230 Open source projects that are alternatives of or similar to Vulapps

CVE Alerting Platform

Hourly updated database of exploit and exploitation reports

cve-search - a tool to perform local searches for known vulnerabilities

PatrowlHears - Vulnerability Intelligence Center / Exploits

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

A simple framework for sending test payloads for known web CVEs.

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...

This tool scans for a number of common, vulnerable components (openssl, libpng, libxml2, expat and a few others) to let you know if your system includes common libraries with known vulnerabilities.

Vulnerability (CVE) scanner for Nix/NixOS.

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

Multi source CVE/exploit parser.

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

Выпускная квалификационная работа (ВКР) магистра в LaTeX, оформленная в соответствии с нормоконтролем Севастопольского государственного университета в 2017 г.

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

Public Disclosures

An iOS Security assessment app for jailbroken iOS Devices.

Hunt for security weaknesses in Kubernetes clusters

Repository of my CTF writeups

NVD/CVE as JSON files

A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan

List of every possible vulnerabilities in computer security.

RuCTFE 2019. Developed with ♥ by HackerDom team

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

QCTF School 2018. Developed with ♥ by Hackerdom team

Advisories and Proofs of Concept by BlackArrow

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Log4j Vulnerability Scanner for Windows

Kubernetes Native, Runtime Container Image Scanning

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

Check linux sources dump for known CVEs.

A tool that automates the process of enumeration

A PHP version scanner for reporting possible vulnerabilities

PHDays Online CTF 2017. Developed with ♥ by Hackerdom team

It's a Docker Environment for pentesting which having all the required tool for VAPT.

CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

Snyk CLI scans and monitors your projects for security vulnerabilities.

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.

log4j2 remote code execution or IP leakage exploit (with examples)

Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).

🎩 [penetration testing Book], Kali Magic, Cryptography, Hash Crack, Botnet, Rootkit, Malware, Spyware, Python, Go, C|EH.

漏洞研究

dr.rer.oec.gadget IDAPython plugin for the Interactive Disassembler <ABANDONED PROJECT>

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

Red Hat Dependency Analytics extension

Extensible framework for analyzing publicly available information about vulnerabilities

AutoVAS is an automated vulnerability analysis system with a deep learning approach.

Modified Nuclei Templates Version to FUZZ Host Header

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images

异步漏洞利用框架

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE