Topic: vulnerability Goto Github

👇 Here are 1584 public repositories matching this topic...

0x727 / springbootexploit
vulnerability,项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。
Organization: 0x727
spring springboot vul vulnerability exploit exp

0xmaximus / galaxy-bugbounty-checklist
vulnerability,Tips and Tutorials for Bug Bounty and also Penetration Tests.
User: 0xmaximus
bugbounty bug hackerone bugbountytricks bugbounty-tool bugbountytips bugbounty-reports bugbounty-checklist bugcrowd bugs

1n3 / blackwidow
vulnerability,A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
User: 1n3
Home Page: https://sn1persecurity.com
active application automated bugbounty csrf fuzzer lfi osint owasp passive python rce rfi scan scanner spider sqli vulnerability web xss

anchore / grype
vulnerability,A vulnerability scanner for container images and filesystems
Organization: anchore
containers security vulnerability docker golang go static-analysis container-image tool oci

anouarbensaad / vulnx
vulnerability,vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
User: anouarbensaad
crawler information-gathering cms-detector cloudflare-detection bot pentest wp-scanner auto-exploiter vulnerability hacking website-vulnerability-scanner security-tools vulnerability-assessment vulnerability-exploit vulnerability-detection shell-injection detects-vulnerabilities exploits dorks subdomains-gathering

aquasecurity / trivy
vulnerability,Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Organization: aquasecurity
Home Page: https://aquasecurity.github.io/trivy
security security-tools docker containers vulnerability-scanners vulnerability-detection vulnerability golang go kubernetes

az0x7 / vulnerability-checklist
vulnerability,This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
User: az0x7
bugbounty security sqlinjection vulnerability vulnerability-checklist web-vulnerability

bearer / bearer
vulnerability,Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Organization: bearer
Home Page: https://docs.bearer.com
appsec compliance devsecops devsecops-tools security security-tools dataflow gdpr privacy sast static-code-analysis vulnerability security-audit security-scanner vulnerabilities code-quality static-analysis security-automation owasp

bo0om / fuzz.txt
vulnerability,Potentially dangerous files
User: bo0om
Home Page: https://t.me/webpwn
list web vulnerability files fuzz dirbuster

bytedance / appshark
vulnerability,Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.
Organization: bytedance
android compliance static-analysis vulnerability

c0ny1 / vulstudy
vulnerability,使用docker快速搭建各大漏洞靶场，目前可以一键搭建17个靶场。
User: c0ny1
docker-image-builder vulnerability

chaitin / safeline
vulnerability,serve as a reverse proxy to protect your web services from attacks and exploits.
Organization: chaitin
Home Page: https://waf.chaitin.com
api-gateway application-security appsec blueteam bruteforce captcha cve cybersecurity firewall hackers http-flood security self-hosted sql-injection vulnerability waf web-application-firewall web-security websecurity xss

chaitin / xray
vulnerability,一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Organization: chaitin
Home Page: https://docs.xray.cool
passive-vulnerability-scanner poc security sqlinjection vulnerability vulnerability-scanner xss

daffainfo / allaboutbugbounty
vulnerability,All about bug bounty (bypasses, payloads, and etc)
User: daffainfo
bug bugbounty bugbountytips bypass hacking infosec payload payloads penetration-testing pentest reconnaissance security vulnerability

dolevf / damn-vulnerable-graphql-application
vulnerability,Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
User: dolevf
vulnerability graphql security penetration-testing damn-vulnerable damn-vulnerable-web-application graphql-security exploitation

edoardottt / awesome-hacker-search-engines
vulnerability,A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
User: edoardottt
Home Page: https://awesome-hacker-search-engines.com/
awesome awesome-list hacking search-engine osint awesome-lists dns hacking-tools exploit security

frohoff / ysoserial
vulnerability,A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
User: frohoff
Home Page: http://frohoff.github.io/appseccali-marshalling-pickles/
java deserialization gadget exploit javadeser jvm serialization poc vulnerability

goodwithtech / dockle
vulnerability,Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Organization: goodwithtech
Home Page: https://containers.goodwith.tech/
docker containers kubernetes security security-tools security-audit linter go golang vulnerability

google / osv.dev
vulnerability,Open source vulnerability DB and triage service.
Organization: google
Home Page: https://osv.dev
security security-tools vulnerability-scanners vulnerability-management vulnerability vulnerability-databases

greenbone / openvas-scanner
vulnerability,This repository contains the scanner component for Greenbone Community Edition.
Organization: greenbone
Home Page: https://greenbone.github.io/docs/
openvas vulnerability vulnerability-scanners vulnerability-detection vulnerability-assessment scanner vulnerability-management greenbone greenbone-vulnerability-management gvm

hacker0x01 / hacker101
vulnerability,Source code for Hacker101.com - a free online web and mobile security class.
Organization: hacker0x01
Home Page: https://www.hacker101.com
education hacking security hackerone hacker101 xss clickjacking csrf web-security session-fixation

hahwul / dalfox
vulnerability,🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
User: hahwul
Home Page: https://dalfox.hahwul.com
xss security bugbounty bugbounty-tool golang xss-scanner devsecops cicd-pipeline vulnerability xss-detection

hasecuritysolutions / vulnwhisperer
vulnerability,Create actionable data from your Vulnerability Scans
Organization: hasecuritysolutions
Home Page: https://twitter.com/VulnWhisperer
nessus elasticstack elasticsearch logstash vulnerability python qualys

hummerrisk / hummerrisk
vulnerability,HummerRisk 是云原生安全平台，包括混合云安全治理和云原生安全检测。
Organization: hummerrisk
Home Page: https://hummerrisk.com
cloud-custodian cloud-native prowler security sbom cloud-native-security cspm k8s-security kubernetes-security trivy

