Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Projects in Awesome Lists tagged with vulnerability
A curated list of projects in awesome lists tagged with vulnerability .
https://swisskyrepo.github.io/PayloadsAllTheThings/
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bounty bugbounty bypass cheatsheet enumeration hacking hacktoberfest methodology payload payloads penetration-testing pentest privilege-escalation redteam security vulnerability web-application
Last synced: 23 Nov 2024
https://github.com/swisskyrepo/payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bounty bugbounty bypass cheatsheet enumeration hacking hacktoberfest methodology payload payloads penetration-testing pentest privilege-escalation redteam security vulnerability web-application
Last synced: 13 Jan 2025
https://github.com/swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bounty bugbounty bypass cheatsheet enumeration hacking hacktoberfest methodology payload payloads penetration-testing pentest privilege-escalation redteam security vulnerability web-application
Last synced: 26 Oct 2024
https://github.com/aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
containers devsecops docker go golang hacktoberfest iac infrastructure-as-code kubernetes misconfiguration security security-tools vulnerability vulnerability-detection vulnerability-scanners
Last synced: 13 Jan 2025
https://github.com/chaitin/safeline
serve as a reverse proxy to protect your web services from attacks and exploits.
api-gateway application-security appsec blueteam bruteforce captcha cve cybersecurity firewall hackers http-flood security self-hosted sql-injection vulnerability waf web-application-firewall web-security websecurity xss
Last synced: 14 Jan 2025
https://github.com/hacker0x01/hacker101
Source code for Hacker101.com - a free online web and mobile security class.
clickjacking csrf education hacker101 hackerone hacking mobile-security security session-fixation sql-injection unchecked-redirects vulnerability web-security xss
Last synced: 29 Nov 2024
https://github.com/Hacker0x01/hacker101
Source code for Hacker101.com - a free online web and mobile security class.
clickjacking csrf education hacker101 hackerone hacking mobile-security security session-fixation sql-injection unchecked-redirects vulnerability web-security xss
Last synced: 25 Oct 2024
https://github.com/chaitin/SafeLine
serve as a reverse proxy to protect your web services from attacks and exploits.
api-gateway application-security appsec blueteam bruteforce captcha cve cybersecurity firewall hackers http-flood security self-hosted sql-injection vulnerability waf web-application-firewall web-security websecurity xss
Last synced: 29 Oct 2024
https://github.com/chaitin/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
passive-vulnerability-scanner poc security sqlinjection vulnerability vulnerability-scanner xss
Last synced: 05 Dec 2024
https://github.com/anchore/grype
A vulnerability scanner for container images and filesystems
container-image containers cyclonedx docker go golang hacktoberfest oci openvex security static-analysis tool vex vulnerabilities vulnerability
Last synced: 13 Jan 2025
https://github.com/frohoff/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
deserialization exploit gadget java javadeser jvm poc serialization vulnerability
Last synced: 15 Jan 2025
https://github.com/trickest/cve
Gather and update all available and newest CVEs with their PoC.
cve cve-poc exploit hacking infosec latest-cve penetration-testing pentesting poc red-team security security-tools software-security software-vulnerabilities software-vulnerability vulnerabilities vulnerability
Last synced: 02 Dec 2024
https://github.com/nomi-sec/poc-in-github
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
cve exploit poc security vulnerability
Last synced: 02 Dec 2024
https://github.com/nomi-sec/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
cve exploit poc security vulnerability
Last synced: 01 Nov 2024
https://github.com/kathanp19/howtohunt
Collection of methodology and test case for various web vulnerabilities.
bugbounty bugbountytips bughunting-methodology tutorials vulnerability
Last synced: 02 Dec 2024
https://github.com/KathanP19/HowToHunt
Collection of methodology and test case for various web vulnerabilities.
