1136 Open source projects that are alternatives of or similar to Vehicle-Security-Toolkit

漏洞研究

Exploiting Edge's read:// urlhandler

Vulnerability Dashboard

REST API backend for Reconmap

Vulnogram is a tool for creating and editing CVE information in CVE JSON format

A collection of my public security advisories.

Apache Solr Injection Research

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Vulnerability Recurrence:漏洞复现记录

Original Automated CVE Checking Tool

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Securify v2.0

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Log4j Vulnerability Scanner for Windows

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

The Correlated CVE Vulnerability And Threat Intelligence Database API

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）

Penetration tests guide based on OWASP including test cases, resources and examples.

A collection of JavaScript engine CVEs with PoCs

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

A vulnerability scanner for container images and filesystems

Andromeda - Interactive Reverse Engineering Tool for Android Applications

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Multi source CVE/exploit parser.

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

Quickly analyze and reverse engineer Android packages

一些漏洞分析

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Extensible framework for analyzing publicly available information about vulnerabilities

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

Misc. Public Reports of Penetration Testing and Security Audits.

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

Common Web Managers Fuzz Wordlists

ES File Explorer Open Port Vulnerability - CVE-2019-6447

🔪Browser logic vulnerabilities ☠️

Poc Collected for study and develop

A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

Automatic SSRF fuzzer and exploitation tool

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

Vulnerability (CVE) scanner for Nix/NixOS.

This repo records all the vulnerabilities of linux software I have reproduced in my local workspace

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Joint Advanced Defect assEsment for android applications

Vulnerability Labs for security analysis

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

Scanning APK file for URIs, endpoints & secrets.

Extraction of iMessage Data via XSS

Static analysis of IEC 61131-3 programs

Web application that allows to load a Trivy report in json format and displays the vulnerabilities of a single target in an interactive data table.

GitHub Action to run `npm audit`

Ruby library for interacting with Bugcrowd's VRT

Read-only mirror of the Klever Git repository