security-research

There are 19 repositories under security-research topic.

• payloadbox / sql-injection-payload-list

  🎯 SQL Injection Payload List

  sql-injectionattackersql-injection-attackssql-injection-proofsql-injection-exploitationsql-injectionssql-injection-payloadsinjection-payloadssql-injection-filterersql-injection-attackowasp-top-10payloadspayloadwebsecuritybugbountysecurity-researchhackingsql-injectinjection-attacksinjection
  5975

• payloadbox / command-injection-payload-list

  🎯 Command Injection Payload List

  command-injectioninjectionsecurity-vulnerabilityvulnerabilitypayload-listpayloados-injectioncommandosunixlinuxwindowsmacosapplicationapplication-securitybugbountysecuritysecurity-researchvulnerability-researchsecurity-testing
  3606

• PentestPad / subzy

  Subdomain takeover vulnerability checker

  cybersecuritybugbountysecurity-vulnerabilitysubdomain-takeoversecurity-research
  Language:Go 1421

• sergey-pronin / Awesome-Vulnerability-Research

  🦄 A curated list of the awesome resources about the Vulnerability Research

  awesomeawesome-listvulnerability-researchcuratedreading-listfuzzingexploit-developmentsecurity-research
  1278
• diodb

  disclose / diodb

  Open-source vulnerability disclosure and bug bounty program database

  bug-bountybug-bounty-huntersdatadisclosure-policyhackerslegalresponsible-disclosuresafe-harbor-frameworksafetysecurity-researchsimplicityvulnerability-disclosure
  Language:Python 1036

• BishopFox / h2csmuggler

  HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

  bugbountyinfosecsecurity-researchsecurity-tools
  Language:Python 759

• payloadbox / rfi-lfi-payload-list

  🎯 RFI/LFI Payload List

  rfilfirfi-exploitonlfi-exploitationlfi-vulnerabilityrfi-vulnerabillitywebsecurityappsecapplication-securityweb-application-securitypayloadpayloadspayload-listbugbountybug-bountysecuritysecurity-researchsecurity-researchersecurity-researchersweb-hacking
  628

• LockGit / Hacking

  Hacker, ready for more of our story ! 🚀

  hackattackgeekcrackerpochackingtoolshackerhacking-toolattackerattackssecurity-vulnerabilityscannervulnerabilityvulnerabilitiesvulnerability-scannerssecuritysecurity-researchtool
  Language:Python 577

• shodansploit / shodansploit

  🔎 shodansploit > v1.3.0

  intelligencepython-scriptpython-shodansecuritysecurity-automationsecurity-researchsecurity-scannersecurity-testingsecurity-toolsshodanshodan-apishodan-clishodan-clientshodan-pythonshodan-scriptsshodan-toolshodan-toolsshodansploit
  Language:Python 536

• security-cheatsheet / metasploit-cheat-sheet

  Metasploit Cheat Sheet 💣

  exploitexploitation-frameworkmetasploitmetasploit-cheat-sheetmetasploit-databasemetasploit-frameworkmetasploit-framework-databasemeterpretermsfvenompayloadrapid7securitysecurity-cheat-sheetssecurity-researchsecurity-testing
  457

• ossf / fuzz-introspector

  Fuzz Introspector -- introspect, extend and optimise fuzzers

  fuzz-testingfuzzingsecuritysecurity-researchtestingvulnerability-analysis
  Language:Python 431

• rarecoil / pantagrule

  large hashcat rulesets generated from real-world compromised passwords

  hashcathashcat-rulespassword-crackingpasswordssecurity-research
  398

• security-checklist / php-security-check-list

  PHP Security Check List [ EN ] 🌋 ☣️

  phpphp-libraryphp-frameworksecuritysecurity-auditchecklistsecurity-checklistphp-securityphp-security-checkerwebapplicationweb-application-securitybugbountysecurity-researchsecurity-researcherweb-applicationweb-application-frameworksecurity-testing
  296

• lawndoc / jaws

  Jaws is an invisible programming language! Inject invisible code into other languages and files! Created for security research -- see blog post

  programming-languageflex-bisoncompilervirtual-machinesecurity-researchmalware-researchinterpreterinterpreted-programming-languagepolyglotc-programming
  Language:C 234

• chebuya / sastsweep

  tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such as popularity and project size

  cliowaspsastsecurity-auditsecurity-researchsecurity-scannerstatic-code-analysisvulnerability-researchsemgrepvulnerability-scanners
  Language:Go 233
• systrack

  mebeim / systrack

  📡🐧 Linux kernel syscall implementation tracker

  abiautomationbinary-analysiselfkconfiglinuxlinux-kernelsecurity-researchsyscallsyscall-tablesyscalls
  Language:Python 230
• linux-syscalls

  mebeim / linux-syscalls

  🌐🐧 Browsable Linux kernel syscall tables built with Systrack (https://github.com/mebeim/systrack)

  linuxlinux-kernelsecurity-researchsecurity-toolssyscall-tablesyscalls
  Language:JavaScript 203