bugbounty bugbountytips bughunting-methodology tutorials vulnerability
Last synced: 27 Oct 2024
https://github.com/daffainfo/allaboutbugbounty
All about bug bounty (bypasses, payloads, and etc)
bug bugbounty bugbountytips bypass hacking infosec payload payloads penetration-testing pentest reconnaissance security vulnerability
Last synced: 18 Dec 2024
https://github.com/landgrey/springbootvulexploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
rce spring-actuator-vulnerability spring-boot-vulnerability spring-vulnerability springboot springboot-actuator-rce springcloud vulnerability
Last synced: 16 Jan 2025
https://github.com/daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
bug bugbounty bugbountytips bypass hacking infosec payload payloads penetration-testing pentest reconnaissance security vulnerability
Last synced: 06 Nov 2024
https://github.com/LandGrey/SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
rce spring-actuator-vulnerability spring-boot-vulnerability spring-vulnerability springboot springboot-actuator-rce springcloud vulnerability
Last synced: 21 Nov 2024
https://github.com/infobyte/faraday
Open Source Vulnerability Management Platform
appsec burpsuite collaboration continuous-scanning cve cybersecurity devops devsecops infosec nessus nmap orchestration penetration-testing pentesting security security-audit security-automation vulnerability vulnerability-management vulnerability-scanners
Last synced: 13 Jan 2025
https://github.com/zhzyker/exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
cve-2020-10199 cve-2020-10204 cve-2020-11444 cve-2020-14882 cve-2020-1938 cve-2020-2551 cve-2020-2555 cve-2020-2883 cve-2020-5902 drupal exp exploit getshell nexus poc tomcat vulnerability weblogic webshell
Last synced: 17 Jan 2025
https://github.com/hahwul/dalfox
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
bugbounty bugbounty-tool cicd-pipeline devsecops golang hacktoberfest security vulnerability xss xss-bruteforce xss-detection xss-exploit xss-scanner
Last synced: 14 Jan 2025
https://github.com/scipag/vulscan
Advanced vulnerability scanning with Nmap NSE
exploit lua lua-script nmap nmap-scan-script nmap-scripts nse nsescript penetration-testing security security-audit security-scanner vulnerability vulnerability-assessment vulnerability-database-entry vulnerability-databases vulnerability-detection vulnerability-identification vulnerability-scanners vulnerability-scanning
Last synced: 15 Jan 2025
https://github.com/greenbone/openvas-scanner
This repository contains the scanner component for Greenbone Community Edition.
c foo greenbone greenbone-community-edition greenbone-vulnerability-management gvm openvas openvas-scanner scanner techops vulnerability vulnerability-assessment vulnerability-detection vulnerability-management vulnerability-scanners
Last synced: 14 Jan 2025
https://github.com/swisskyrepo/ssrfmap
Automatic SSRF fuzzer and exploitation tool
ctf exploitation hacktoberfest pentest server-side-request-forgery ssrf ssrfmap vulnerability
Last synced: 14 Jan 2025
https://github.com/swisskyrepo/SSRFmap
Automatic SSRF fuzzer and exploitation tool
ctf exploitation hacktoberfest pentest server-side-request-forgery ssrf ssrfmap vulnerability
Last synced: 03 Nov 2024
https://github.com/payloadbox/command-injection-payload-list
🎯 Command Injection Payload List
application application-security bugbounty command command-injection injection linux macos os os-injection payload payload-list security security-research security-testing security-vulnerability unix vulnerability vulnerability-research windows
Last synced: 15 Jan 2025
https://github.com/bo0om/fuzz.txt
Potentially dangerous files
dirbuster files fuzz list vulnerability web
Last synced: 03 Dec 2024
https://github.com/Bo0oM/fuzz.txt
Potentially dangerous files
dirbuster files fuzz list vulnerability web
Last synced: 29 Oct 2024
https://github.com/goodwithtech/dockle
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
containers docker go golang kubernetes linter security security-audit security-tools vulnerability
Last synced: 14 Jan 2025
https://github.com/voorivex/pentest-guide
Penetration tests guide based on OWASP including test cases, resources and examples.
bugbounty bypass owasp-tests payload penetration-testing pentest vulnerability writeup
Last synced: 30 Nov 2024
https://github.com/Voorivex/pentest-guide
Penetration tests guide based on OWASP including test cases, resources and examples.
