security-research

There are 20 repositories under security-research topic.

payloadbox / sql-injection-payload-list
🎯 SQL Injection Payload List
attacker bugbounty hacking injection injection-attacks injection-payloads owasp-top-10 payload payloads security-research sql-inject sql-injection sql-injection-attack sql-injection-attacks sql-injection-exploitation sql-injection-filterer sql-injection-payloads sql-injection-proof sql-injections websecurity
5976
payloadbox / command-injection-payload-list
🎯 Command Injection Payload List
command-injection injection security-vulnerability vulnerability payload-list payload os-injection command os unix linux windows macos application application-security bugbounty security security-research vulnerability-research security-testing
3606
PentestPad / subzy
Subdomain takeover vulnerability checker
cybersecurity bugbounty security-vulnerability subdomain-takeover security-research
Language:Go 1421
sergey-pronin / Awesome-Vulnerability-Research
🦄 A curated list of the awesome resources about the Vulnerability Research
awesome awesome-list vulnerability-research curated reading-list fuzzing exploit-development security-research
1278
diodb
disclose / diodb
Open-source vulnerability disclosure and bug bounty program database
security-research safe-harbor-framework responsible-disclosure vulnerability-disclosure disclosure-policy simplicity legal safety bug-bounty hackers bug-bounty-hunters data
Language:Python 1036
BishopFox / h2csmuggler
HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
infosec security-tools bugbounty security-research
Language:Python 759
payloadbox / rfi-lfi-payload-list
🎯 RFI/LFI Payload List
rfi lfi rfi-exploiton lfi-exploitation lfi-vulnerability rfi-vulnerabillity websecurity appsec application-security web-application-security payload payloads payload-list bugbounty bug-bounty security security-research security-researcher security-researchers web-hacking
628
LockGit / Hacking
Hacker, ready for more of our story ! 🚀
hack attack geek cracker poc hacking tools hacker hacking-tool attacker attacks security-vulnerability scanner vulnerability vulnerabilities vulnerability-scanners security security-research tool
Language:Python 577
shodansploit / shodansploit
🔎 shodansploit > v1.3.0
shodan shodan-api shodan-cli shodan-scripts shodan-tool shodan-tools shodan-client shodan-python python-shodan security security-tools security-testing intelligence python-script shodansploit security-research security-scanner security-automation
Language:Python 536
security-cheatsheet / metasploit-cheat-sheet
Metasploit Cheat Sheet 💣
metasploit metasploit-framework metasploit-cheat-sheet security security-cheat-sheets exploit metasploit-framework-database metasploit-database exploitation-framework security-research security-testing rapid7 meterpreter msfvenom payload
457
ossf / fuzz-introspector
Fuzz Introspector -- introspect, extend and optimise fuzzers
fuzzing security testing vulnerability-analysis fuzz-testing security-research
Language:Python 431
rarecoil / pantagrule
large hashcat rulesets generated from real-world compromised passwords
hashcat hashcat-rules password-cracking security-research passwords
399
security-checklist / php-security-check-list
PHP Security Check List [ EN ] 🌋 ☣️
php php-library php-framework security security-audit checklist security-checklist php-security php-security-checker webapplication web-application-security bugbounty security-research security-researcher web-application web-application-framework security-testing
296
chebuya / sastsweep
tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such as popularity and project size
cli owasp sast security-audit security-research security-scanner static-code-analysis vulnerability-research semgrep vulnerability-scanners
Language:Go 234
lawndoc / jaws
Jaws is an invisible programming language! Inject invisible code into other languages and files! Created for security research -- see blog post
c-programming compiler flex-bison interpreted-programming-language interpreter malware-research polyglot programming-language security-research virtual-machine
Language:C 234
systrack
mebeim / systrack
📡🐧 Linux kernel syscall implementation tracker
linux linux-kernel security-research syscall syscall-table syscalls abi automation binary-analysis elf kconfig
Language:Python 230
linux-syscalls
mebeim / linux-syscalls
🌐🐧 Browsable Linux kernel syscall tables built with Systrack (https://github.com/mebeim/systrack)
linux linux-kernel security-research security-tools syscall-table syscalls
Language:JavaScript 203
GaloisInc / MATE
MATE is a suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++ code using Code Property Graphs.
code-property-graph llvm program-analysis security security-research static-analysis symbolic-execution
Language:Python 196
lololosys / awesome-baseband-research
A curated list of awesome baseband research resources
shannon baseband vulnerability security-research
174
AnonKryptiQuz / Injectra
Injectra is a Python-based tool for injecting custom payloads into various file types using their magic numbers. It supports file types like zip, rar, docx, jpg, and more, allowing for customizable payloads. It ensures seamless payload injection while maintaining the integrity of the original file.
anonymous cybersecurity ethical-hacking file-injection file-manipulation hacking magic-numbers malware-analysis payload-injection penetration-testing python security-research
Language:Python 140
fierceoj / ShonyDanza
A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
shodan shodan-api shodan-python reconnaissance red-team blue-team purple-team scanning information-gathering shonydanza pre-configure exploits vulnerability-identification vulnerability-detection malware-identification malware-detection pentesting penetration-testing security-tools security-research
Language:Python 121
notemrovsky / tiktok-reverse-engineering
Reverse engineering TikTok's JavaScript VM - 77 opcodes mapped, string deobfuscation, bytecode disassembly, and crypto function identification. Educational VM analysis toolkit.
anti-bot bytecode deobfuscation devirtualization disassembly educational javascript opcodes protection-bypass research-tool reverse-engineering reverse-engineering-tools security-research stack-machine static-analysis tiktok virtual-machine x-bogus vm-analysis
Language:JavaScript 97
nmggithub / Kass
Kass: A security research tool.
reverse-engineering security-research swift
Language:Swift 96
mirchr / security-research
Security Research
vulnerabilities exploit-code security-research
Language:Shell 94
Pa55w0rd / google-hacking-assistant
🔍 Chrome扩展，为安全研究和渗透测试提供Google/百度/Bing高级搜索语法快捷执行。一键Dorking、批量提取URL、智能过滤黑名单，大幅提升信息收集效率。 🔍 Chrome extension for security research and penetration testing. One-click advanced search (Dorking) on Google/Baidu/Bing, bulk URL extraction, smart blacklist filtering. Boost OSINT efficiency.
chrome-extension google-hacking penetration-testing security-research security-tools baidu-hacking search-hacking bug-bounty cybersecurity dorking information-gathering osint security-automation vulnerability-research web-security hacking-tool
Language:TypeScript 90
dyjakan / interpreter-bugs
Fuzzing results for various interpreters.
fuzzing bugs vulnerabilities security python ruby php hhvm interpreter security-research
Language:Ruby 82
Chocapikk / CVE-2023-4966
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.
citrix exploit exploitation infosec memory-leak netscaler network-security open-source pentesting python security security-research session-tokens vulnerability cve-2023-4966
Language:Python 79
Chocapikk / CVE-2023-6553
Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution
cve cybersecurity exploit hacking infosec php python rce security security-research vulnerability wordpress cve-2023-6553
Language:Python 77
lololosys / awesome_cisco_exploitation
A curated list of awesome Cisco exploitation resources
ios cisco exploitation source-code awesome awesome-list security cisco-exploitation security-research
69
disclose / dioterms
Open-source vulnerability disclosure policy templates.
vulnerability-disclosure vulnerability-disclosure-policies disclosure-policy responsible-disclosure security-research bug-bounty legal exemption disclosure safe-harbor-language boilerplate security
68
0dayInc / pwn
PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.
automation reverse-engineering penetration-testing fuzzing reconnaissance web-security bugbounty security-tools devsecops penetration-testing-framework sast security-research vulnerability-scanning artificial-intelligence sdr telecom hardware-security telecom-security ai-agents
Language:Ruby 67
Bug-Bounty-Beginner-Roadmap
UCYBERS / Bug-Bounty-Beginner-Roadmap
This repository is a curated resource for aspiring bug hunters, offering hands-on labs, tools, and structured guidance to support your learning and practical development in the field of ethical hacking and vulnerability research.
bug-bounty cybersecurity awesome-list capture-the-flag ethical-hacking exploit-development infosec juice-shop labs learning-resources metasploitable osint pentesting security-research security-tools sql-injection vulnerability-database web-security xss infosec-resources
61
userlandkernel / ios-unstripped-kexts
Unstripped iOS kernel extensions and more. More coming soon.
ios rom kernel kext security-research
Language:Shell 59
K3ysTr0K3R / INtrack
A flexible internet crawler used for scanning technologies, instances and vulnerabilities worldwide across the internet.
exploitation hacking hacking-tool internet-crawler masscanner reconnaissance scanner security security-research vulnerability-scanner worm host-crawler ip-crawler
Language:Python 57
win3zz / Meta-Owned-IT-Assets
Curated list of Meta (formerly Facebook) owned IT assets
bug-bounty facebook meta reconnaissance security-research subdomains
54
pandaadir05 / re-architect
Advanced reverse engineering platform combining traditional static analysis with AI-powered insights. Supports multiple decompilers (Ghidra, IDA Pro, Binary Ninja), automated function analysis, and interactive web visualization for comprehensive binary analysis workflows.
ai-analysis binary-analysis binary-ninja decompiler ghidra ida-pro llm-integration malware-analysis reverse-engineering security-research static-analysis web-interface
Language:Python 52

