Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/cdk-team/CDK
📦 Make security testing of K8s, Docker, and Containerd easier.
blackhat cloud-native cloud-native-security container container-escape container-security docker exploits hacktools hitb k8s k8s-penetration-toolkit kernel-exploitation kubernetes kubernetes-security linux penetration penetration-testing-tools privilege-escalation vulnerabilities
Last synced: 02 Jul 2024
![](https://github.com/cdk-team.png)
https://github.com/interference-security/DVWS
OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.
mysql owasp php ratchet vulnerabilities websockets
Last synced: 29 Jun 2024
![](https://github.com/interference-security.png)
https://github.com/dependency-check/dependency-check-sonar-plugin
Integrates Dependency-Check reports into SonarQube
appsec component-analysis nvd owasp security software-security sonar-plugin sonarqube visibility vulnerabilities vulnerable-components
Last synced: 26 Jun 2024
![](https://github.com/dependency-check.png)
https://github.com/intel/cve-bin-tool
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
cve cvss devsecops hacktoberfest python sbom sbom-tool security security-automation security-tools swrepo system-tools vulnerabilities vulnerability
Last synced: 26 Jun 2024
![](https://github.com/intel.png)
https://github.com/bloodzer0/ossa
Open-Source Security Architecture | 开源安全架构
application-security business-security code-audit ids ips security security-audit security-scanner security-tools security-vulnerability vulnerabilities vulnerability-scanners
Last synced: 26 Jun 2024
![](https://github.com/bloodzer0.png)
https://github.com/Jorijn/laravel-security-checker
Added Laravel functionality to Enlightn Security Checker. Adds a command to check for, and optionally emails you, vulnerabilities when they affect you.
laravel laravel-package laravel-security-checker php sensiolabs-security-checker vulnerabilities
Last synced: 25 Jun 2024
![](https://github.com/Jorijn.png)
https://google.github.io/clusterfuzzlite/
ClusterFuzzLite - Simple continuous fuzzing that runs in CI.
ci continuous-integration fuzz-testing fuzzing security vulnerabilities
Last synced: 22 Jun 2024
![](https://github.com/google.png)
https://github.com/ningzhenyu/nailgun
Nailgun attack on ARM devices.
android arm attack debugging exploit fingerprint huawei-mate7 proof-of-concept raspberry-pi security tee trustzone vulnerabilities
Last synced: 18 Jun 2024
![](https://github.com/ningzhenyu.png)
https://github.com/deadbits/InsecureProgramming
mirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/
c exploitation learning-exercise security security-vulnerability vulnerabilities
Last synced: 17 Jun 2024
![](https://github.com/deadbits.png)
https://github.com/ForceFledgling/CVE-2023-22518
Improper Authorization Vulnerability in Confluence Data Center and Server + bonus 🔥
atlassian atlassian-confluence attack backdoor confluence critical cve exploit exploiting hacking hacking-tool improper python shell vulnerabilities vulnerability
Last synced: 17 Jun 2024
![](https://github.com/ForceFledgling.png)
https://github.com/rtfpessoa/yavdb
Yet Another Vulnerability Database
cocoapods composer database dependencies go hacktoberfest java javascript maven node npm nuget packagist php pip pypi ruby rubygems security vulnerabilities
Last synced: 15 Jun 2024
![](https://github.com/rtfpessoa.png)
https://github.com/ant4g0nist/Vulnerable-Kext
A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation
driver exploit-development exploitation ios kernel macos memory-corruption vulnerabilities xnu
Last synced: 15 Jun 2024
![](https://github.com/ant4g0nist.png)
https://github.com/jaeles-project/jaeles
The Swiss Army knife for automated Web Application Testing
bugbounty golang hacking infosec jaeles scanner security-tools vulnerabilities web-scanner
Last synced: 14 Jun 2024
![](https://github.com/jaeles-project.png)
https://github.com/jcsec-security/solidity-security-course-resources
Course material about common vulnerabilities, security and audits of Solidity smart contracts that I use during my lectures
audit beginner bug bugbounty contract ethereum evm security smart smart-contracts smartcontract solidity vulnerabilities
Last synced: 13 Jun 2024
![](https://github.com/jcsec-security.png)
https://github.com/Medicean/VulApps
快速搭建各种漏洞环境(Various vulnerability environment)
cve docker struts vulnerabilities vulnhub
Last synced: 11 Jun 2024
![](https://github.com/Medicean.png)
https://github.com/MystenLabs/ed25519-unsafe-libs
List of unsafe ed25519 signature libs
attacks blockchain cryptography ed25519 vulnerabilities
Last synced: 11 Jun 2024
![](https://github.com/MystenLabs.png)
https://github.com/google/clusterfuzz
Scalable fuzzing infrastructure.