bugbounty bypass owasp-tests payload penetration-testing pentest vulnerability writeup
Last synced: 24 Oct 2024
https://github.com/az0x7/vulnerability-checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
bugbounty security sqlinjection vulnerability vulnerability-checklist web-vulnerability
Last synced: 29 Nov 2024
https://github.com/tunz/js-vuln-db
A collection of JavaScript engine CVEs with PoCs
Last synced: 11 Jan 2025
https://github.com/c0ny1/vulstudy
使用docker快速搭建各大漏洞靶场,目前可以一键搭建17个靶场。
docker-image-builder vulnerability
Last synced: 11 Jan 2025
https://github.com/isafeblue/trackray
溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
Last synced: 18 Jan 2025
https://github.com/iSafeBlue/TrackRay
溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
Last synced: 05 Nov 2024
https://github.com/lifka/hacking-resources
Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.
ethicalhacking gathering hacker hacking malware network-monitoring osint powershell social-engineering tools vulnerability
Last synced: 10 Jan 2025
https://github.com/anouarbensaad/vulnx
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
auto-exploiter bot cloudflare-detection cms-detector crawler detects-vulnerabilities dorks exploits hacking information-gathering pentest security-tools shell-injection subdomains-gathering vulnerability vulnerability-assessment vulnerability-detection vulnerability-exploit website-vulnerability-scanner wp-scanner
Last synced: 17 Jan 2025
https://github.com/NCSC-NL/log4shell
Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
cve-2021-4104 cve-2021-44228 cve-2021-45046 cve-2021-45105 log4j log4shell vulnerability
Last synced: 12 Nov 2024
https://github.com/ncsc-nl/log4shell
Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
cve-2021-4104 cve-2021-44228 cve-2021-45046 cve-2021-45105 log4j log4shell vulnerability
Last synced: 26 Sep 2024
https://github.com/Lifka/hacking-resources
Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.
ethicalhacking gathering hacker hacking malware network-monitoring osint powershell social-engineering tools vulnerability
Last synced: 01 Nov 2024
https://github.com/lukechilds/reverse-shell
Reverse Shell as a Service
exploit joke microservice pentesting prank reverse-shell vulnerability
Last synced: 17 Jan 2025
https://github.com/0x727/SpringBootExploit
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
exp exploit spring springboot vul vulnerability
Last synced: 21 Nov 2024
https://github.com/0x727/springbootexploit
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
exp exploit spring springboot vul vulnerability
Last synced: 27 Sep 2024
https://github.com/hummerrisk/hummerrisk
HummerRisk 是云原生安全平台,包括混合云安全治理和云原生安全检测。
cloud-custodian cloud-native cloud-native-security compliance compliance-as-code cspm k8s-security kubernetes-security prowler sbom security trivy vulnerability
Last synced: 11 Jan 2025
https://github.com/HummerRisk/HummerRisk
HummerRisk 是云原生安全平台,包括混合云安全治理和云原生安全检测。
cloud-custodian cloud-native cloud-native-security compliance compliance-as-code cspm k8s-security kubernetes-security prowler sbom security trivy vulnerability
Last synced: 12 Nov 2024
https://github.com/bearer/bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
appsec code-quality compliance dataflow devsecops devsecops-tools gdpr owasp privacy sast security security-audit security-automation security-scanner security-tools static-analysis static-code-analysis vulnerabilities vulnerability
Last synced: 24 Oct 2024
https://github.com/Bearer/bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
appsec code-quality compliance dataflow devsecops devsecops-tools gdpr owasp privacy sast security security-audit security-automation security-scanner security-tools static-analysis static-code-analysis vulnerabilities vulnerability
Last synced: 02 Nov 2024
https://github.com/ihebski/a-red-teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
active-directory crackmapexec cybersecurity engagement enumeration exploit hacking lateral-movement metasploit meterpreter mimikatz nmap penetration-testing pentesting privilege-escalation redteam script security-tools tools vulnerability
Last synced: 03 Dec 2024
https://github.com/ihebski/A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
active-directory crackmapexec cybersecurity engagement enumeration exploit hacking lateral-movement metasploit meterpreter mimikatz nmap penetration-testing pentesting privilege-escalation redteam script security-tools tools vulnerability
Last synced: 07 Nov 2024
https://github.com/threekiii/vulnerability-wiki
基于 docsify 快速部署 Awesome-POC 中的漏洞文档
cve docker docsify vulnerability wiki
Last synced: 16 Jan 2025
https://github.com/s4n7h0/xvwa
XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
application-security knowledge learning-appsec mysql php vulnerability xvwa
Last synced: 14 Jan 2025
https://github.com/Threekiii/Vulnerability-Wiki
基于 docsify 快速部署 Awesome-POC 中的漏洞文档
cve docker docsify vulnerability wiki
Last synced: 05 Nov 2024
https://github.com/1n3/blackwidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
active application automated bugbounty csrf fuzzer lfi osint owasp passive python rce rfi scan scanner spider sqli vulnerability web xss
Last synced: 12 Jan 2025
https://github.com/bytedance/appshark
Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.
