Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Common Vulnerabilities and Exposures (CVE)

The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The United States’ National Cybersecurity FFRDC, operated by The Mitre Corporation, maintains the system, with funding from the US National Cyber Security Division of the US Department of Homeland Security

https://github.com/cvebase/cvebase.com

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

cve cybersecurity infosec security vulnerabilities wiki

Last synced: 04 Aug 2024

https://github.com/bishopfox/pwn-pulse

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

cve exploit infosec penetration-testing pentest-scripts pentesting red-team security-tools

Last synced: 04 Aug 2024

https://github.com/foospidy/web-cve-tests

A simple framework for sending test payloads for known web CVEs.

application-sec cve cve-scanning payloads struts tests web

Last synced: 07 Nov 2024

https://github.com/Exein-io/kepler

NIST-based CVE lookup store and API powered by Rust.

cve cve-scanning cve-search rust security-tools

Last synced: 03 Nov 2024

https://github.com/forrest-orr/exploits

A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

asm browser c cve cve-2019-17026 cve-2020-0674 exploit firefox ie ionmonkey js jscript ms12-037 ms13-008 ms14-051 poc shellcode uaf windows wpad

Last synced: 16 Oct 2024

https://github.com/adminlove520/Poc-Monitor_v1.0.1

威胁情报-漏洞存储库

cve exploit github poc

Last synced: 10 Sep 2024

https://github.com/yardenshafir/CVE-2020-1034

PoC demonstrating the use of cve-2020-1034 for privilege escalation

cve exploit poc privilege-escalation vulnerability windows

Last synced: 04 Aug 2024

https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell

Webmin <=1.984, CVE-2022-0824 Post-Auth Reverse Shell PoC

cve exploit proof-of-concept vulnerability

Last synced: 04 Aug 2024

https://github.com/BitTheByte/Eagle

Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities

bugbounty bugcrowd cve ftp hackerone hacking python ssrf takeover xss

Last synced: 03 Nov 2024

https://github.com/CLincat/vulcat

vulcat可用于扫描Web端常见的CVE、CNVD等编号的漏洞,发现漏洞时会返回Payload信息。部分漏洞还支持命令行交互模式,可以持续利用漏洞

cnvd cnvd-2021-28277 cve cve-2018-7602 cve-2019-15642 cve-2020-10204 cve-2020-9483 cve-2021-21234 cve-2021-22205 cve-2021-3223 cve-2021-35042 cve-2021-42013 cve-2021-43798 cve-2022-1388 cve-2022-26134 exp poc scanner security vulnerability

Last synced: 04 Aug 2024

https://github.com/olbat/nvdcve

NVD/CVE as JSON files

cve vulnerability-identification

Last synced: 24 Oct 2024

https://github.com/spiderlabs/cve_server

Simple REST-style web service for the CVE searching

api api-rest api-server cpe cve cve-server cvss cvssv2 cvssv3 database nvd ruby

Last synced: 12 Nov 2024

https://github.com/SpiderLabs/cve_server

Simple REST-style web service for the CVE searching

api api-rest api-server cpe cve cve-server cvss cvssv2 cvssv3 database nvd ruby

Last synced: 04 Aug 2024

https://github.com/vfeedio/pyvfeed

Python API for vFeed Vulnerability & Threat Intelligence Database Enterprise & Pro Editions

capec cve cwe exploits oval python-api scap threat-database threat-intelligence vulnerability-databases vulnerability-management vulnerability-scanners

Last synced: 01 Nov 2024

https://github.com/nowsecure/dirtycow

radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability

android cve dirtycow exploit security

Last synced: 14 Nov 2024

https://github.com/pwnedshell/Bugs-feed

Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...

bugbounty cve hacking python scrapping vulnerabilities

Last synced: 04 Aug 2024

https://github.com/wuhan005/CVE-2022-30781

🍵 Gitea repository migration remote command execution exploit.

cve cve-2022-30781 exploit gitea

Last synced: 23 Oct 2024

https://github.com/wuhan005/cve-2022-30781

🍵 Gitea repository migration remote command execution exploit.

cve cve-2022-30781 exploit gitea

Last synced: 07 Nov 2024

https://github.com/tobor88/PowerShell-Blue-Team

Collection of PowerShell functinos and scripts a Blue Teamer might use

blue-team blue-teams blueteam cve cve-search defense dns-over-https doh powershell powershell-blue-team

