scancode.ioScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
Stars: ✭ 66 (+83.33%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+419.44%)
dep-scanFully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (+861.11%)
dependency-check-pluginJenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Stars: ✭ 107 (+197.22%)
vulnerablecodeA free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
Stars: ✭ 269 (+647.22%)
Nist Data MirrorA simple Java command-line utility to mirror the CVE JSON data from NIST.
Stars: ✭ 135 (+275%)
threatmodel-sdkA Java library for parsing and programmatically using threat models
Stars: ✭ 68 (+88.89%)
zap-sonar-pluginIntegrates OWASP Zed Attack Proxy reports into SonarQube
Stars: ✭ 66 (+83.33%)
vulnerability-dbVulnerability database and package search for sources such as OSV, NVD, GitHub and npm.
Stars: ✭ 36 (+0%)
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+2880.56%)
Pigatpigat ( Passive Intelligence Gathering Aggregation Tool ) 被动信息收集聚合工具
Stars: ✭ 140 (+288.89%)
Cve 2020 16898CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule
Stars: ✭ 207 (+475%)
Kernelhub🌴Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file
Stars: ✭ 972 (+2600%)
LabsVulnerability Labs for security analysis
Stars: ✭ 1,002 (+2683.33%)
Snyk Js Jquery 174006patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428
Stars: ✭ 21 (-41.67%)
Cve Searchcve-search - a tool to perform local searches for known vulnerabilities
Stars: ✭ 1,765 (+4802.78%)
PoccollectPoc Collected for study and develop
Stars: ✭ 15 (-58.33%)
Medusa🐈Medusa是一个红队武器库平台,目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能,持续开发中 http://medusa.ascotbe.com
Stars: ✭ 796 (+2111.11%)
Cve Check ToolOriginal Automated CVE Checking Tool
Stars: ✭ 172 (+377.78%)
Vulnerability Data ArchiveWith the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools
Stars: ✭ 63 (+75%)
LinuxflawThis repo records all the vulnerabilities of linux software I have reproduced in my local workspace
Stars: ✭ 140 (+288.89%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+2897.22%)
IvaIVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.
Stars: ✭ 49 (+36.11%)
WpreconWPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.
Stars: ✭ 135 (+275%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (+44.44%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+1047.22%)
Cve ApiUnofficial api for cve.mitre.org
Stars: ✭ 36 (+0%)
Awesome CsirtAwesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Stars: ✭ 132 (+266.67%)
Cve 2017 0065Exploiting Edge's read:// urlhandler
Stars: ✭ 15 (-58.33%)
VfeedThe Correlated CVE Vulnerability And Threat Intelligence Database API
Stars: ✭ 826 (+2194.44%)
SarenkaOSINT tool - gets data from services like shodan, censys etc. in one app
Stars: ✭ 120 (+233.33%)
cwe-toolA command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Stars: ✭ 40 (+11.11%)
OpencveCVE Alerting Platform
Stars: ✭ 384 (+966.67%)
Uxss Db🔪Browser logic vulnerabilities ☠️
Stars: ✭ 565 (+1469.44%)
Gitlab rceRCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
Stars: ✭ 104 (+188.89%)
Cve 2018 8120CVE-2018-8120 Windows LPE exploit
Stars: ✭ 447 (+1141.67%)
Js Vuln DbA collection of JavaScript engine CVEs with PoCs
Stars: ✭ 2,087 (+5697.22%)
Hardware And Firmware Security GuidanceGuidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
Stars: ✭ 408 (+1033.33%)
Cvebase.comcvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs
Stars: ✭ 88 (+144.44%)
VulnixVulnerability (CVE) scanner for Nix/NixOS.
Stars: ✭ 161 (+347.22%)
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (+147.22%)
WebmapWebMap-Nmap Web Dashboard and Reporting
Stars: ✭ 357 (+891.67%)
Vulapps快速搭建各种漏洞环境(Various vulnerability environment)
Stars: ✭ 3,353 (+9213.89%)
PattonThe clever vulnerability dependency finder
Stars: ✭ 87 (+141.67%)
BootstompBootStomp: a bootloader vulnerability finder
Stars: ✭ 303 (+741.67%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+8783.33%)
ExploitsContaining Self Made Perl Reproducers / PoC Codes
Stars: ✭ 160 (+344.44%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+10616.67%)