Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Projects in Awesome Lists tagged with vulnerabilities

A curated list of projects in awesome lists tagged with vulnerabilities .

https://google.github.io/oss-fuzz/

OSS-Fuzz - continuous fuzzing for open source software.

fuzz-testing fuzzing oss-fuzz security stability vulnerabilities

Last synced: 15 Nov 2024

https://github.com/google/oss-fuzz

OSS-Fuzz - continuous fuzzing for open source software.

fuzz-testing fuzzing oss-fuzz security stability vulnerabilities

Last synced: 16 Dec 2024

https://github.com/quay/clair

Vulnerability Static Analysis for Containers

clair containers docker go kubernetes oci oci-image static-analysis vulnerabilities

Last synced: 16 Dec 2024

https://github.com/presidentbeef/brakeman

A static analysis security vulnerability scanner for Ruby on Rails applications

brakeman rails ruby security security-audit security-tools security-vulnerability static-analysis vulnerabilities

Last synced: 21 Dec 2024

https://github.com/six2dez/reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

bug-bounty bugbounty dns fuzzing hacking nuclei osint penetration-testing pentest pentest-tool pentesting recon reconnaissance scanner security security-tools subdomain vulnerabilities

Last synced: 18 Dec 2024

https://github.com/google/clusterfuzz

Scalable fuzzing infrastructure.

fuzzing security stability vulnerabilities

Last synced: 16 Dec 2024

https://google.github.io/clusterfuzz/

Scalable fuzzing infrastructure.

fuzzing security stability vulnerabilities

Last synced: 18 Nov 2024

https://github.com/snyk/cli

Snyk CLI scans and monitors your projects for security vulnerabilities.

monitor security snyk vulnerabilities

Last synced: 16 Dec 2024

https://github.com/snyk/snyk

Snyk CLI scans and monitors your projects for security vulnerabilities.

monitor security snyk vulnerabilities

Last synced: 22 Nov 2024

https://github.com/aquasecurity/kube-hunter/

Hunt for security weaknesses in Kubernetes clusters

hacktoberfest kubernetes-clusters vulnerabilities

Last synced: 02 Dec 2024

https://github.com/aquasecurity/kube-hunter

Hunt for security weaknesses in Kubernetes clusters

hacktoberfest kubernetes-clusters vulnerabilities

Last synced: 17 Dec 2024

https://github.com/Medicean/VulApps

快速搭建各种漏洞环境(Various vulnerability environment)

cve docker struts vulnerabilities vulnhub

Last synced: 09 Nov 2024

https://github.com/retirejs/retire.js

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

build-tool chrome-extension firefox-extension grunt-plugins insecure-libraries javascript sbom sbom-generator sbom-tool scanner security software-composition-analysis vulnerabilities vulnerable-libraries

Last synced: 16 Dec 2024

https://github.com/medicean/vulapps

快速搭建各种漏洞环境(Various vulnerability environment)

cve docker struts vulnerabilities vulnhub

Last synced: 26 Sep 2024

https://github.com/RetireJS/retire.js

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

build-tool chrome-extension firefox-extension grunt-plugins insecure-libraries javascript sbom sbom-generator sbom-tool scanner security software-composition-analysis vulnerabilities vulnerable-libraries

Last synced: 29 Oct 2024

https://github.com/antonio-morales/fuzzing101

An step by step fuzzing tutorial. A GitHub Security Lab initiative

afl afl-fuzz bug-hunting bugbounty education fuzz-testing fuzzer fuzzilli fuzzing hacking security testing vulnerabilities

Last synced: 03 Dec 2024

https://github.com/antonio-morales/Fuzzing101

An step by step fuzzing tutorial. A GitHub Security Lab initiative

afl afl-fuzz bug-hunting bugbounty education fuzz-testing fuzzer fuzzilli fuzzing hacking security testing vulnerabilities

Last synced: 02 Nov 2024

https://github.com/dependencytrack/dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

appsec bill-of-materials bom component-analysis cyclonedx devsecops hacktoberfest nvd ossindex owasp package-url purl sbom sca security security-automation software-composition-analysis software-security vulnerabilities vulnerability-detection