Last synced: 01 Nov 2024

https://github.com/birdhan/SecurityTools

渗透测试工具包 | 开源安全测试工具 | 网络安全工具

cve exploit poc

Last synced: 04 Aug 2024

https://github.com/ckotzbauer/vulnerability-operator

Scans SBOMs for vulnerabilities with Grype

cve grype kubernetes policyreport sbom security vulnerabilities

Last synced: 26 Oct 2024

https://github.com/sickcodes/security

Collection of CVEs from Sick Codes, or collaborations on https://sick.codes security research & advisories.

advisories bugs cve cwe mitre security vulnerabilities

Last synced: 28 Oct 2024

https://github.com/acceis/exploit-cve-2023-23752

Joomla! < 4.2.8 - Unauthenticated information disclosure

cve cve-2023-23752 exploit information-disclosure joomla vulnerability

Last synced: 06 Nov 2024

https://github.com/karthikuj/cve-2022-42889-text4shell-docker

Dockerized POC for CVE-2022-42889 Text4Shell

act4shell apache commons cve cve-2022-42889 poc text4shell

Last synced: 27 Oct 2024

https://github.com/p0dalirius/cve-2021-43008-adminerread

Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability

adminer bugbounty cve cve-2021-43008 exploit file hacking pentest read tool vulnerability

Last synced: 29 Oct 2024

https://github.com/AppThreat/vulnerability-db

Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers.

advisories cli cve database nvd purl sca vers vulnerability-database vulnerability-detection

Last synced: 14 Nov 2024

https://github.com/righel/ms-exchange-version-nse

Nmap script to detect a Microsoft Exchange instance version with OWA enabled.

cve cve-scanning microsoft-exchange nmap nmap-script nse proxyshell vulnerabilities

Last synced: 04 Aug 2024

https://github.com/wjlin0/CVE-2024-23897

CVE-2024-23897 - Jenkins 任意文件读取 利用工具

cve cve-2024-23897 jenkins

Last synced: 10 Sep 2024

https://github.com/PalindromeLabs/Java-Deserialization-CVEs

Compiled dataset of Java deserialization CVEs

cve deserialization java-deserialization security

Last synced: 04 Aug 2024

https://github.com/nextcloud/security-advisories

👮 Security advisories of Nextcloud

cve nextcloud security security-advisories

Last synced: 07 Oct 2024

https://github.com/mchmarny/vimp

Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures.

artifact container cve gcp grype registry snyk trivy vulnerability

Last synced: 08 Nov 2024

https://github.com/moloch--/cve-2016-1764

Extraction of iMessage Data via XSS

cve exploit imessage security vulnerability xss

Last synced: 08 Nov 2024

https://github.com/sloria/sphinx-issues

A Sphinx extension for linking to your project's issue tracker

changelog cve documentation github issues prs python sphinx sphinx-extension

Last synced: 14 Nov 2024

https://github.com/S1lkys/CVE-2020-15906

Writeup of CVE-2020-15906

cve cve-2020-15906 exploit exploitation

Last synced: 04 Aug 2024

https://github.com/prestascan/prestascansecurity

PrestaScan Security is a PrestaShop module allowing you to scan your PrestaShop website to identify malware and known vulnerabilities in PrestaShop core and modules.

cve prestashop prestashop-free-module prestashop-module security security-tools vulnerability-scanners

Last synced: 10 Oct 2024

https://github.com/stevespringett/vulndb-data-mirror

A simple Java command-line utility to mirror the entire contents of VulnDB.

appsec cve java sca software-composition-analysis software-security vulndb

Last synced: 08 Nov 2024

https://github.com/righel/log4shell_nse

nse script to inject jndi payloads

cve log4j log4shell nmap

Last synced: 23 Oct 2024

https://github.com/jgamblin/cvelk

Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data

cve epss nvd

Last synced: 11 Nov 2024

https://github.com/jacksongl/npm-vuln-poc

Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]

cve javascript node-js npm proof-of-concept security vulnerabilities

Last synced: 01 Nov 2024

https://github.com/Kira-Pgr/Github-CVE-Listener

无需服务器的GitHub实时漏洞利用工具监听器,目前支持微信/TG推送,中文版(https://github.com/Kira-Pgr/Github-CVE-Listener/blob/main/README_ZH.md)

cve github telegram-bot wechat

Last synced: 04 Aug 2024

https://github.com/lylemi/dom-vuln-db

A collection of Browser DOM Vulnerabilities with PoCs

browser browser-dom-vulnerabilities cve

Last synced: 03 Aug 2024

https://github.com/hackinghippo/log4shell_ioc_ips

log4j / log4shell IoCs from multiple sources put together in one big file (IPs) more coming soon (CVE-2021-44228)

cve cve-2021-44228 ioc list log4j log4shell shell4log

Last synced: 04 Aug 2024

https://github.com/jmousqueton/github-cve-monitor

Github action for monitoring CVE

cve cybersecurity github-actions python

Last synced: 10 Nov 2024

https://github.com/m3n0sd0n4ld/ucve

uCVE is a tool written in GO that allows to extract CVE's related to a specific software and version, obtaining a report in HTML format with the result and/or exporting it to the pentesting report.

