cloudrasp-log4j2一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.
Stars: ✭ 105 (-79.69%)
GodnslogAn exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Stars: ✭ 172 (-66.73%)
SecExampleJAVA 漏洞靶场 (Vulnerability Environment For Java)
Stars: ✭ 228 (-55.9%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-94%)
PwnX.py🏴☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit
Stars: ✭ 30 (-94.2%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+71.57%)
rest-apiREST API backend for Reconmap
Stars: ✭ 48 (-90.72%)
gradejsGradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Stars: ✭ 362 (-29.98%)
exprologProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)
Stars: ✭ 131 (-74.66%)
exploitsSome of my public exploits
Stars: ✭ 50 (-90.33%)
trivy-vulnerability-explorerWeb application that allows to load a Trivy report in json format and displays the vulnerabilities of a single target in an interactive data table.
Stars: ✭ 63 (-87.81%)
CVE-2019-7609RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer
Stars: ✭ 47 (-90.91%)
penelopePenelope Shell Handler
Stars: ✭ 291 (-43.71%)
VulnogramVulnogram is a tool for creating and editing CVE information in CVE JSON format
Stars: ✭ 103 (-80.08%)
aemscanAdobe Experience Manager Vulnerability Scanner
Stars: ✭ 161 (-68.86%)
typeplateREST API boilerplate with Typescript, Express.js, Typeorm and Mocha.
Stars: ✭ 268 (-48.16%)
turing-machineA Python program implementing and exploiting the Minsky Turing machine considered in the paper "Intrinsic Propensity for Vulnerability in Computers? Arbitrary Code Execution in the Universal Turing Machine" as per CVE-2021-32471 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32471)
Stars: ✭ 70 (-86.46%)
TraditionalMitigationTraditional Mitigation in GCC to defend Memory Corruption Vulnerability
Stars: ✭ 16 (-96.91%)
dheaterD(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Stars: ✭ 142 (-72.53%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (-89.94%)
safelog4jSafelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
Stars: ✭ 38 (-92.65%)
FIDLA sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 421 (-18.57%)
NetelfRun executables from memory, over the network, on Windows, Linux, OpenVMS... routers... spaceships... toasters etc.
Stars: ✭ 220 (-57.45%)
nmap-log4shellNmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
Stars: ✭ 54 (-89.56%)
weblogic honeypotWebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.
Stars: ✭ 30 (-94.2%)
XrcrossXRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
Stars: ✭ 175 (-66.15%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-88.2%)
log4jpwnlog4j rce test environment and poc
Stars: ✭ 306 (-40.81%)
dnstakeDNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
Stars: ✭ 723 (+39.85%)
rceDistributed, workflow-driven integration environment
Stars: ✭ 42 (-91.88%)
rsGenrsGen is a Reverse Shell Payload Generator for hacking.
Stars: ✭ 71 (-86.27%)
PTEyePhantom eye——A passive business logic vulnerability auditing tool
Stars: ✭ 55 (-89.36%)
Django-WebAppThis is a web-app created using Python, Django. By using this user can login, upload files and also can view and download files uploaded by other users.
Stars: ✭ 285 (-44.87%)
Tenable.io-SDK-for-PythonTenable.io SDK offers a scalable and safe way to integrate with the Tenable.io platform.
Stars: ✭ 83 (-83.95%)
vrt-rubyRuby library for interacting with Bugcrowd's VRT
Stars: ✭ 15 (-97.1%)
tiny-qiniu-requesttiny-qiniu for rc-upload or antd upload component `customRequest` property
Stars: ✭ 13 (-97.49%)
CVE-2020-36179CVE-2020-36179~82 Jackson-databind SSRF&RCE
Stars: ✭ 77 (-85.11%)
python-log4rceAn All-In-One Pure Python PoC for CVE-2021-44228
Stars: ✭ 179 (-65.38%)
astam-correlatorVulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple static/dynamic scans
Stars: ✭ 22 (-95.74%)
vulnscanA static binary vulnerability scanner
Stars: ✭ 47 (-90.91%)
gvm-toolsRemote control your Greenbone Community Edition or Greenbone Enterprise Appliance
Stars: ✭ 143 (-72.34%)
apachrotApache (Linux) CVE-2021-41773/2021-42013 Mass Vulnerability Checker
Stars: ✭ 21 (-95.94%)
Cve 2020 16898CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule
Stars: ✭ 207 (-59.96%)
CVE-2019-8449CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (-87.23%)
PrintNightmare-CVE-2021-34527PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits
Stars: ✭ 73 (-85.88%)
DdoorDDoor - cross platform backdoor using dns txt records
Stars: ✭ 168 (-67.5%)
exynos-usbdlUnsigned code loader for Exynos BootROM
Stars: ✭ 57 (-88.97%)
overflowA command-line tool for exploiting stack-based buffer overflow vulnerabilities.
Stars: ✭ 66 (-87.23%)
Apk Utilities🛠 Tools and scripts to manipulate Android APKs
Stars: ✭ 134 (-74.08%)
eosfilestore-web📜🔗 EOSfilestore, Immutable, time-proof, file storage on EOS blockchain
Stars: ✭ 20 (-96.13%)
AthenaTest your Security Skills, and Clean Code Development as a Pythonist, Hacker & Warrior 🥷🏻
Stars: ✭ 43 (-91.68%)