Last synced: 18 Dec 2024

https://github.com/DependencyTrack/dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

appsec bill-of-materials bom component-analysis cyclonedx devsecops hacktoberfest nvd ossindex owasp package-url purl sbom sca security security-automation software-composition-analysis software-security vulnerabilities vulnerability-detection

Last synced: 01 Nov 2024

https://github.com/jaeles-project/jaeles

The Swiss Army knife for automated Web Application Testing

bugbounty golang hacking infosec jaeles scanner security-tools vulnerabilities web-scanner

Last synced: 19 Dec 2024

https://github.com/crytic/not-so-smart-contracts

Examples of Solidity security issues

ethereum solidity vulnerabilities

Last synced: 26 Sep 2024

https://github.com/friendsofphp/security-advisories

A database of PHP security advisories

composer packagist php vulnerabilities

Last synced: 17 Dec 2024

https://github.com/FriendsOfPHP/security-advisories

A database of PHP security advisories

composer packagist php vulnerabilities

Last synced: 28 Oct 2024

https://github.com/lirantal/is-website-vulnerable

finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

hacktoberfest lighthouse nodejs scan security security-vulnerabilities vulnerabilities

Last synced: 17 Dec 2024

https://github.com/owasp/nodegoat

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

docker heroku javascript nodegoat nodejs owasp-top-ten owasp-zap vulnerabilities

Last synced: 18 Dec 2024

https://github.com/OWASP/NodeGoat

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

docker heroku javascript nodegoat nodejs owasp-top-ten owasp-zap vulnerabilities

Last synced: 24 Oct 2024

https://github.com/harsh-bothra/learn365

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

application-security bugbounty bugbountytips community infosec learning pentesting pentesting-tools vulnerabilities

Last synced: 29 Nov 2024

https://github.com/anchore/anchore-engine

A service that analyzes docker images and scans for vulnerabilities

anchore-engine containers docker docker-image dockerhub python security static-analysis vulnerabilities whitelist

Last synced: 28 Sep 2024

https://github.com/openclarity/openclarity

OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructure

cloud exploits kubernetes leaked-secrets malware rootkits sbom scanner security supply-chain virtual-machine vulnerabilities

Last synced: 19 Dec 2024

https://github.com/intel/cve-bin-tool

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

cve cvss devsecops hacktoberfest python sbom sbom-tool security security-automation security-tools swrepo system-tools vulnerabilities vulnerability

Last synced: 17 Dec 2024

https://github.com/eliasgranderubio/dagda

a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities

detecting-anomalous-activities docker malware-detection security static-analysis vulnerabilities

Last synced: 15 Dec 2024

https://github.com/ZupIT/horusec

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

analysis cd ci cli golang hacktoberfest java kotlin netcore python ruby sast sast-analysis scanner security security-development security-flaws static-analysis terraform vulnerabilities

Last synced: 02 Nov 2024

https://github.com/zupit/horusec

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

analysis cd ci cli golang hacktoberfest java kotlin netcore python ruby sast sast-analysis scanner security security-development security-flaws static-analysis terraform vulnerabilities

Last synced: 19 Dec 2024

https://github.com/xmirrorsecurity/opensca-cli

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.

cyclonedx devsecops license-compliance sbom sca security software-bill-of-materials software-composition-analysis software-supply-chain software-supply-chain-security spdx static-analysis swid vulnerabilities

Last synced: 20 Dec 2024

https://github.com/XmirrorSecurity/OpenSCA-cli

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.

cyclonedx devsecops license-compliance sbom sca security software-bill-of-materials software-composition-analysis software-supply-chain software-supply-chain-security spdx static-analysis swid vulnerabilities

Last synced: 11 Nov 2024

https://github.com/lirantal/npq

🎖safely* install packages with npm or yarn by auditing them as part of your install process

command-line-tool hacktoberfest npm package-manager security security-audit security-tools vulnerabilities

