Build software better, together

Mr-xn / Penetration_Testing_POC

Star

有关渗透测试的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Updated Aug 1, 2021
PowerShell

Medicean / VulApps

Star

快速搭建各种漏洞环境(Various vulnerability environment)

docker struts vulnerabilities cve vulnhub

Updated Oct 27, 2020
Shell

infobyte / faraday

Star

Collaborative Penetration Test and Vulnerability Management Platform

security devops chatops security-audit collaboration orchestration nmap penetration-testing vulnerability infosec pentesting collaborative cve nessus vulnerability-management vulnerability-scanners burpsuite security-automation devsecops continuous-scanning

Updated Jul 2, 2021
Python

qazbnm456 / awesome-cve-poc

Sponsor Star

✍️ A curated list of CVE PoCs.

awesome poc cve

Updated Feb 9, 2021

tunz / js-vuln-db

Star

A collection of JavaScript engine CVEs with PoCs

javascript vulnerability cve

Updated Sep 3, 2019

mai-lang-chai / Middleware-Vulnerability-detection

Star

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

python poc cve exp

Updated Jul 27, 2021
Python

cve-search / cve-search

Star

cve-search - a tool to perform local searches for known vulnerabilities

vulnerabilities cve cpe vulnerability-detection cve-scanning vulnerability-assessment common-vulnerabilities cve-search cve-databases cve-entries

Updated Jul 26, 2021
Python

zhzyker / vulmap

Star

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

Updated Apr 16, 2021
Python

Ascotbe / Kernelhub

Star

🌴Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (Windows提权漏洞合集)

exploits cve cve-2020-0668 cve-2020-0796 cve-2020-0787 cve-2020-1337 cve-2020-1472 cve-2020-16898 cve-2020-16938 cve-2020-17087 cve-2021-1732 cve-2020-1054 cve-2020-1313 cve-2021-33739 cve-2021-26868

Updated Jul 10, 2021
C

TH3xACE / SUDO_KILLER

Star

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

sudo exploits ctf cve pentest privilege-escalation oscp pentest-tool linux-exploits oscp-journey misconfiguration oscp-tools oscp-prep sudo-exploitation abuse-sudo

Updated May 30, 2021
Shell

nixawk / labs

Star

Vulnerability Labs for security analysis

security exploit vulnerability cve

Updated Mar 10, 2021
Python

Ascotbe / Medusa

Star

🐈Medusa是一个红队武器库平台，目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG等功能，持续开发中

Updated Jul 28, 2021
JavaScript

PeiQi0 / PeiQi-WIKI-POC

Star

鹿不在侧，鲸不予游🐋

poc cve exp 1day cnvd oday peiqi-wiki

Updated Jul 4, 2021
HTML

toolswatch / vFeed

Star

The Correlated CVE Vulnerability And Threat Intelligence Database API

python threat exploits vulnerability scap vulnerability-databases threatintel cve oval vulnerability-detection vulnerability-identification vulnerability-scanners cwe capec intelligence-gathering threat-intelligence vulnerability-database-entry threat-intelligence-database vfeed common-vulnerability-exposure

Updated May 28, 2021
Python

opencve / opencve

Star

Open

A 500 error is raised when user change the object ID during subscription

2

ncrocfer commented Jul 13, 2021

Expected Behavior

Handle a bad object ID.

Actual Behavior

If a user changes the ID of a vendor or a product ID during subscription a 500 response is raised.

Steps to Reproduce the Problem

list the CVEs of a vendor or a product
open the browser inspector
change the ID of the vendor or product
click on the subscribe button

Specifications

OpenCVE ve

jweny / pocassist

Star

全新的开源漏洞测试框架，实现poc在线编辑、运行、批量测试。使用文档：

security poc vulnerability cve vulnerability-scanners security-tools penetration-testing-poc pocassist