fuzzing security stability vulnerabilities
Last synced: 11 Jun 2024
![](https://github.com/google.png)
https://github.com/zhzyker/vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
cve cve-2016-4437 cve-2020-13942 cve-2020-14882 cve-2020-17518 cve-2020-2555 cve-2020-2883 cve-2021-21972 cve-2021-21975 cve-2021-26855 cve-2021-27065 cve-2021-3129 exploit pentest-tool pentesting rce scanner security security-tools vulnerabilities
Last synced: 11 Jun 2024
![](https://github.com/zhzyker.png)
https://github.com/twu/skjold
Security audit Python project dependencies against security advisory databases.
cvssv2 cvssv3 dependency-graph gemnasium github-security-advisories pip pipenv poetry pyup safety safety-db security security-tools supply-chain vulnerabilities vulnerability-detection
Last synced: 07 Jun 2024
![](https://github.com/twu.png)
https://github.com/yqcs/heartsk_community
Hearts K-企业资产发现与脆弱性检查工具,自动化资产信息收集与漏洞扫描
heartsk poc vulnerabilities vulnerability-scanners
Last synced: 06 Jun 2024
![](https://github.com/yqcs.png)
https://github.com/RAJANAGORI/Nightingale
It's a Docker Environment for Pentesting which having all the required tool for VAPT.
bugbounty cybersecurity docker-image hacking hacking-tools htb nightingale osint owasp penetration-testing pentest-tool pentesting platform-independent vulnerabilities
Last synced: 06 Jun 2024
![](https://github.com/RAJANAGORI.png)
https://github.com/pedrib/PoC
Advisories, proof of concept files and exploits that have been made public by @pedrib.
advisories exploits hacking metasploit vulnerabilities
Last synced: 05 Jun 2024
![](https://github.com/pedrib.png)
https://github.com/bugcrowd/vulnerability-rating-taxonomy
Bugcrowd’s baseline priority ratings for common security vulnerabilities
bugcrowd rating taxonomy vrt vulnerabilities
Last synced: 05 Jun 2024
![](https://github.com/bugcrowd.png)
https://github.com/ycdxsb/PocOrExp_in_Github
聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
cve exploit poc vulnerabilities
Last synced: 05 Jun 2024
![](https://github.com/ycdxsb.png)
https://github.com/dirsoooo/Recon
Recon is a script to perform a full recon on a target with the main tools to search for vulnerabilities. Created based on @ofjaaah and @Jhaddix methodologies
dorks methodologies pentest recon vulnerabilities xss
Last synced: 05 Jun 2024
![](https://github.com/dirsoooo.png)
https://github.com/Retr0-code/SignHere
SignHere is implementation of CVE-2017-11882. SignHere is builder of malicious rtf document and VBScript payloads.
automation build-tool builder cve cve-2017-11882 equation malicious microsoft office python3 rtf vulnerabilities
Last synced: 05 Jun 2024
![](https://github.com/Retr0-code.png)
https://github.com/HackerDev-Felix/Phoenix-Framework
Phoenix Framework Project
cve exploit exploits infosec poc vulnerabilities vulnerability vulnerability-scanners
Last synced: 05 Jun 2024
![](https://github.com/HackerDev-Felix.png)
https://github.com/ochronasec/ochrona-cli
A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs
dependency-analysis developer-tools devsecops pip pipfile python requirements security security-tools supply-chain vulnerabilities vulnerability-scanners
Last synced: 05 Jun 2024
![](https://github.com/ochronasec.png)
https://github.com/mrlew1s/BrokenSMTP
Small python script to look for common vulnerabilities on SMTP server.