android compliance static-analysis vulnerability
Last synced: 16 Jan 2025
https://github.com/dolevf/damn-vulnerable-graphql-application
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
damn-vulnerable damn-vulnerable-web-application exploitation graphql graphql-security penetration-testing security vulnerability
Last synced: 11 Jan 2025
https://github.com/google/osv.dev
Open source vulnerability DB and triage service.
security security-tools vulnerability vulnerability-databases vulnerability-management vulnerability-scanners
Last synced: 14 Jan 2025
https://github.com/1N3/BlackWidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
active application automated bugbounty csrf fuzzer lfi osint owasp passive python rce rfi scan scanner spider sqli vulnerability web xss
Last synced: 01 Nov 2024
https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
damn-vulnerable damn-vulnerable-web-application exploitation graphql graphql-security penetration-testing security vulnerability
Last synced: 05 Nov 2024
https://github.com/v3n0m-scanner/v3n0m-scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
aiohttp asyncio blackarch cloudflare d0rk dns exploit ftp hacking lfi metasploit pentesting python3 scanner sqli toxin trawling vulnerability vulnerability-scanners xss
Last synced: 17 Jan 2025
https://github.com/zema1/watchvuln
一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it
dingding-bot lark-bot vulnerability vulnerability-analysis wecom-bot
Last synced: 17 Jan 2025
https://github.com/v3n0m-Scanner/V3n0M-Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
aiohttp asyncio blackarch cloudflare d0rk dns exploit ftp hacking lfi metasploit pentesting python3 scanner sqli toxin trawling vulnerability vulnerability-scanners xss
Last synced: 01 Nov 2024
https://github.com/jweny/pocassist
傻瓜式漏洞PoC测试框架
cve penetration-testing-poc poc pocassist security security-tools vulnerability vulnerability-scanners
Last synced: 30 Sep 2024
https://github.com/0xmaximus/galaxy-bugbounty-checklist
Tips and Tutorials for Bug Bounty and also Penetration Tests.
bug bugbounty bugbounty-checklist bugbounty-reports bugbounty-tool bugbountytips bugbountytricks bugcrowd bugs ethical-hacker ethical-hacking hackerone red-team red-teaming vulnerabilities vulnerability
Last synced: 05 Dec 2024
https://google.github.io/osv.dev/
Open source vulnerability DB and triage service.
security security-tools vulnerability vulnerability-databases vulnerability-management vulnerability-scanners
Last synced: 01 Oct 2024
https://github.com/0xmaximus/Galaxy-Bugbounty-Checklist
Tips and Tutorials for Bug Bounty and also Penetration Tests.