ihebski / a-red-teamer-diaries
vulnerability,RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
User: ihebski
pentesting redteam security-tools exploit active-directory vulnerability penetration-testing tools hacking script

infobyte / faraday
vulnerability,Open Source Vulnerability Management Platform
Organization: infobyte
Home Page: https://www.faradaysec.com
devops penetration-testing vulnerability vulnerability-scanners security security-audit pentesting continuous-scanning infosec vulnerability-management collaboration burpsuite nessus nmap devsecops security-automation orchestration cve appsec cybersecurity

infoslack / awesome-web-hacking
vulnerability,A list of web application security
User: infoslack
penetration-testing web-hacking vulnerabilities scanner hacking hacking-tools metasploit web-security appsec owasp

isafeblue / trackray
vulnerability,溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）
User: isafeblue
pentest vulnerability

jeffzh3ng / fuxi
vulnerability,Penetration Testing Platform
User: jeffzh3ng
security vulnerability pentest-tool penetration-testing

jweny / pocassist
vulnerability,傻瓜式漏洞PoC测试框架
User: jweny
Home Page: https://pocassist.jweny.top/
poc penetration-testing-poc vulnerability vulnerability-scanners security-tools security cve pocassist

kathanp19 / howtohunt
vulnerability,Collection of methodology and test case for various web vulnerabilities.
User: kathanp19
vulnerability tutorials bughunting-methodology bugbounty bugbountytips

landgrey / springbootvulexploit
vulnerability,SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list
User: landgrey
springboot springboot-actuator-rce rce spring-boot-vulnerability springcloud spring-vulnerability vulnerability spring-actuator-vulnerability

lifka / hacking-resources
vulnerability,Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.
User: lifka
ethicalhacking gathering hacker hacking malware network-monitoring osint powershell social-engineering tools vulnerability

lukechilds / reverse-shell
vulnerability,Reverse Shell as a Service
User: lukechilds
Home Page: https://reverse-shell.sh
reverse-shell exploit vulnerability pentesting joke prank microservice

ncsc-nl / log4shell
vulnerability,Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
Organization: ncsc-nl
cve-2021-44228 log4j cve-2021-45046 cve-2021-45105 log4shell vulnerability cve-2021-4104

nomi-sec / poc-in-github
vulnerability,📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
Organization: nomi-sec
Home Page: https://poc-in-github.motikan2010.net
security cve exploit poc vulnerability

payloadbox / command-injection-payload-list
vulnerability,🎯 Command Injection Payload List
Organization: payloadbox
Home Page: https://ismailtasdelen.medium.com
command-injection injection security-vulnerability vulnerability payload-list payload os-injection command os unix

quark-engine / quark-engine
vulnerability,Dig Vulnerabilities in the BlackBox
Organization: quark-engine
Home Page: https://doc.quark-engine.com
android blackbox blackbox-testing blackhat defcon security-vulnerability-assessment vulnerability

s4n7h0 / xvwa
vulnerability,XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
User: s4n7h0
xvwa php application-security learning-appsec vulnerability knowledge mysql

scipag / vulscan
vulnerability,Advanced vulnerability scanning with Nmap NSE
Organization: scipag
Home Page: https://www.computec.ch/projekte/vulscan/
vulnerability vulnerability-scanners vulnerability-detection vulnerability-identification vulnerability-assessment security security-audit security-scanner penetration-testing nmap

swisskyrepo / payloadsallthethings
vulnerability,A list of useful payloads and bypass for Web Application Security and Pentest/CTF
User: swisskyrepo
Home Page: https://swisskyrepo.github.io/PayloadsAllTheThings/
bounty bugbounty bypass cheatsheet enumeration hacking hacktoberfest methodology payload payloads penetration-testing pentest privilege-escalation redteam security vulnerability web-application

swisskyrepo / ssrfmap
vulnerability,Automatic SSRF fuzzer and exploitation tool
User: swisskyrepo
ctf exploitation hacktoberfest pentest server-side-request-forgery ssrf ssrfmap vulnerability

the-art-of-hacking / h4cker
vulnerability,This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
Organization: the-art-of-hacking
Home Page: https://hackerrepo.org
ai ai-security artificial-intelligence awesome-list awesome-lists cybersecurity ethical-hacking exploit exploit-development exploits hacker hackers hacking hacking-series penetration-testing training vulnerability vulnerability-assessment vulnerability-identification vulnerability-management

threekiii / vulnerability-wiki
vulnerability,基于 docsify 快速部署 Awesome-POC 中的漏洞文档
User: threekiii
cve docker docsify vulnerability wiki

trickest / cve
vulnerability,Gather and update all available and newest CVEs with their PoC.
Organization: trickest
Home Page: https://trickest.com
poc cve cve-poc latest-cve vulnerability vulnerabilities software-vulnerabilities software-security exploit security

tunz / js-vuln-db
vulnerability,A collection of JavaScript engine CVEs with PoCs
User: tunz
javascript cve vulnerability

v3n0m-scanner / v3n0m-scanner
vulnerability,Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Organization: v3n0m-scanner
python3 asyncio lfi sqli xss scanner metasploit blackarch cloudflare hacking

voorivex / pentest-guide
vulnerability,Penetration tests guide based on OWASP including test cases, resources and examples.
User: voorivex
bugbounty bypass owasp-tests payload penetration-testing pentest vulnerability writeup

zema1 / watchvuln
vulnerability,一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it
User: zema1
dingding-bot vulnerability vulnerability-analysis lark-bot wecom-bot

zhzyker / exphub
vulnerability,Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
User: zhzyker
weblogic tomcat exploit poc vulnerability exp webshell drupal getshell nexus