123 Open source projects that are alternatives of or similar to Versionscan

CVE-2021-27928 MariaDB/MySQL-'wsrep provider' 命令注入漏洞

威胁情报播报（停止运营）

Extensible framework for analyzing publicly available information about vulnerabilities

The knife of the Admin & Security auditor

This tool scans for a number of common, vulnerable components (openssl, libpng, libxml2, expat and a few others) to let you know if your system includes common libraries with known vulnerabilities.

漏洞研究

汽车/安卓/固件/代码安全测试工具集

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Hourly updated database of exploit and exploitation reports

OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

Original Automated CVE Checking Tool

CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities

Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam

This projects creates SHA values for locale binaries - Shazam for packages.

Sample scan files for testing DefectDojo imports

Check linux sources dump for known CVEs.

[CVPR 2021] Scan2Cap: Context-aware Dense Captioning in RGB-D Scans

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

Extraction of iMessage Data via XSS

Public Disclosures

CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule

一些漏洞分析

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

A collection of JavaScript engine CVEs with PoCs

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Simplified module reloader for Elixir

👮 Security advisories of Nextcloud

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

REST API backend for Reconmap

Log4j Vulnerability Scanner for Windows

radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability

A simple framework for sending test payloads for known web CVEs.

Multi source CVE/exploit parser.

No description or website provided.

Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...

Red Hat Dependency Analytics extension

Vulnogram is a tool for creating and editing CVE information in CVE JSON format

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!

Modified Nuclei Templates Version to FUZZ Host Header

A simple Java command-line utility to mirror the entire contents of VulnDB.

Advisories and Proofs of Concept by BlackArrow

A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

A collection of my public security advisories.

✍️ A curated list of CVE PoCs.

log4j2 remote code execution or IP leakage exploit (with examples)

鹿不在侧，鲸不予游🐋

Some personal exploits/pocs

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

Vulnerability database and package search for sources such as OSV, NVD, GitHub and npm.

Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

NVD/CVE as JSON files

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!