bugbounty pentest pentest-scripts pentest-tool pentesting python python3 security security-tools smtp spoofing userenumeration vulnerabilities vulnerability
Last synced: 05 Jun 2024
![](https://github.com/mrlew1s.png)
https://github.com/mrlew1s/SubdomainTakeover
Small python or powershell script to look for potential subdomain takeover vulnerabilities via vulnerable Alias.
bugbounty offensive offensive-security pentest-scripts pentest-tool powershell python3 security security-tools subdomain subdomain-takeover takeover takeover-subdomain vulnerabilities vulnerability vulnerability-detection vulnerability-scanners
Last synced: 05 Jun 2024
![](https://github.com/mrlew1s.png)
https://github.com/righel/ms-exchange-version-nse
Nmap script to detect a Microsoft Exchange instance version with OWA enabled.
cve cve-scanning microsoft-exchange nmap nmap-script nse proxyshell vulnerabilities
Last synced: 05 Jun 2024
![](https://github.com/righel.png)
https://github.com/anil-yelken/Nessus-Automation
Nessus Automation
nessus nessus-api nessus-api-python nessus-parser security security-tools vulnerabilities
Last synced: 05 Jun 2024
![](https://github.com/anil-yelken.png)
https://github.com/harsh-bothra/learn365
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
application-security bugbounty bugbountytips community infosec learning pentesting pentesting-tools vulnerabilities
Last synced: 05 Jun 2024
![](https://github.com/harsh-bothra.png)
https://github.com/mirego/elixir-security-advisories
🛡 Public database of Elixir security advisories pulled from GitHub Advisory Database
advisories elixir erlang security vulnerabilities
Last synced: 05 Jun 2024
![](https://github.com/mirego.png)
https://github.com/Patrowl/PatrowlManager
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
api automation incident-response ioc orchestration patrowl scans secops security-automation security-scanner security-tools thehive threat-hunting threat-intelligence vulnerabilities vulnerability-detection vulnerability-management vulnerability-scanners
Last synced: 04 Jun 2024
![](https://github.com/Patrowl.png)
https://github.com/kabachook/k8s-security
Kubernetes security notes and best practices
attacker best-practices checklist kubernetes kubernetes-cluster kubernetes-security security vulnerabilities
Last synced: 02 Jun 2024
![](https://github.com/kabachook.png)
https://github.com/cve-search/cve-search
cve-search - a tool to perform local searches for known vulnerabilities
common-vulnerabilities cpe cve cve-databases cve-entries cve-scanning cve-search vulnerabilities vulnerability-assessment vulnerability-detection
Last synced: 02 Jun 2024
![](https://github.com/cve-search.png)
https://github.com/skavngr/rapidscan
:new: The Multi-Tool Web Vulnerability Scanner.
enumeration kali-linux kali-scripts offensive-security oscp penetration-testing penetration-testing-framework reconnaissance scanner scanner-web security-scanner security-scanning security-tools vulnerabilities vulnerability-assessment vulnerability-detection vulnerability-management vulnerability-scanner vulnerability-scanners web-vulnerabilities-scanner
Last synced: 02 Jun 2024
![](https://github.com/skavngr.png)
https://github.com/BeetleChunks/SpoolSploit
A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.
container cve-2021-1675 cve-2021-34527 docker exploit print printspooler python rpc scanner spool vulnerabilities windows
Last synced: 02 Jun 2024
![](https://github.com/BeetleChunks.png)
https://github.com/alcideio/advisor
Alcide Kubernetes Advisor ... Cluster Hygiene & Security Scanner - Pipeline Integration
audit best-practices cluster compliance dashboard kubernetes kubernetes-vulnerabilities-scan podsecuritypolicies secrets security security-audit vulnerabilities vulnerability-scanner
Last synced: 02 Jun 2024
![](https://github.com/alcideio.png)
https://github.com/archerysec/archerysec
Automate Your Application Security Orchestration And Correlation (ASOC) Using ArcherySec.
