312 Open source projects that are alternatives of or similar to rubysec.github.io

Proof of concept of VMSA-2017-0012

Vulnogram is a tool for creating and editing CVE information in CVE JSON format

Firebase Cloud Messaging API wrapper for Ruby, suppot HTTP v1 API including access_token auto refresh feature.

汽车/安卓/固件/代码安全测试工具集

Yet Another Vulnerability Database

A Ruby implementation of Threshold Secret Sharing (Shamir) as defined in IETF Internet-Draft draft-mcgrew-tss-03.txt

Gem to communicate with the MercadoPago API

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

GitHub Action to run `npm audit`

A New, Interactive Approach to Learning Ruby

Big official brass stamp to make signing gems dead simple.

A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research

A universal S-expression parser for Ruby.

DoS PoC's for SAP products

Ruby wrapper for the Harvest API v2

Web application that allows to load a Trivy report in json format and displays the vulnerabilities of a single target in an interactive data table.

Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)

Jekyll version of the newest Agency Bootstrap theme, plus new features: Google Analytics, Markdown support, custom pages, and more!

CVE-2021-43798:Grafana 任意文件读取漏洞

[Retired] PHP.rb translates Ruby code into PHP code.

Phantom eye——A passive business logic vulnerability auditing tool

Adobe Experience Manager Vulnerability Scanner

Tenable.io SDK offers a scalable and safe way to integrate with the Tenable.io platform.

Extraction of iMessage Data via XSS

Ruby gem that parse HTML containing microformats/microformats2 and returns Ruby objects, a Ruby hash or a JSON hash

Apache (Linux) CVE-2021-41773/2021-42013 Mass Vulnerability Checker

💎 Rails gem with the power of Vue.js components

CVE-2020-11651: Proof of Concept

A command-line tool for exploiting stack-based buffer overflow vulnerabilities.

Test your Security Skills, and Clean Code Development as a Pythonist, Hacker & Warrior 🥷🏻

A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs

Unsigned code loader for Exynos BootROM

WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.

一些漏洞分析

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

The report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303.

DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover

A rubygem of Material Design for Bootstrap 4

GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.

Some of my public exploits

rsGen is a Reverse Shell Payload Generator for hacking.

PHP - Automatically add an "index.php" in all directories recursively

Making monkey patches sane again

REST API backend for Reconmap

[Retired] Distributed, content-addressable storage system.

一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.

Ruby library for interacting with Bugcrowd's VRT

Traditional Mitigation in GCC to defend Memory Corruption Vulnerability

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧

Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple static/dynamic scans

A static binary vulnerability scanner

Remote control your Greenbone Community Edition or Greenbone Enterprise Appliance

A Python program implementing and exploiting the Minsky Turing machine considered in the paper "Intrinsic Propensity for Vulnerability in Computers? Arbitrary Code Execution in the Universal Turing Machine" as per CVE-2021-32471 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32471)

Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading

Performance profiling for Rails, made simple 🦔

OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).

Ruby bindings for VULTR API v2.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Design Framework