• GaloisInc / MATE

  MATE is a suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++ code using Code Property Graphs.

  code-property-graphllvmprogram-analysissecuritysecurity-researchstatic-analysissymbolic-execution
  Language:Python 196

• lololosys / awesome-baseband-research

  A curated list of awesome baseband research resources

  basebandsecurity-researchshannonvulnerability
  171

• fierceoj / ShonyDanza

  A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

  shodanshodan-apishodan-pythonreconnaissancered-teamblue-teampurple-teamscanninginformation-gatheringshonydanzapre-configureexploitsvulnerability-identificationvulnerability-detectionmalware-identificationmalware-detectionpentestingpenetration-testingsecurity-toolssecurity-research
  Language:Python 120

• mirchr / security-research

  Security Research

  exploit-codesecurity-researchvulnerabilities
  Language:Shell 95

• dyjakan / interpreter-bugs

  Fuzzing results for various interpreters.

  fuzzingbugsvulnerabilitiessecuritypythonrubyphphhvminterpretersecurity-research
  Language:Ruby 82

• Chocapikk / CVE-2023-4966

  Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

  citrixexploitexploitationinfosecmemory-leaknetscalernetwork-securityopen-sourcepentestingpythonsecuritysecurity-researchsession-tokensvulnerabilitycve-2023-4966
  Language:Python 78

• Chocapikk / CVE-2023-6553

  Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution

  cvecybersecurityexploithackinginfosecphppythonrcesecuritysecurity-researchvulnerabilitywordpresscve-2023-6553
  Language:Python 76

• lololosys / awesome_cisco_exploitation

  A curated list of awesome Cisco exploitation resources

  iosciscoexploitationsource-codeawesomeawesome-listsecuritycisco-exploitationsecurity-research
  69

• disclose / dioterms

  Open-source vulnerability disclosure policy templates.

  boilerplatebug-bountydisclosuredisclosure-policyexemptionlegalresponsible-disclosuresafe-harbor-languagesecuritysecurity-researchvulnerability-disclosurevulnerability-disclosure-policies
  68

• 0dayInc / pwn

  PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.

  automationreverse-engineeringpenetration-testingfuzzingreconnaissanceweb-securitybugbountysecurity-toolsdevsecopspenetration-testing-frameworksastsecurity-researchvulnerability-scanningartificial-intelligencesdrtelecomhardware-securitytelecom-securityai-agents
  Language:Ruby 67

• userlandkernel / ios-unstripped-kexts

  Unstripped iOS kernel extensions and more. More coming soon.

  iosromkernelkextsecurity-research
  Language:Shell 59

• win3zz / Meta-Owned-IT-Assets

  Curated list of Meta (formerly Facebook) owned IT assets

  bug-bountyfacebookmetareconnaissancesecurity-researchsubdomains
  54

• Macmod / STARS

  A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services that could possibly lead to subdomain takeover scenarios.

  awsazurecloudcybersecuritydnsgcpsubdomain-takeoverdomain-takeoverpythonsecuritytakeoverinfosecpython3security-researchscannersubdomaindigitaloceancloudflarepentestingsecurity-tools
  Language:Python 50

• K3ysTr0K3R / CVE-2024-25600-EXPLOIT

  A PoC exploit for CVE-2024-25600 - WordPress Bricks Builder Remote Code Execution (RCE)

  cve-2024-25600educationalexploitexploitationexploitshackingpocrceremote-code-executionsecurity-researchsecurity-researchervulnerabilitiesvulnerabilitybricks-builderwordwordpresswordpress-plugin
  Language:Python 48

• EnableSecurity / advisories

  Security advisories published by Enable Security

  security-researchadvisories
  Language:Python 46

• omarhashem123 / Security-Research

  This repository contains proof of concept for zero days and CVEs that were found by Omar Hashem through Security Research

  0daycvesecurity-researchzero-daysbypass
  Language:Python 45

• lololosys / cisco_ios_research

  cisco-routeriossecurity-research
  Language:C 41
• public-research

  redcanaryco / public-research

  Public repository for Red Canary Research

  securitysecurity-research
  Language:C 37

• captn3m0 / sanskari-proxy

  A proxy for security researchers outside India to access Indian government websites without resorting to shady VPNs.

  proxyindiagovernmentsecurity-researchsecurity-researchergeoblocking
  34