cve go golang hacking-tool mitre nist report reporting vulnerabilities

Last synced: 13 Nov 2024

https://github.com/jgamblin/cve.icu

CVE.ICU code.

cve nvd vulnerabilities

Last synced: 11 Nov 2024

https://github.com/yuriisanin/CVE-2022-24342

PoC for CVE-2022-24342: account takeover via CSRF in GitHub authentication

csrf cve cve-2022-24342 exploit jetbrains teamcity vulnerability

Last synced: 23 Oct 2024

https://github.com/merrychap/poc-exploits

:unlock: Vulnerability Research and Proof of Concept exploits for various targets

cve exploit exploitation poc proof-of-concept pwn vulnerabilities vulnerability

Last synced: 12 Oct 2024

https://github.com/0x00-0x00/CVE-2018-1000001

glibc getcwd() local privilege escalation compiled binaries

2018 cve getcwd glibc privesc works

Last synced: 09 Nov 2024

https://github.com/err0r-ica/whatspayloadrce

Whatsapp Automatic Payload Generator [CVE-2019-11932]

cve exploit hacking hacking-tools linux payload termux whatsapp whatsapp-chat

Last synced: 14 Oct 2024

https://github.com/Josexv1/CVE-2022-27925

Zimbra CVE-2022-27925 PoC

cve cve-2022-27925 exploit poc zimbra

Last synced: 23 Oct 2024

https://github.com/r3dxpl0it/CVE-2018-4407

IOS/MAC Denial-Of-Service [POC/EXPLOIT FOR MASSIVE ATTACK TO IOS/MAC IN NETWORK]

attack blueteam cve cyber-security cybersecurity denial-of-service exploit hacking hacking-tool ios macos network penetration-testing poc redteam security

Last synced: 10 Nov 2024

https://github.com/hrbrmstr/cisa-known-exploited-vulns

Daily archiver & triage issue creator for new releases of CISA's Known Exploited Vulnerabilities list

archiver cisa cve cvss cwe exploited in-the-wild kev triage vulnerabilities vulnerability

Last synced: 11 Oct 2024

https://github.com/devmatic-it/debcvescan

Debian CVE Scanner is self-contained CVE scanner for DEBIAN distributions written in golang.

cve debian go golang security-scanner vulnerabilities

Last synced: 15 Nov 2024

https://github.com/mauricelambert/cve-2022-21907

CVE-2022-21907: detection, protection, exploitation and demonstration. Exploitation: Powershell, Python, Ruby, NMAP and Metasploit. Detection and protection: Powershell. Demonstration: Youtube.

bluescreen crash cve cve-2022-21907 denial-of-service detection dos exploit iis metasploit microsoft nmap payload powershell protection python3 ruby vulnerability webserver

Last synced: 14 Nov 2024

https://github.com/danielruf/snyk-js-jquery-174006

patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428

cve cve-2019-11358 cve-2019-5428 jquery patch snyk snyk-js-jquery-174006

Last synced: 11 Oct 2024

https://github.com/zapalm/prestashop-security-vulnerability-checker

PrestaShop security vulnerability checker for known vulnerabilities.

cve hacktoberfest php-library prestashop security vulnerability

Last synced: 10 Oct 2024

https://github.com/3ndg4me/cve-2020-3452-exploit

Just basic scanner abusing CVE-2020-3452 to enumerate the standard files accessible in the Web Directory of the CISCO ASA applicances.

bash cisco cve cve-2020-3452 exploit hacktoberfest shell vulnerability

Last synced: 29 Oct 2024

https://github.com/ElNiak/PANTHER

This tool presents a novel approach to bolstering network protocol verification by integrating the Shadow network simulator with the Ivy formal verification tool to check time properties. Furthermore, it extends Ivy’s capabilities with a dedicated time module, enabling the verification of complex quantitative-time properties.