bug bugbounty bugbounty-checklist bugbounty-reports bugbounty-tool bugbountytips bugbountytricks bugcrowd bugs ethical-hacker ethical-hacking hackerone red-team red-teaming vulnerabilities vulnerability
Last synced: 05 Nov 2024
https://github.com/quark-engine/quark-engine
Quark Agent - Your AI-powered Android APK Analyst
ai android artificial-intelligence blackbox blackbox-testing blackhat defcon llm-agent security-vulnerability-assessment vulnerability
Last synced: 14 Jan 2025
https://github.com/HASecuritySolutions/VulnWhisperer
Create actionable data from your Vulnerability Scans
elasticsearch elasticstack logstash nessus python qualys vulnerability
Last synced: 03 Nov 2024
https://github.com/jeffzh3ng/fuxi
Penetration Testing Platform
penetration-testing pentest-tool security vulnerability
Last synced: 12 Jan 2025
https://github.com/intel/cve-bin-tool
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
cve cvss devsecops hacktoberfest python sbom sbom-tool security security-automation security-tools swrepo system-tools vulnerabilities vulnerability
Last synced: 14 Jan 2025
https://github.com/nixawk/labs
Vulnerability Labs for security analysis
cve exploit security vulnerability
Last synced: 13 Jan 2025
https://github.com/Vu1nT0tal/IoT-vulhub
IoT固件漏洞复现环境
docker exploit iot qemu vulnerability
Last synced: 05 Nov 2024
https://github.com/vu1nt0tal/iot-vulhub
IoT固件漏洞复现环境
docker exploit iot qemu vulnerability
Last synced: 12 Jan 2025
https://vulntotal-team.github.io/IoT-vulhub
IoT固件漏洞复现环境
docker exploit iot qemu vulnerability
Last synced: 28 Sep 2024
https://github.com/jxy-s/herpaderping
Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
antivirus antivirus-evasion exploit exploit-development exploit-framework exploitation exploits process-doppelganging process-herpaderping process-hollowing process-migration security security-vulnerability vulnerability windows windows-10 windows-7 windows-defender
Last synced: 12 Jan 2025
https://github.com/deepzec/bad-pdf
Steal Net-NTLM Hash using Bad-PDF
badpdf cve-2018-4993 ntlm-hash-extraction ntlm-hashes vulnerability
Last synced: 13 Jan 2025
https://github.com/jar-analyzer/jar-analyzer
Jar Analyzer - 一个JAR包分析工具,批量分析,SCA漏洞分析,方法调用关系搜索,字符串搜索,Spring组件分析,信息泄露检查,CFG程序分析,JVM栈帧分析,进阶表达式搜索,字节码指令级的动态调试分析,反编译JAR包一键导出,一键提取序列化数据恶意代码,一键分析BCEL字节码
bytecode jar java-asm java-bytecode java-debugger java-decompiler java-gui java-security java-vulnerability program-analysis static-analysis vulnerability web-vulnerability
Last synced: 05 Nov 2024
https://github.com/deepzec/Bad-Pdf
Steal Net-NTLM Hash using Bad-PDF
badpdf cve-2018-4993 ntlm-hash-extraction ntlm-hashes vulnerability
Last synced: 19 Nov 2024
https://github.com/nccgroup/singularity
A DNS rebinding attack framework.
attack dns dns-rebinding iot vulnerability
Last synced: 17 Jan 2025
https://github.com/hacktoolspack/hack-tools
hack tools
0day exploit hack hacking hacking-tool hacks injection java javascript perl python sqlinjection tools vulnerability vulnerability-databases vulnerability-scanners vulnerability-web zeroday
Last synced: 10 Jan 2025
https://github.com/project-copacetic/copacetic
🧵 CLI tool for directly patching container images!
cncf compliance container-image container-security containers devsecops docker hacktoberfest patching security security-tools trivy vulnerabilities vulnerability vulnerability-management
Last synced: 02 Nov 2024
https://github.com/WhitewidowScanner/whitewidow
SQL Vulnerability Scanner
sql-vulnerability-scanner sqli vulnerability vulnerability-scanners
Last synced: 15 Nov 2024
https://github.com/rub-nds/terrapin-scanner
This repository contains a simple vulnerability scanner for the Terrapin attack present in the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".