Last synced: 19 Dec 2024

https://github.com/ycdxsb/PocOrExp_in_Github

Automatically Collect POC or EXP from GitHub by CVE ID. If you are unable to find the POC/EXP on GitHub, you can also check here: https://pocorexps.nsa.im/

cve exploit poc vulnerabilities

Last synced: 21 Nov 2024

https://github.com/owasp/railsgoat

A vulnerable version of Rails that follows the OWASP Top 10

appsec owasp-top rails ruby ruby-on-rails security vulnerabilities

Last synced: 19 Dec 2024

https://github.com/RustSec/advisory-db

Security advisory database for Rust crates published through crates.io

rust security security-advisories security-audit vulnerabilities

Last synced: 21 Nov 2024

https://github.com/rustsec/advisory-db

Security advisory database for Rust crates published through crates.io

rust security security-advisories security-audit vulnerabilities

Last synced: 19 Dec 2024

https://github.com/OWASP/railsgoat

A vulnerable version of Rails that follows the OWASP Top 10

appsec owasp-top rails ruby ruby-on-rails security vulnerabilities

Last synced: 27 Oct 2024

https://github.com/pedrib/poc

Advisories, proof of concept files and exploits that have been made public by @pedrib.

advisories exploits hacking metasploit vulnerabilities

Last synced: 18 Dec 2024

https://github.com/pedrib/PoC

Advisories, proof of concept files and exploits that have been made public by @pedrib.

advisories exploits hacking metasploit vulnerabilities

Last synced: 21 Nov 2024

https://github.com/matheus-garbelini/esp32_esp8266_attacks

Proof of Concept of ESP32/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588)

crash esp32 esp8266 hijack vulnerabilities

Last synced: 21 Dec 2024

https://github.com/cryptogenic/exploit-writeups

A collection where my current and future writeups for exploits/CTF will go

capture-the-flag exploit-development exploitation vulnerabilities

Last synced: 03 Nov 2024

https://github.com/Cryptogenic/Exploit-Writeups

A collection where my current and future writeups for exploits/CTF will go

capture-the-flag exploit-development exploitation vulnerabilities

Last synced: 25 Oct 2024

https://github.com/thesp0nge/dawnscanner

Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.

codereview cybersecurity hanami padrino rails ruby security security-audit sinatra vulnerabilities

Last synced: 19 Dec 2024

https://github.com/snyk/zip-slip-vulnerability

Zip Slip Vulnerability (Arbitrary file write through archive extraction)

security vulnerabilities

Last synced: 10 Nov 2024

https://github.com/StarCrossPortal/scalpel

scalpel是一款命令行漏洞扫描工具,支持深度参数注入,拥有一个强大的数据解析和变异算法,可以将常见的数据格式(json, xml, form等)解析为树结构,然后根据poc中的规则,对树进行变异,包括对叶子节点和树结构 的变异。变异完成之后,将树结构还原为原始的数据格式。

cve exploits fuzzing poc scanner vulnerabilities vulnerability

Last synced: 21 Nov 2024

https://github.com/googleprojectzero/0days-in-the-wild

Repository for information about 0-days exploited in-the-wild.

0day exploits vulnerabilities

Last synced: 13 Nov 2024

https://github.com/BugScanTeam/GitHack

.git 泄漏利用工具,可还原历史版本

git vulnerabilities

Last synced: 21 Nov 2024

https://github.com/spencerdodd/kernelpop

kernel privilege escalation enumeration and exploitation framework

enumeration exploits kernel security tools vulnerabilities

Last synced: 02 Nov 2024

https://github.com/hardik05/Damn_Vulnerable_C_Program

An example C program which contains vulnerable code for common types of vulnerabilities. It can be used to show fuzzing concepts.

afl dynamorio fuzzing honggfuzz jackalope libafl libfuzzer security tinyinst vulnerabilities vulnerability winafl

Last synced: 21 Nov 2024

https://github.com/B3nac/InjuredAndroid

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

android android-security android-studio apk bug-bounty ctf flutter flutter-security flutter-xss kotlin kotlin-android pentesting security-testing vulnerabilities webview

Last synced: 06 Nov 2024

https://github.com/BeetleChunks/SpoolSploit

A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.

container cve-2021-1675 cve-2021-34527 docker exploit print printspooler python rpc scanner spool vulnerabilities windows

Last synced: 01 Nov 2024

https://github.com/trailofbits/cb-multios

DARPA Challenges Sets for Linux, Windows, and macOS

decree test-suite vulnerabilities

Last synced: 21 Dec 2024

https://github.com/nix-community/vulnix

Vulnerability (CVE) scanner for Nix/NixOS.

cve nix nixos security vulnerabilities vulnerability

Last synced: 21 Dec 2024