devops devops-tools devsecops opensource pentesters pentesting scanning secdevops vulnerabilities vulnerability-assessment vulnerability-management
Last synced: 02 Jun 2024
![](https://github.com/archerysec.png)
https://github.com/six2dez/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
bug-bounty bugbounty dns fuzzing hacking nuclei osint penetration-testing pentest pentest-tool pentesting recon reconnaissance scanner security security-tools subdomain vulnerabilities
Last synced: 02 Jun 2024
![](https://github.com/six2dez.png)
https://github.com/mikeroyal/Open-Source-Security-Guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
compliance cyber-security detection-engineering forensics-tools incident-management incident-response information-security infosec intrusion-detection kali-linux mitre-attack network-analysis offensive-security pentesters privacy-protection scanning-tool siem surveillance vulnerabilities vulnerability-detection
Last synced: 01 Jun 2024
![](https://github.com/mikeroyal.png)
https://github.com/01rabbit/PAKURI
PAKURI has been merged with Python and launched as a new project, PAKURI-THON.
arsenal exploitation faraday kali metasploit openvas penetration-testing pentest-tool pentesting-tools scanning vulnerabilities
Last synced: 30 May 2024
![](https://github.com/01rabbit.png)
https://github.com/CERTCC/SSVC
Stakeholder-Specific Vulnerability Categorization
decision-support decision-trees prioritization vulnerabilities vulnerability vulnerability-management
Last synced: 30 May 2024
![](https://github.com/CERTCC.png)
https://github.com/RustSec/advisory-db
Security advisory database for Rust crates published through crates.io
rust security security-advisories security-audit vulnerabilities
Last synced: 30 May 2024
![](https://github.com/rustsec.png)
https://github.com/docker/scan-cli-plugin
Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images
docker docker-container docker-image dockerfile vulnerabilities vulnerability vulnerability-detection vulnerability-scanners
Last synced: 30 May 2024
![](https://github.com/docker.png)
https://github.com/ZupIT/horusec
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
analysis cd ci cli golang hacktoberfest java kotlin netcore python ruby sast sast-analysis scanner security security-development security-flaws static-analysis terraform vulnerabilities
Last synced: 30 May 2024
![](https://github.com/ZupIT.png)
https://github.com/XmirrorSecurity/OpenSCA-cli
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
cyclonedx devsecops license-compliance sbom sca security software-bill-of-materials software-composition-analysis software-supply-chain software-supply-chain-security spdx static-analysis swid vulnerabilities
Last synced: 30 May 2024
![](https://github.com/XmirrorSecurity.png)
https://github.com/DependencyTrack/dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
appsec bill-of-materials bom component-analysis cyclonedx devsecops nvd ossindex owasp package-url purl sbom sca security security-automation software-composition-analysis software-security vulndb vulnerabilities vulnerability-detection
Last synced: 30 May 2024
![](https://github.com/DependencyTrack.png)
https://github.com/opencve/opencve
CVE Alerting Platform
cve nvd python security security-tools vulnerabilities
Last synced: 29 May 2024
![](https://github.com/opencve.png)
https://github.com/eraser-dev/eraser
🧹 Cleaning up images from Kubernetes nodes
cncf containers hacktoberfest image-security images kubernetes kubernetes-operator security-tools trivy vulnerabilities vulnerability-scanner
Last synced: 28 May 2024
![](https://github.com/eraser-dev.png)
https://github.com/avishayil/python-snyk-test
A tool that wraps pysnyk library for easier usage from command line interfaces
oss pypi python snyk test vulnerabilities
Last synced: 27 May 2024
![](https://github.com/avishayil.png)
https://github.com/snyk-tech-services/snyk-licenses-texts
📑 Snyk API powered licenses attribution report tool. Generate licenses information per Snyk Organization with license name, text, dependencies data and copyright information
html-report json snyk snyk-tooling vulnerabilities
Last synced: 27 May 2024
![](https://github.com/snyk-tech-services.png)
https://github.com/asos/snyker
An opinionated, heavy-handed wrapper around Snyk.
cli security snyk snyk-cli vulnerabilities vulnerable-paths
Last synced: 27 May 2024
![](https://github.com/ASOS.png)
https://github.com/t0thkr1s/allsafe
Intentionally vulnerable Android application.