Updated Jul 21, 2021
Go

fs0c131y / ESFileExplorerOpenPortVuln

Star

ES File Explorer Open Port Vulnerability - CVE-2019-6447

vulnerability infosec cve cve-2019-6447

Updated Jan 22, 2019
Python

gobysec / Goby

Star

Open

错误反馈

6

gobysec commented May 2, 2021

提供使用的版本及系统
提供必要的操作环境、错误信息、期待的结果
提供必要的截图或代码等细节
鼓励使用标签

提交问题行为准则

Metnew / uxss-db

Star

🔪Browser logic vulnerabilities ☠️

javascript security browser xss vulnerability cve

Updated Jan 23, 2021
HTML

Coalfire-Research / java-deserialization-exploits

Star

A collection of curated Java Deserialization Exploits

java exploits cve deserialization-rce

Updated May 16, 2021
Python

unamer / CVE-2018-8120

Star

CVE-2018-8120 Windows LPE exploit

exploit cve cve-2018-8210

Updated May 30, 2018
C++

nsacyber / Hardware-and-Firmware-Security-Guidance

Star

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

audit vulnerability cve nessus spectre guidance meltdown cve-2017-5754 cve-2017-5715 cve-2017-5753 cve-2018-3640 cve-2018-3639 cve-2018-3693 cve-2018-3665

Updated Jul 19, 2021
C

m0nad / HellRaiser

Star

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

ruby rails security security-audit network scanner hacking nmap cve network-analysis vulnerability-detection cve-scanning hacking-tool vulnerability-scanners vulnerability-assessment security-tools

Updated Jul 30, 2021
Ruby

nluedtke / linux_kernel_cves

Star

Tracking CVEs for the linux Kernel

tracker linux security-audit linux-kernel security-vulnerability cve tracking-cves linux-security

Updated Jul 28, 2021
Vue

SabyasachiRana / WebMap

Star

WebMap-Nmap Web Dashboard and Reporting

cybersecurity nmap infosec cve webmap

Updated Jan 5, 2021
Python

ucsb-seclab / BootStomp

Star

BootStomp: a bootloader vulnerability finder

android bootloader binary-analysis cve vulnerability-detection decompilation

Updated Sep 28, 2018
Python

adamyordan / cve-2019-1003000-jenkins-rce-poc

Star

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

jenkins groovy security exploit poc rce cve information-security cve-2019-1003000 security-1266

Updated Apr 1, 2019
JavaScript

cloudtracer / ThreatPinchLookup

Star

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Updated Sep 8, 2018
HTML

intel / cve-bin-tool

Star

Open

Add flake8 to CI

3

Molkree commented Jul 24, 2021

I propose to add flake8 to the CI. Seems like some already use it (myself included).
Running flake8 . --statistics yields:

5     E265 block comment should start with '# '
6     E266 too many leading '#' for block comment
1     E711 comparison to None should be 'if cond is not None:'
2     E712 comparison to True should be 'if cond is

php security risk scans cve

Updated Nov 21, 2019
PHP

cve

Here are 420 public repositories matching this topic...

Mr-xn / Penetration_Testing_POC

Medicean / VulApps

infobyte / faraday

qazbnm456 / awesome-cve-poc

tunz / js-vuln-db

mai-lang-chai / Middleware-Vulnerability-detection

cve-search / cve-search

zhzyker / vulmap

Ascotbe / Kernelhub

TH3xACE / SUDO_KILLER

nixawk / labs

Ascotbe / Medusa

PeiQi0 / PeiQi-WIKI-POC

toolswatch / vFeed

opencve / opencve

A 500 error is raised when user change the object ID during subscription

Expected Behavior

Actual Behavior

Steps to Reproduce the Problem

Specifications

jweny / pocassist

fs0c131y / ESFileExplorerOpenPortVuln

gobysec / Goby

错误反馈

提交问题行为准则

Metnew / uxss-db

Coalfire-Research / java-deserialization-exploits

unamer / CVE-2018-8120

nsacyber / Hardware-and-Firmware-Security-Guidance

m0nad / HellRaiser

nluedtke / linux_kernel_cves

SabyasachiRana / WebMap

ucsb-seclab / BootStomp

adamyordan / cve-2019-1003000-jenkins-rce-poc

cloudtracer / ThreatPinchLookup

intel / cve-bin-tool

Add flake8 to CI

Improve checker lists in documentation

Remove vestigial/no longer needed pylint disable directives

psecio / versionscan

Improve this page

Add this topic to your repo