security-research

There are 19 repositories under security-research topic.

• payloadbox / sql-injection-payload-list

  🎯 SQL Injection Payload List

  sql-injectionattackersql-injection-attackssql-injection-proofsql-injection-exploitationsql-injectionssql-injection-payloadsinjection-payloadssql-injection-filterersql-injection-attackowasp-top-10payloadspayloadwebsecuritybugbountysecurity-researchhackingsql-injectinjection-attacksinjection
  4313

• payloadbox / command-injection-payload-list

  🎯 Command Injection Payload List

  command-injectioninjectionsecurity-vulnerabilityvulnerabilitypayload-listpayloados-injectioncommandosunixlinuxwindowsmacosapplicationapplication-securitybugbountysecuritysecurity-researchvulnerability-researchsecurity-testing
  2649

• sergey-pronin / Awesome-Vulnerability-Research

  🦄 A curated list of the awesome resources about the Vulnerability Research

  awesomeawesome-listvulnerability-researchcuratedreading-listfuzzingexploit-developmentsecurity-research
  1046
• diodb

  disclose / diodb

  Open-source vulnerability disclosure and bug bounty program database

  security-researchsafe-harbor-frameworkresponsible-disclosurevulnerability-disclosuredisclosure-policysimplicitylegalsafetybug-bountyhackersbug-bounty-huntersdata
  Language:Python 954

• PentestPad / subzy

  Subdomain takeover vulnerability checker

  cybersecuritybugbountysecurity-vulnerabilitysubdomain-takeoversecurity-research
  Language:Go 870

• BishopFox / h2csmuggler

  HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

  bugbountyinfosecsecurity-researchsecurity-tools
  Language:Python 612

• LockGit / Hacking

  Hacker, ready for more of our story ! 🚀

  attackattackerattackscrackergeekhackhackerhackinghacking-toolpocscannersecuritysecurity-researchsecurity-vulnerabilitytooltoolsvulnerabilitiesvulnerabilityvulnerability-scanners
  Language:Python 521

• shodansploit / shodansploit

  🔎 shodansploit > v1.3.0

  shodanshodan-apishodan-clishodan-scriptsshodan-toolshodan-toolsshodan-clientshodan-pythonpython-shodansecuritysecurity-toolssecurity-testingintelligencepython-scriptshodansploitsecurity-researchsecurity-scannersecurity-automation
  Language:Python 511

• payloadbox / rfi-lfi-payload-list

  🎯 RFI/LFI Payload List

  rfilfirfi-exploitonlfi-exploitationlfi-vulnerabilityrfi-vulnerabillitywebsecurityappsecapplication-securityweb-application-securitypayloadpayloadspayload-listbugbountybug-bountysecuritysecurity-researchsecurity-researchersecurity-researchersweb-hacking
  504

• rarecoil / pantagrule

  large hashcat rulesets generated from real-world compromised passwords

  hashcathashcat-rulespassword-crackingsecurity-researchpasswords
  382

• security-cheatsheet / metasploit-cheat-sheet

  Metasploit Cheat Sheet 💣

  metasploitmetasploit-frameworkmetasploit-cheat-sheetsecuritysecurity-cheat-sheetsexploitmetasploit-framework-databasemetasploit-databaseexploitation-frameworksecurity-researchsecurity-testingrapid7meterpretermsfvenompayload
  369

• ossf / fuzz-introspector

  Fuzz Introspector -- introspect, extend and optimise fuzzers

  fuzzingsecuritytestingvulnerability-analysisfuzz-testingsecurity-research
  Language:Python 347

• security-checklist / php-security-check-list

  PHP Security Check List [ EN ] 🌋 ☣️

  phpphp-libraryphp-frameworksecuritysecurity-auditchecklistsecurity-checklistphp-securityphp-security-checkerwebapplicationweb-application-securitybugbountysecurity-researchsecurity-researcherweb-applicationweb-application-frameworksecurity-testing
  292

• lawndoc / jaws

  Jaws is an invisible programming language! Inject invisible code into other languages and files! Created for security research -- see blog post

  programming-languageflex-bisoncompilervirtual-machinesecurity-researchmalware-researchinterpreterinterpreted-programming-languagepolyglotc-programming
  Language:C 231

• GaloisInc / MATE

  MATE is a suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++ code using Code Property Graphs.

  code-property-graphllvmprogram-analysissecuritysecurity-researchstatic-analysissymbolic-execution
  Language:Python 170