android bugbounty bypass certificate dynamic-analysis forthebadge frida frida-scripts hackerone-reports hardcoded-credentials mobile-security reverse reverse-engineering vulnerabilities vulnerable vulnerable-android-apps
Last synced: 27 May 2024
![](https://github.com/t0thkr1s.png)
https://github.com/ibrahimjelliti/CKSS-Certified-Kubernetes-Security-Specialist
This repository is a collection of resources to prepare for the Certified Kubernetes Security Specialist (CKSS) exam.
certification cks cks-exam ckss cloud-native cluster cluster-hardening cncf golang hardening kubernetes kubernetes-platforms logging monitoring securing-kubernetes security vulnerabilities
Last synced: 27 May 2024
![](https://github.com/ibrahimjelliti.png)
https://github.com/future-architect/vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
administrator cybersecurity freebsd go golang linux security security-audit security-automation security-hardening security-scanner security-tools security-vulnerability vulnerabilities vulnerability-assessment vulnerability-detection vulnerability-management vulnerability-scanner vulnerability-scanners vuls
Last synced: 27 May 2024
![](https://github.com/future-architect.png)
https://github.com/lirantal/npq
🎖safely* install packages with npm or yarn by auditing them as part of your install process
command-line-tool hacktoberfest npm package-manager security security-audit security-tools vulnerabilities
Last synced: 26 May 2024
![](https://github.com/lirantal.png)
https://github.com/Bearer/bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
appsec code-quality compliance dataflow devsecops devsecops-tools gdpr owasp privacy sast security security-audit security-automation security-scanner security-tools static-analysis static-code-analysis vulnerabilities vulnerability
Last synced: 26 May 2024
![](https://github.com/Bearer.png)
https://github.com/go-outside-labs/sec-pentesting-toolkit
👾 𝘁𝗼𝗼𝗹𝘀 𝗳𝗼𝗿 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗿𝗲𝘀𝗲𝗮𝗿𝗰𝗵𝗲𝗿𝘀: 𝗽𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴, 𝗖𝗧𝗙𝘀 & 𝘄𝗮𝗿𝗴𝗮𝗺𝗲𝘀
botnets cryptography ctf forensics gray-hacker-resources hacking infosec iocs linux malwares network penetration-testing pentesting post-exploitation reverse-engineering rubber-ducky steganography vulnerabilities wargame web-security
Last synced: 25 May 2024
![](https://github.com/go-outside-labs.png)
https://github.com/trickest/cve
Gather and update all available and newest CVEs with their PoC.
cve cve-poc exploit hacking infosec latest-cve penetration-testing pentesting poc red-team security security-tools software-security software-vulnerabilities software-vulnerability vulnerabilities vulnerability
Last synced: 25 May 2024
![](https://github.com/trickest.png)
https://github.com/sec-bit/awesome-buggy-erc20-tokens
A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected
awesome awesome-list dapp erc20 erc20-tokens ethereum security smart-contracts solidity tokens vulnerabilities
Last synced: 25 May 2024
![](https://github.com/sec-bit.png)
https://github.com/patois/drgadget
dr.rer.oec.gadget IDAPython plugin for the Interactive Disassembler <ABANDONED PROJECT>
exploitation ida-plugin ida-pro idapython idapython-plugin python rop rop-analysis rop-chain rop-gadgets vulnerabilities
Last synced: 24 May 2024
![](https://github.com/patois.png)
https://github.com/snyk/serverless-snyk
Serverless plugin for securing your dependencies with Snyk
security serverless snyk vulnerabilities
Last synced: 21 May 2024
![](https://github.com/snyk.png)
https://github.com/snyk/zip-slip-vulnerability
Zip Slip Vulnerability (Arbitrary file write through archive extraction)
Last synced: 21 May 2024
![](https://github.com/snyk.png)
![](https://github.com/BugScanTeam.png)
https://github.com/StarCrossPortal/scalpel
scalpel是一款命令行漏洞扫描工具,支持深度参数注入,拥有一个强大的数据解析和变异算法,可以将常见的数据格式(json, xml, form等)解析为树结构,然后根据poc中的规则,对树进行变异,包括对叶子节点和树结构 的变异。变异完成之后,将树结构还原为原始的数据格式。
cve exploits fuzzing poc scanner vulnerabilities vulnerability
Last synced: 19 May 2024
![](https://github.com/StarCrossPortal.png)
https://github.com/ForbiddenProgrammer/CVE-2021-21315-PoC
CVE 2021-21315 PoC
cve cybersecurity infosec injection nodejs offensive-security pentesting proof-of-concept redteaming research vulnerabilities vulnerability
Last synced: 19 May 2024
![](https://github.com/ForbiddenProgrammer.png)
https://github.com/pwnedshell/Bugs-feed
Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...