apt cve docker docker-compose formal-methods formal-verification ivy protocol protocol-tester quic reproducible-research simulator test-automation testing testing-tools tests time-proof transport-layer-protocol

Last synced: 26 Sep 2024

https://github.com/0xdea/advisories

A collection of my public security advisories.

advisory cve vulnerability

Last synced: 29 Oct 2024

https://github.com/cedricbonhomme/freshermeat

An open source software directory and release tracker.

cve cve-search freshmeat release-tracking software-directory

Last synced: 06 Nov 2024

https://github.com/gwen001/detectify-cves

Find CVEs that don't have a Detectify modules.

bugbounty cve detectify pentesting scanner security-tools

Last synced: 09 Nov 2024

https://github.com/briandfoy/cpan-security-advisory

CPAN Security Advisory Database

cve data-pack perl security

Last synced: 14 Nov 2024

https://github.com/friends-of-presta/security-advisories

Security advisories of the FOP security team for prestashop

cve fop prestashop security

Last synced: 10 Oct 2024

https://github.com/oppsec/pwnfaces

😛 Primefaces 5.X EL Injection Exploit (CVE-2017-1000486)

cve cve-2017-1000486 elinjection exploit golang linux primefaces redteam

Last synced: 08 Nov 2024

https://github.com/danielruf/snyk-js-jquery-565129

patches for SNYK-JS-JQUERY-565129, SNYK-JS-JQUERY-567880, CVE-2020-1102, CVE-2020-11023, includes the patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428

cve cve-2019-11358 cve-2019-5428 cve-2020-11022 cve-2020-11023 jquery patch snyk snyk-js-jquery-174006 snyk-js-jquery-565129 snyk-js-jquery-567880

Last synced: 11 Oct 2024

https://github.com/geeknik/cve-fuzzing-poc

PoCs discovered through fuzzing which resulted in a CVE assignment.

cve fuzzing infosec poc security testcase

Last synced: 23 Oct 2024

https://github.com/blackarrowsec/advisories

Advisories and Proofs of Concept by BlackArrow

cve proof-of-concept security-advisories

Last synced: 08 Nov 2024

https://github.com/goncalor/cve-ark

All published CVE and their recent changes, ready to be used by humans and machines

cve security security-vulnerability

Last synced: 04 Aug 2024

https://github.com/briandfoy/cpan-audit

Check CPAN modules for known security vulnerabilities

cve perl perl-module perl-tool security security-audit

Last synced: 14 Oct 2024

https://github.com/stealthcopter/CVE-2020-28243

CVE-2020-28243 Local Privledge Escalation Exploit in SaltStack Minion

cve cve-2020-28243 privilege-escalation saltstack saltstack-minion

Last synced: 23 Oct 2024

https://github.com/stealthcopter/cve-2020-28243

CVE-2020-28243 Local Privledge Escalation Exploit in SaltStack Minion

cve cve-2020-28243 privilege-escalation saltstack saltstack-minion

Last synced: 10 Oct 2024

https://github.com/jakub-przepiora/ps-scan-prestashop-scanner

This tool serves as an initial version scanner specifically designed for PrestaShop, a popular e-commerce platform. The primary purpose of the scanner is to analyze PrestaShop instances for various aspects, such as module information, version details, and potential security vulnerabilities.

cve prestashop security security-tools

Last synced: 10 Oct 2024

https://github.com/CnHack3r/Penetration_PoC

FROM:@Mr-xn 渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

bypass cms-exploits cms-framework cobaltstrike cve exploit rce sql-scanner

Last synced: 23 Oct 2024

https://github.com/emo-crab/scap-rs

National Vulnerability Database (NVD) implemented by rust

actix-web cpe cve cvss cvssv3 cvssv4 cwe exploit nuclei-templates nvd rust scap yew

Last synced: 04 Aug 2024

https://github.com/maikuolan/vulnerability-charts

Some simple charts for listing CVSS by version for various packages.

charts cve cvss hhvm php phpmyadmin python vulnerabilities vulnerability

Last synced: 28 Oct 2024

https://github.com/r3drun3/cyberhall

🛡️ 🌐 🥷🏻 Everything CyberSecurity Related 🏴‍☠️ 👾 🕵🏾

ctf cve cybersecurity devsecops hacking infosec secops vapt

Last synced: 09 Nov 2024

https://github.com/infertux/sysechk

System Security Checker is a bundle of small shell scripts to assess your computer security.

cve cve-scanning security security-checker shell

Last synced: 31 Oct 2024