cve

There are 112 repositories under cve topic.

• edoardottt / awesome-hacker-search-engines

  A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

  awesomeawesome-listawesome-listsbugbountycvednsexploithackinghacking-toolshacktoberfestosintosint-toolredteamredteamingsearch-enginesecuritysecurity-toolsvulnerabilitiesvulnerabilitywifi-network
  Language:Shell 6726

• Mr-xn / Penetration_Testing_POC

  渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

  authentication-bypassbypasscobalt-strikecsrfcsrf-webshellcvecve-cmsexploitgetshelloa-getshellpenetration-testingpenetration-testing-pocphp-bypasspocpoc-exprcesql-getshellsql-pocthinkphp
  Language:HTML 6174

• trickest / cve

  Gather and update all available and newest CVEs with their PoC.

  poccvecve-poclatest-cvevulnerabilityvulnerabilitiessoftware-vulnerabilitiessoftware-securityexploitsecurityinfosechackingpentestingpenetration-testingred-teamsecurity-toolssoftware-vulnerability
  Language:HTML 6107

• nomi-sec / PoC-in-GitHub

  📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

  securitycveexploitpocvulnerability
  5988

• infobyte / faraday

  Open Source Vulnerability Management Platform

  devopspenetration-testingvulnerabilityvulnerability-scannerssecuritysecurity-auditpentestingcontinuous-scanninginfosecvulnerability-managementcollaborationburpsuitenessusnmapdevsecopssecurity-automationorchestrationcveappseccybersecurity
  Language:Python 4634

• Medicean / VulApps

  快速搭建各种漏洞环境(Various vulnerability environment)

  vulnerabilitiesdockerstrutsvulnhubcve
  Language:Shell 3668

• PeiQi0 / PeiQi-WIKI-Book

  面向网络安全从业者的知识文库🍃

  cve1day0dayvulnredteampeiqi-wiki
  3504

• zhzyker / vulmap

  Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

  exploitcvercevulnerabilitiescve-2016-4437securitysecurity-toolspentestingpentest-toolcve-2020-14882cve-2020-2555cve-2020-2883scannercve-2020-13942cve-2020-17518cve-2021-21972cve-2021-26855cve-2021-27065cve-2021-21975cve-2021-3129
  Language:Python 3280

• qazbnm456 / awesome-cve-poc

  ✍️ A curated list of CVE PoCs.

  awesomecvepoc
  3235

• OWASP / Nettacker

  Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

  pythonpenetration-testingpenetration-testing-frameworkowaspautomationportscannervulnerability-scannersinformation-gatheringnetwork-analysisbruteforcesecuritysecurity-toolsscannerpentestingcvecveshacking-toolspentesting-toolsvulnerability-scannervulnerability-management
  Language:Python 2976

• Ascotbe / Kernelhub

  :palm_tree:Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)

  exploitscvecve-2021-33739cve-2021-26868cve-2021-36934cve-2021-40444cve-2021-40449cve-2021-42287cve-2021-42278cve-2021-34486pentestkernelwindowstoolcve-2022-21882cve-2022-26937cve-2022-30206cve-2022-33679cve-2022-34718linux
  Language:C 2835

• tunz / js-vuln-db

  A collection of JavaScript engine CVEs with PoCs

  javascriptcvevulnerability
  2261

• cve-search / cve-search

  cve-search - a tool to perform local searches for known vulnerabilities

  cve-searchcommon-vulnerabilitiescpecve-databasesvulnerabilitiesvulnerability-detectionvulnerability-assessmentcvecve-scanningcve-entries
  Language:Python 2205

• tr0uble-mAker / POC-bomber

  利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点

  cveexpgetshellpocpoc-bomberrceredteamvulnerability-scanner
  Language:Python 2127

• Ascotbe / Medusa

  :cat2:Medusa是一个红队武器库平台，目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能，持续开发中

  pocexppayloadmedusacvexssreadteamdnslogvirusemailcobaltstrikemetasploit-frameworkmail
  Language:Python 2100
• SUDO_KILLER

  TH3xACE / SUDO_KILLER

  A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.

  abuse-sudoctfcveexploitslinux-exploitsmisconfigurationoscposcp-journeyoscp-preposcp-toolspentestpentest-toolprivilege-escalationsudosudo-exploitation
  Language:Shell 2097