bugbounty cve hacking python scrapping vulnerabilities
Last synced: 19 May 2024
![](https://github.com/pwnedshell.png)
https://github.com/Aif4thah/VulnerableLightApp
Vulnerable API for educational purposes
api cybersecurity-education dotnet educational-project hacking hacking-challenge hacking-competitions owasp-top-10 pentest vulnerabilities vulnerability vulnerability-research vulnerable vulnerable-api vulnerable-application vulnerable-applications vulnerable-server vulnerable-web-app vulnerable-web-application web-api
Last synced: 18 May 2024
![](https://github.com/Aif4thah.png)
https://github.com/yallxe/hogg
Common vulnerability scanning on steroids ☄️
dns exploit network proxy rust rust-lang scanner secrets security sniffer vulnerabilities webscanner
Last synced: 16 May 2024
![](https://github.com/yallxe.png)
https://github.com/rosehgal/BinExp
Linux Binary Exploitation
binaries buffer-overflow-attack bufferoverflow consolidation exploitation format-string-attack global-offset-table got-spawning-shell heap-exploitation linux overriding-got ret2libc return-to-libc shellcode-injector stackoverflow tutorial vulnerabilities
Last synced: 16 May 2024
![](https://github.com/rosehgal.png)
https://github.com/PayDevs/awful-oss-incidents
🤬 A categorized list of incidents caused by unappreciated OSS maintainers or underfunded OSS projects. Feedback welcome!
fuck-ups incidents npmjs open-source oss vulnerabilities
Last synced: 15 May 2024
![](https://github.com/PayDevs.png)
https://github.com/spencerdodd/kernelpop
kernel privilege escalation enumeration and exploitation framework
enumeration exploits kernel security tools vulnerabilities
Last synced: 14 May 2024
![](https://github.com/spencerdodd.png)
https://github.com/HackOvert/awesome-bugs
A collection of software bug types and articles showcasing the hunt for and exploitation of them.
awesome-list software-bug vulnerabilities
Last synced: 14 May 2024
![](https://github.com/HackOvert.png)
https://github.com/R0X4R/Pinaak
A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
bash-script bugbounty fastscanner find-vulnerabilities nuclei sqlinjection vulnerabilities vulnerability-scanners xss-vulnerability
Last synced: 14 May 2024
![](https://github.com/R0X4R.png)
https://github.com/dyjakan/interpreter-bugs
Fuzzing results for various interpreters.
bugs fuzzing hhvm interpreter php python ruby security security-research vulnerabilities
Last synced: 14 May 2024
![](https://github.com/dyjakan.png)
https://github.com/tintinweb/smart-contract-vulndb
🍋 An open dataset containing smart contract audit issues from various sources.
smart-contract-security vulnerabilities
Last synced: 12 May 2024
![](https://github.com/tintinweb.png)
https://github.com/jenkinsci/contrast-continuous-application-security-plugin
Jenkins Plugin from Contrast Security
devsecops jenkins jenkins-plugin security security-tools vulnerabilities
Last synced: 12 May 2024
![](https://github.com/jenkinsci.png)
https://github.com/CERTCC/PoC-Exploits
Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.
Last synced: 12 May 2024
![](https://github.com/CERTCC.png)
![](https://github.com/jgamblin.png)
https://github.com/ethicalhackingplayground/tprox
TProx is a fast reverse proxy path traversal detector and directory bruteforcer.