• lololosys / awesome-baseband-research

  A curated list of awesome baseband research resources

  shannonbasebandvulnerabilitysecurity-research
  148
• systrack

  mebeim / systrack

  📡🐧 Linux kernel syscall implementation tracker

  linuxlinux-kernelsecurity-researchsyscallsyscall-tablesyscallsabiautomationbinary-analysiselfkconfig
  Language:Python 122

• fierceoj / ShonyDanza

  A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

  shodanshodan-apishodan-pythonreconnaissancered-teamblue-teampurple-teamscanninginformation-gatheringshonydanzapre-configureexploitsvulnerability-identificationvulnerability-detectionmalware-identificationmalware-detectionpentestingpenetration-testingsecurity-toolssecurity-research
  Language:Python 114

• mirchr / security-research

  Security Research

  vulnerabilitiesexploit-codesecurity-research
  Language:Shell 94
• linux-syscalls

  mebeim / linux-syscalls

  🌐🐧 Browsable linux kernel syscall tables built with Systrack (https://github.com/mebeim/systrack)

  linuxlinux-kernelsecurity-researchsecurity-toolssyscall-tablesyscalls
  Language:JavaScript 90

• dyjakan / interpreter-bugs

  Fuzzing results for various interpreters.

  fuzzingbugsvulnerabilitiessecuritypythonrubyphphhvminterpretersecurity-research
  Language:Ruby 79

• lololosys / awesome_cisco_exploitation

  A curated list of awesome Cisco exploitation resources

  iosciscoexploitationsource-codeawesomeawesome-listsecuritycisco-exploitationsecurity-research
  67

• Chocapikk / CVE-2023-6553

  Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution

  cvecybersecurityexploithackinginfosecphppythonrcesecuritysecurity-researchvulnerabilitywordpresscve-2023-6553
  Language:Python 64

• Chocapikk / CVE-2023-4966

  Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

  citrixcve-2023-4966exploitexploitationinfosecmemory-leaknetscalernetwork-securityopen-sourcepentestingpythonsecuritysecurity-researchsession-tokensvulnerability
  Language:Python 61

• disclose / dioterms

  Open-source vulnerability disclosure policy templates.

  vulnerability-disclosurevulnerability-disclosure-policiesdisclosure-policyresponsible-disclosuresecurity-researchbug-bountylegalexemptiondisclosuresafe-harbor-languageboilerplatesecurity
  60

• userlandkernel / ios-unstripped-kexts

  Unstripped iOS kernel extensions and more. More coming soon.

  iosromkernelkextsecurity-research
  Language:Shell 54

• Macmod / STARS

  A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services that could possibly lead to subdomain takeover scenarios.

  awsazurecloudcybersecuritydnsgcpsubdomain-takeoverdomain-takeoverpythonsecuritytakeoverinfosecpython3security-researchscannersubdomaindigitaloceancloudflarepentestingsecurity-tools
  Language:Python 44

• win3zz / Meta-Owned-IT-Assets

  Curated list of Meta (formerly Facebook) owned IT assets

  bug-bountyfacebookmetareconnaissancesecurity-researchsubdomains
  44

• omarhashem123 / Security-Research

  This repository contains proof of concept for zero days and CVEs that were found by Omar Hashem through Security Research

  0daycvesecurity-researchzero-daysbypass
  Language:Python 42

• EnableSecurity / advisories

  Security advisories published by Enable Security

  security-researchadvisories
  Language:Python 33

• lololosys / cisco_ios_research

  cisco-routeriossecurity-research
  Language:C 33
• public-research

  redcanaryco / public-research

  Public repository for Red Canary Research

  security-researchsecurity
  Language:C 32

• 0dayInc / pwn

  PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.

  automationreverse-engineeringpenetration-testingfuzzingreconnaissanceweb-securitybugbountysecurity-toolsdevsecopspenetration-testing-frameworksastsecurity-researchvulnerability-scanningartificial-intelligencesdrtelecomhardware-securitytelecom-security
  Language:Ruby 30

• captn3m0 / sanskari-proxy

  A proxy for security researchers outside India to access Indian government websites without resorting to shady VPNs.

  proxyindiagovernmentsecurity-researchsecurity-researchergeoblocking
  30

• feedhenry / mobile-security

  FeedHenry Mobile Security

  mobile-appmobile-securitysecurity-researchandroidiosbest-practicesopenid-connectsecure-storagecordovatemplates
  Language:JavaScript 29

• r3k4t / phone-number-info

  Phone-number-info is a Phone Number Information Gathering Tool.

  pythonforensics-investigationsforensic-analysissecurity-researchsecurity-testingsoftware-engineeringnetwork-engineeringsoftware-development
  Language:Python 24