attack cryptography ssh vulnerability vulnerability-scanner
Last synced: 15 Jan 2025
https://github.com/toolswatch/vFeed
The Correlated CVE Vulnerability And Threat Intelligence Database API
capec common-vulnerability-exposure cve cwe exploits intelligence-gathering oval python scap threat threat-intelligence threat-intelligence-database threatintel vfeed vulnerability vulnerability-database-entry vulnerability-databases vulnerability-detection vulnerability-identification vulnerability-scanners
Last synced: 01 Nov 2024
https://github.com/summersec/javalearnvulnerability
Java漏洞学习笔记 Deserialization Vulnerability
commons-collections3 commons-collections4 deserialization-vulnerability fastjson-rce jackson-databind java java-refilection shiro-security vulnerability weblogc-security weblogic
Last synced: 15 Jan 2025
https://github.com/SummerSec/JavaLearnVulnerability
Java漏洞学习笔记 Deserialization Vulnerability
commons-collections3 commons-collections4 deserialization-vulnerability fastjson-rce jackson-databind java java-refilection shiro-security vulnerability weblogc-security weblogic
Last synced: 21 Nov 2024
https://github.com/topscoder/nuclei-wordfence-cve
The EXCLUSIVE Collection of 40,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.
bugbounty cve exploits nuclei nuclei-templates pentesting projectdiscovery scanner security vulnerability vulnerability-scanning wordfence wordpress
Last synced: 17 Jan 2025
https://github.com/globocom/secDevLabs
A laboratory for learning secure web and mobile development in a practical manner.
development hacktoberfest hacktoberfest2022 labs owasp-top-10 security training vulnerability
Last synced: 11 Nov 2024
https://github.com/aquasecurity/trivy-action
Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities
devsecops github-actions scanner scanning security tools vulnerability
Last synced: 15 Jan 2025
https://github.com/pwnesia/dnstake
DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
dns go golang nameserver subdomain takeover vulnerability
Last synced: 12 Jan 2025
https://github.com/r0x4r/garud
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
assetfinder bash-script bugbounty bugbounty-tool bugbountytips garud gf-patterns golang penetration-testing penetration-testing-tools reconnaissance subdomain-takeover vulnerability vulnerability-scanner
Last synced: 13 Jan 2025
https://github.com/R0X4R/Garud
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
assetfinder bash-script bugbounty bugbounty-tool bugbountytips garud gf-patterns golang penetration-testing penetration-testing-tools reconnaissance subdomain-takeover vulnerability vulnerability-scanner
Last synced: 06 Nov 2024
https://github.com/tcosolutions/betterscan
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan
code-quality code-quality-analyzer compliance devops devops-tools devsecops gdpr owasp sast security-audit security-automation security-orchestration security-scanner security-tools sonarqube static-analysis static-analyzers static-code-analysis vulnerability vulnerability-scanner
Last synced: 14 Oct 2024
https://github.com/thezdi/PoC
Proofs-of-concept
advantech cve-2016-0856 exploit poc proof-of-concept research rpc scada vulnerability zdi
Last synced: 06 Nov 2024
https://github.com/nsacyber/Hardware-and-Firmware-Security-Guidance
Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
audit cve cve-2017-5715 cve-2017-5753 cve-2017-5754 cve-2018-3639 cve-2018-3640 cve-2018-3665 cve-2018-3693 guidance meltdown nessus spectre vulnerability
Last synced: 03 Nov 2024
https://github.com/thezdi/poc
Proofs-of-concept
advantech cve-2016-0856 exploit poc proof-of-concept research rpc scada vulnerability zdi
Last synced: 03 Nov 2024
https://github.com/bigblackhat/oFx
漏洞批量验证框架
cve exploit poc scanner verify-framework vulnerability vulnerability-scanners
Last synced: 21 Nov 2024
https://github.com/StarCrossPortal/scalpel
scalpel是一款命令行漏洞扫描工具,支持深度参数注入,拥有一个强大的数据解析和变异算法,可以将常见的数据格式(json, xml, form等)解析为树结构,然后根据poc中的规则,对树进行变异,包括对叶子节点和树结构 的变异。变异完成之后,将树结构还原为原始的数据格式。
cve exploits fuzzing poc scanner vulnerabilities vulnerability
Last synced: 21 Nov 2024