hacking misconfigurations pentesting proxy vulnerabilities
Last synced: 12 May 2024
![](https://github.com/ethicalhackingplayground.png)
https://github.com/ravro-ir/log4shell-looker
log4jshell vulnerability scanner for bug bounty
bugbounty bugs java java-8 log4j log4j2 log4shell logger logging secuurity vulnerabilities vulnerability vulnerability-detection vulnerability-scanners
Last synced: 12 May 2024
![](https://github.com/ravro-ir.png)
https://github.com/infoslack/awesome-web-hacking
A list of web application security
appsec hacking hacking-tools metasploit owasp penetration-testing pentesting scanner security vulnerabilities vulnerability web-hacking web-security
Last synced: 09 May 2024
![](https://github.com/infoslack.png)
https://github.com/edoardottt/awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
awesome awesome-list awesome-lists bugbounty cve dns exploit hacking hacking-tools hacktoberfest osint osint-tool redteam redteaming search-engine security security-tools vulnerabilities vulnerability wifi-network
Last synced: 09 May 2024
![](https://github.com/edoardottt.png)
https://github.com/lirantal/awesome-nodejs-security
Awesome Node.js Security resources
cybersecurity hacktoberfest infosec nodejs owasp pentest security vulnerabilities web-security
Last synced: 09 May 2024
![](https://github.com/lirantal.png)
https://github.com/anchore/grype
A vulnerability scanner for container images and filesystems
container-image containers cyclonedx docker go golang hacktoberfest oci openvex security static-analysis tool vex vulnerabilities vulnerability
Last synced: 09 May 2024
![](https://github.com/anchore.png)
https://github.com/FriendsOfPHP/security-advisories
A database of PHP security advisories
composer packagist php vulnerabilities
Last synced: 09 May 2024
![](https://github.com/FriendsOfPHP.png)
https://github.com/aquasecurity/kube-hunter
Hunt for security weaknesses in Kubernetes clusters
hacktoberfest kubernetes-clusters vulnerabilities
Last synced: 09 May 2024
![](https://github.com/aquasecurity.png)
https://github.com/fosslight/fosslight
FOSSLight Hub : Integrated management web-service for Open Source Compliance Process
license management open-source spring-boot supply-chain vulnerabilities
Last synced: 09 May 2024
![](https://github.com/fosslight.png)
https://google.github.io/oss-fuzz/
OSS-Fuzz - continuous fuzzing for open source software.
fuzz-testing fuzzing oss-fuzz security stability vulnerabilities
Last synced: 09 May 2024
![](https://github.com/google.png)
https://github.com/trailofbits/cb-multios
DARPA Challenges Sets for Linux, Windows, and macOS
decree test-suite vulnerabilities
Last synced: 08 May 2024
![](https://github.com/trailofbits.png)
https://github.com/snyk/cli
Snyk CLI scans and monitors your projects for security vulnerabilities.
monitor security snyk vulnerabilities
Last synced: 07 May 2024
![](https://github.com/snyk.png)
https://github.com/quay/clair
Vulnerability Static Analysis for Containers
clair containers docker go kubernetes oci oci-image static-analysis vulnerabilities
Last synced: 07 May 2024
![](https://github.com/quay.png)
https://github.com/anchore/anchore-engine
A service that analyzes docker images and scans for vulnerabilities
anchore-engine containers docker docker-image dockerhub python security static-analysis vulnerabilities whitelist
Last synced: 07 May 2024
![](https://github.com/anchore.png)
https://github.com/google/clusterfuzzlite
ClusterFuzzLite - Simple continuous fuzzing that runs in CI.
ci continuous-integration fuzz-testing fuzzing security vulnerabilities
Last synced: 04 May 2024
![](https://github.com/google.png)
https://github.com/NeuraLegion/sslscan.cr
Crystal shard wrapping the rbsec/sslscan utility
crystal detection scanner security shard ssl tls vulnerabilities
Last synced: 02 May 2024
![](https://github.com/NeuraLegion.png)
https://github.com/sonatype-nexus-community/scan-gradle-plugin
Gradle plugin that scans the dependencies of a Gradle project using Sonatype platforms: OSS Index and Nexus IQ Server.
audit dependencies evaluate gradle gradle-plugin iq-server scan sonatype vulnerabilities
Last synced: 01 May 2024
![](https://github.com/sonatype-nexus-community.png)
https://github.com/presidentbeef/brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
brakeman rails ruby security security-audit security-tools security-vulnerability static-analysis vulnerabilities
Last synced: 01 May 2024
![](https://github.com/presidentbeef.png)