• Notselwyn / CVE-2024-1086

  Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

  cvecve-2024-1086exploitlpepoc
  Language:C 1916

• opencve / opencve

  CVE Alerting Platform

  cvesecurityvulnerabilitiessecurity-toolsnvdpython
  Language:Python 1634

• Threekiii / Vulnerability-Wiki

  基于 docsify 部署，目前漏洞数量 1000+

  dockerdocsifyvulnerabilitywikicve
  Language:HTML 1509

• jweny / pocassist

  傻瓜式漏洞PoC测试框架

  pocpenetration-testing-pocvulnerabilityvulnerability-scannerssecurity-toolssecuritycvepocassist
  Language:Go 1395

• gobysec / Goby

  Attack surface mapping

  vulnerability-researchscan-toolsecuritysecurity-toolshackingnetworkingportscanningcveexppentestingexploitred-teamproxyshellcve-2023-22527cve-2024-0204cve-2024-20931cve-2024-21887cve-2024-21893cve-2024-23897cve-2024-25600
  1339

• mufeedvh / moonwalk

  Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.

  cveexploitexploitationinfosecinfosectoolslinuxprivilege-escalationred-teamingredteamredteam-toolssecuritysecurity-tools
  Language:Rust 1301

• nixawk / labs

  Vulnerability Labs for security analysis

  cvevulnerabilitysecurityexploit
  Language:Python 1142

• intel / cve-bin-tool

  The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

  cvesecurityhacktoberfestvulnerabilitiescvssswreposystem-toolsdevsecopssecurity-automationsecurity-toolspythonsbomvulnerabilitysbom-tool
  Language:Python 1082

• arthepsy / CVE-2021-4034

  PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)

  cvecve-2021-4034poc
  Language:C 1022

• Puliczek / CVE-2021-44228-PoC-log4j-bypass-words

  🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

  bugbounttipsbugbountybugbounty-writeupscvecve-2021-44228cve-2021-45046cve-2021-45105cybersecurityexploithackinglog4jpayloadpentestpentestingpocred-teamsecuritysecurity-writeupswriteups
  Language:Java 925

• toolswatch / vFeed

  The Correlated CVE Vulnerability And Threat Intelligence Database API

  cveovalthreat-intelligence-databasepythonvfeedcwecapecscapvulnerability-databasesvulnerability-detectionvulnerability-database-entryvulnerability-identificationthreatintelligence-gatheringexploitsvulnerabilityvulnerability-scannerscommon-vulnerability-exposurethreat-intelligencethreatintel
  Language:Python 923

• SabyasachiRana / WebMap

  WebMap-Nmap Web Dashboard and Reporting

  webmapnmapcveinfoseccybersecurity
  Language:Python 899

• ycdxsb / PocOrExp_in_Github

  聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

  cveexploitpocvulnerabilities
  Language:Python 828

• b1tg / CVE-2023-38831-winrar-exploit

  CVE-2023-38831 winrar exploit generator

  0dayexploitcve
  Language:Python 768

• nsacyber / Hardware-and-Firmware-Security-Guidance

  Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

  vulnerabilityguidancespectremeltdownnessusauditcvecve-2017-5753cve-2017-5754cve-2017-5715cve-2018-3639cve-2018-3640cve-2018-3665cve-2018-3693
  Language:C 741

• bigblackhat / oFx

  漏洞批量验证框架

  cveexploitpocscannerverify-frameworkvulnerabilityvulnerability-scanners
  Language:Python 738

• nluedtke / linux_kernel_cves

  Tracking CVEs for the linux Kernel

  cvelinux-kerneltracking-cvessecurity-vulnerabilitytrackersecurity-auditlinuxlinux-security
  Language:Vue 724

• owasp-dep-scan / dep-scan

  OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

  vulnerability-scannerscvedependency-analysisrisk-auditcontainerssbomscadependency-auditcompliancecyclonedxdevsecopssecurity-auditsecurity-toolsvexreachability-analysissupply-chain-security
  Language:Python 718

• StarCrossPortal / scalpel

  scalpel是一款命令行漏洞扫描工具，支持深度参数注入，拥有一个强大的数据解析和变异算法，可以将常见的数据格式（json, xml, form等）解析为树结构，然后根据poc中的规则，对树进行变异，包括对叶子节点和树结构 的变异。变异完成之后，将树结构还原为原始的数据格式。

  cveexploitspocvulnerabilitiesvulnerabilityfuzzingscanner
  716

• topscoder / nuclei-wordfence-cve

  You just found a hidden gem 💎 This repo contains a massive amount (10,000+) of WordPress related Nuclei templates. Updated daily!

  cvenucleinuclei-templateswordfencebugbountyexploitsprojectdiscoverysecuritywordpress
  Language:Python 709