#

vulnerability

Here are 743 public repositories matching this topic...

PayloadsAllTheThings

swisskyrepo / PayloadsAllTheThings

Sponsor Star

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

security hacking web-application cheatsheet enumeration penetration-testing bounty vulnerability methodology bugbounty pentest bypass payload payloads hacktoberfest privilege-escalation redteam

Updated Jul 27, 2021
Python

Hacker0x01 / hacker101

Star

Source code for Hacker101.com - a free online web and mobile security class.

education security hacking xss sql-injection vulnerability csrf web-security mobile-security clickjacking hackerone session-fixation hacker101 unchecked-redirects

Updated Jul 27, 2021
SCSS

The-Art-of-Hacking / h4cker

Star

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

training exploit hackers hacking cybersecurity penetration-testing exploits vulnerability awesome-list video-course hacker vulnerability-management vulnerability-identification vulnerability-scanners vulnerability-assessment ethical-hacking awesome-lists exploit-development ethicalhacking hacking-series

Updated Jul 27, 2021
Python

aquasecurity / trivy

Star

Open

feat(ruby): support gemspec

3

knqyf263 commented Oct 19, 2020

Currently, Trivy traverses all paths and looks for all Gemfile.lock in a container image. However, the image sometimes has only Gemfile.lock and doesn't install gems listed in the Gemfile.lock. I think a gem should have *.gemspec file if it is installed. e.g. rake.gemspec has the information about rake.

To avoid false positives from Gemfile.lock, we are probably able to take advantage of `*

Read more

good first issue help wanted kind/feature lifecycle/frozen

Open

Prometheus Metrics Endpoint

15

xray

chaitin / xray

Star

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

security xss poc vulnerability passive-vulnerability-scanner sqlinjection vulnerability-scanner

Updated Jul 27, 2021
Vue

frohoff / ysoserial

Star

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

java serialization exploit jvm deserialization gadget poc vulnerability javadeser

Updated Jul 11, 2021
Java

infobyte / faraday

Star

Collaborative Penetration Test and Vulnerability Management Platform

security devops chatops security-audit collaboration orchestration nmap penetration-testing vulnerability infosec pentesting collaborative cve nessus vulnerability-management vulnerability-scanners burpsuite security-automation devsecops continuous-scanning

Updated Jul 2, 2021
Python

zhzyker / exphub

Star

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

drupal exploit nexus tomcat poc vulnerability webshell exp weblogic getshell cve-2020-1938 cve-2020-2551 cve-2020-2555 cve-2020-10199 cve-2020-10204 cve-2020-2883 cve-2020-11444 cve-2020-5902 cve-2020-14882

Updated Apr 4, 2021
Python

KathanP19 / HowToHunt

Star

Tutorials and Things to Do while Hunting Vulnerability.

tutorials vulnerability bugbounty bugbountytips bughunting-methodology

Updated Jul 12, 2021

LandGrey / SpringBootVulExploit

Star

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

rce vulnerability springboot springcloud springboot-actuator-rce spring-boot-vulnerability spring-vulnerability spring-actuator-vulnerability

Updated Mar 10, 2021
Java

scipag / vulscan

Star

Advanced vulnerability scanning with Nmap NSE

security security-audit lua exploit lua-script nmap penetration-testing vulnerability vulnerability-databases vulnerability-detection nse vulnerability-identification vulnerability-scanners security-scanner vulnerability-assessment nmap-scripts nsescript nmap-scan-script vulnerability-scanning vulnerability-database-entry

Updated Jun 13, 2021
Lua

tunz / js-vuln-db

Star

A collection of JavaScript engine CVEs with PoCs

javascript vulnerability cve

Updated Sep 3, 2019

goodwithtech / dockle

Star

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

go docker kubernetes golang security security-audit containers linter vulnerability security-tools

Updated Jul 21, 2021
Go

s4n7h0 / xvwa

Star

XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.

mysql php knowledge vulnerability application-security xvwa learning-appsec

Updated Sep 12, 2020
PHP

pentest-guide

Voorivex / pentest-guide

Star

Penetration tests guide based on OWASP including test cases, resources and examples.

penetration-testing vulnerability bugbounty pentest bypass payload writeup owasp-tests

Updated Apr 23, 2021

swisskyrepo / SSRFmap

Sponsor Star

Automatic SSRF fuzzer and exploitation tool

vulnerability ctf pentest exploitation hacktoberfest ssrf server-side-request-forgery ssrfmap

Updated Jul 16, 2021
Python

iSafeBlue / TrackRay

Star

溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）

vulnerability pentest

Updated Jan 5, 2021
Java

Bo0oM / fuzz.txt

Star

Potentially dangerous files

files list web vulnerability fuzz dirbuster

Updated Jul 8, 2021

c0ny1 / vulstudy

Star

使用docker快速搭建各大漏洞靶场，目前可以一键搭建17个靶场。

vulnerability docker-image-builder

Updated Mar 25, 2020
Shell

lukechilds / reverse-shell

Sponsor Star

Reverse Shell as a Service

microservice reverse-shell exploit prank joke vulnerability pentesting

Updated Oct 20, 2020
JavaScript

anouarbensaad / vulnx

Star

vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.

bot crawler hacking exploits vulnerability pentest vulnerability-detection vulnerability-assessment information-gathering security-tools cms-detector cloudflare-detection shell-injection vulnerability-exploit website-vulnerability-scanner wp-scanner auto-exploiter dorks detects-vulnerabilities subdomains-gathering

Updated Apr 16, 2021
Python

greenbone / openvas-scanner

Star

This repository contains the scanner component for Greenbone Vulnerability Management (GVM). If you are looking for the whole OpenVAS framework please take a look at https://community.greenbone.net/t/frequently-asked-questions-faq/5558.

scanner vulnerability openvas vulnerability-detection vulnerability-management vulnerability-scanners vulnerability-assessment gvm greenbone greenbone-vulnerability-management openvas-scanner

Updated Jul 27, 2021
C

Lifka / hacking-resources

Star

Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.

osint tools powershell malware hacking network-monitoring vulnerability hacker gathering social-engineering ethicalhacking

Updated Jun 27, 2021

HASecuritySolutions / VulnWhisperer

Star

Create actionable data from your Vulnerability Scans

python elasticsearch elasticstack logstash vulnerability qualys nessus

Updated Mar 31, 2021
Python

jeffzh3ng / fuxi

Star

Penetration Testing Platform

security penetration-testing vulnerability pentest-tool

Updated May 6, 2021
Python

nixawk / labs

Star

Vulnerability Labs for security analysis

security exploit vulnerability cve

Updated Mar 10, 2021
Python

1N3 / BlackWidow

Star

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Updated Jul 12, 2021
Python

WhitewidowScanner / whitewidow

Star

SQL Vulnerability Scanner

sqli vulnerability vulnerability-scanners sql-vulnerability-scanner

Updated Jan 11, 2018
Ruby

v3n0m-Scanner / V3n0M-Scanner

Star

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Updated Jul 24, 2021
Python

toolswatch / vFeed

Star

The Correlated CVE Vulnerability And Threat Intelligence Database API

python threat exploits vulnerability scap vulnerability-databases threatintel cve oval vulnerability-detection vulnerability-identification vulnerability-scanners cwe capec intelligence-gathering threat-intelligence vulnerability-database-entry threat-intelligence-database vfeed common-vulnerability-exposure

Updated May 28, 2021
Python

Improve this page

Add a description, image, and links to the vulnerability topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the vulnerability topic, visit your repo's landing page and select "manage topics."