security-research

payloadbox / sql-injection-payload-list

payloadbox / command-injection-payload-list

PentestPad / subzy

sergey-pronin / Awesome-Vulnerability-Research

disclose / diodb

BishopFox / h2csmuggler

payloadbox / rfi-lfi-payload-list

LockGit / Hacking

shodansploit / shodansploit

security-cheatsheet / metasploit-cheat-sheet

ossf / fuzz-introspector

rarecoil / pantagrule

security-checklist / php-security-check-list

chebuya / sastsweep

lawndoc / jaws

mebeim / systrack

mebeim / linux-syscalls

GaloisInc / MATE

lololosys / awesome-baseband-research

AnonKryptiQuz / Injectra

fierceoj / ShonyDanza

notemrovsky / tiktok-reverse-engineering

nmggithub / Kass

mirchr / security-research

Pa55w0rd / google-hacking-assistant

dyjakan / interpreter-bugs

Chocapikk / CVE-2023-4966

Chocapikk / CVE-2023-6553

lololosys / awesome_cisco_exploitation

disclose / dioterms

0dayInc / pwn

UCYBERS / Bug-Bounty-Beginner-Roadmap

userlandkernel / ios-unstripped-kexts

K3ysTr0K3R / INtrack

win3zz / Meta-Owned-IT-Assets

pandaadir05 / re-architect