ✭ 135 (+181.25%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (+247.92%)
Cve 2017 0065Exploiting Edge's read:// urlhandler
Stars: ✭ 15 (-68.75%)
Cve 2018 20555Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555
Stars: ✭ 78 (+62.5%)
VulnogramVulnogram is a tool for creating and editing CVE information in CVE JSON format
Stars: ✭ 103 (+114.58%)
VulnixVulnerability (CVE) scanner for Nix/NixOS.
Stars: ✭ 161 (+235.42%)
massh-enumOpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).
Stars: ✭ 136 (+183.33%)
advisoriesA collection of my public security advisories.
Stars: ✭ 16 (-66.67%)
log4jscanwinLog4j Vulnerability Scanner for Windows
Stars: ✭ 142 (+195.83%)
Detect-CVE-2017-15361-TPMDetects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber
Stars: ✭ 34 (-29.17%)
Vulnerability Data ArchiveWith the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
Stars: ✭ 63 (+31.25%)
Ossf Cve BenchmarkThe OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.
Stars: ✭ 71 (+47.92%)
Cve Check ToolOriginal Automated CVE Checking Tool
Stars: ✭ 172 (+258.33%)
LinuxflawThis repo records all the vulnerabilities of linux software I have reproduced in my local workspace
Stars: ✭ 140 (+191.67%)
WebmapWebMap-Nmap Web Dashboard and Reporting
Stars: ✭ 357 (+643.75%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (+635.42%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+760.42%)
LabsVulnerability Labs for security analysis
Stars: ✭ 1,002 (+1987.5%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (+239.58%)
PoccollectPoc Collected for study and develop
Stars: ✭ 15 (-68.75%)
Uxss Db🔪Browser logic vulnerabilities ☠️
Stars: ✭ 565 (+1077.08%)
VfeedThe Correlated CVE Vulnerability And Threat Intelligence Database API
Stars: ✭ 826 (+1620.83%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (+8.33%)
vulnerablecodeA free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
Stars: ✭ 269 (+460.42%)
CVE-2019-8449CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (+37.5%)
vulristicsExtensible framework for analyzing publicly available information about vulnerabilities
Stars: ✭ 46 (-4.17%)
SarenkaOSINT tool - gets data from services like shodan, censys etc. in one app
Stars: ✭ 120 (+150%)
NSE-scriptsNSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (+118.75%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+4702.08%)
DiscoverCustom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Stars: ✭ 2,548 (+5208.33%)
dnstakeDNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
Stars: ✭ 723 (+1406.25%)
subdomainsEnumeratorA docker image which will enumerate, sort, unique and resolve the results of various subdomains enumeration tools.
Stars: ✭ 63 (+31.25%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+195.83%)
gradejsGradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Stars: ✭ 362 (+654.17%)
mqttinfoAttempts to determine the configuration, behavior, and type of a remote MQTT broker
Stars: ✭ 17 (-64.58%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-39.58%)
prickly-peteA script using Docker to quickly bring up some honeypots exposing lots of services. For research, reconnaissance, and fun. (DISCLAIMER may not be fun, not to be taken internally, aim away from face)
Stars: ✭ 29 (-39.58%)
rsGenrsGen is a Reverse Shell Payload Generator for hacking.
Stars: ✭ 71 (+47.92%)
PyIrisPyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.
Stars: ✭ 296 (+516.67%)
vulnscanA static binary vulnerability scanner
Stars: ✭ 47 (-2.08%)
safelog4jSafelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
Stars: ✭ 38 (-20.83%)
overflowA command-line tool for exploiting stack-based buffer overflow vulnerabilities.
Stars: ✭ 66 (+37.5%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (+3175%)
default-http-login-hunterLogin hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: ✭ 285 (+493.75%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-47.92%)
apachrotApache (Linux) CVE-2021-41773/2021-42013 Mass Vulnerability Checker
Stars: ✭ 21 (-56.25%)