721 Open source projects that are alternatives of or similar to Vbscan

Proof of concept of VMSA-2017-0012

rsGen is a Reverse Shell Payload Generator for hacking.

DoS PoC's for SAP products

Some of my public exploits

SQL Vulnerability Scanner

Misc. Public Reports of Penetration Testing and Security Audits.

A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs

Unsigned code loader for Exynos BootROM

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Shodanwave is a tool for exploring and obtaining information from Netwave IP Camera.

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images

Guest to host VM escape exploit for Parallels Desktop

A command-line tool for exploiting stack-based buffer overflow vulnerabilities.

A static binary vulnerability scanner

python3批量poc检测工具

Extensible framework for analyzing publicly available information about vulnerabilities

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

Test your Security Skills, and Clean Code Development as a Pythonist, Hacker & Warrior 🥷🏻

Kubernetes security and vulnerability tools and utilities.

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

log4j2 remote code execution or IP leakage exploit (with examples)

Application Security Awareness Training

Yet Another PHP Shell - The most complete PHP reverse shell

Docker repository for OWTF (64-bit Kali)

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

A few SQL and XSS attack tools

My documentation and tools for learn ethical hacking.

CVE-2021-3449 OpenSSL denial-of-service exploit 👨🏻‍💻

Advanced Vulnerability Scanner Tool

Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

Owasp Zap chart for Kubernetes

A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools

This repository contains payload to test NoSQL Injections

an RCE (remote command execution) approach of CVE-2018-7750

Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.

Ladon Moudle MS17010 Exploit for PowerShell

HatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

👨‍💻 A work-in-progress web services mass scanner written in Rust

XSS Cheatsheet - A collection of XSS attack vectors https://xss.devwerks.net/

JAVA 漏洞靶场 (Vulnerability Environment For Java)

Very simple script(s) to hasten binary exploit creation

Next generation web scanner

secureCodeBox (SCB) - continuous secure delivery out of the box

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

🕵️‍♀️ Mondoo Cloud-Native Security & Vulnerability Risk Management

Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

Understanding Linux Kernel Vulnerability

Creates CycloneDX Software Bill of Materials (SBOM) from Go modules

POC about usage of JSON Web Tokens (JWT) in a secure way.

Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation

Multi-language web CGI interfaces exploits.

An implementation of the waithax / slowhax 3DS Kernel11 exploit.

Experiments on C/C++ Exploits

XSS in pastebin.com and reddit.com via unsanitized markdown output

Eternalblue written in CSharp. Contains version detection, vulnerability scanner and exploit of MS17-010

A simple PHP application to learn SQL Injection detection and exploitation techniques.