security-vulnerability

There are 37 repositories under security-vulnerability topic.

• CISOfy / lynis

  Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

  shelllinuxpci-dsscompliancesecurity-auditsecurity-hardeningsecurity-scannersecurity-vulnerabilityhipaaunixvulnerability-detectionvulnerability-scannersvulnerability-assessmentdevopsdevops-toolssystem-hardeninghardeningauditinggdprsecurity-tools
  Language:Shell 12497

• future-architect / vuls

  Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

  vulsvulnerability-scannersgolanggolinuxfreebsdvulnerability-detectionsecuritysecurity-toolscybersecuritysecurity-vulnerabilitysecurity-scannersecurity-hardeningsecurity-automationsecurity-auditvulnerability-assessmentvulnerability-managementvulnerability-scannervulnerabilitiesadministrator
  Language:Go 10660
• brakeman

  presidentbeef / brakeman

  A static analysis security vulnerability scanner for Ruby on Rails applications

  rubyrailssecuritystatic-analysisvulnerabilitiesbrakemansecurity-vulnerabilitysecurity-toolssecurity-audit
  Language:Ruby 6906

• google / syzkaller

  syzkaller is an unsupervised coverage-guided kernel fuzzer

  fuzz-testingfuzzerfuzzingkernellinuxsecuritysecurity-toolssecurity-vulnerabilitytesting
  Language:Go 5120
• Cheatsheet-God

  OlivierLaflamme / Cheatsheet-God

  Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

  penetration-testingsecurityhackingcheatsheetoscpinformation-securitypentestinghowto-tutorialrefresherpenetration-testcheatsheet-godoscp5oscp-toolsoscp-journeypenetrationsecurity-toolssecurity-vulnerabilityhacking-toolhacking-codeawesome
  4712

• Roave / SecurityAdvisories

  :closed_lock_with_key: Security advisories as a simple composer exclusion list, updated daily

  composerinfosecphpsecurity-advisoriessecurity-vulnerabilitiessecurity-vulnerability
  2643

• payloadbox / command-injection-payload-list

  🎯 Command Injection Payload List

  command-injectioninjectionsecurity-vulnerabilityvulnerabilitypayload-listpayloados-injectioncommandosunixlinuxwindowsmacosapplicationapplication-securitybugbountysecuritysecurity-researchvulnerability-researchsecurity-testing
  2637

• cliffe / SecGen

  Create randomly insecure VMs

  securitysecurity-vulnerabilityvirtualizationrandomizationprovisioninglabsctf-challengescybok
  Language:Python 2574

• brunofacca / zen-rails-security-checklist

  Checklist of security precautions for Ruby on Rails applications.

  rubyruby-on-railsrailssecuritysecurity-vulnerabilitychecklist
  Language:Ruby 1814

• opensec-cn / kunpeng

  kunpeng是一个Golang编写的开源POC框架/库，以动态链接库的形式提供各种语言调用，通过此项目可快速开发漏洞检测类的系统。

  poc-libraryproof-of-conceptsecurity-testingsecurity-vulnerability
  Language:Go 1648

• pyupio / safety

  Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.

  pythonsecuritysecurity-vulnerabilitytravisvulnerability-scannersvulnerability-detection
  Language:Python 1625

• 0xRadi / OWASP-Web-Checklist

  OWASP Web Application Security Testing Checklist

  owaspsecuritysecurity-toolssecurity-vulnerabilitybugbountytestingchecklist
  1521

• jaebradley / uber-cli

  🚗Uber, at your fingertips

  ubersecurity-vulnerabilitysecurity-incidentscommand-line-tool
  Language:JavaScript 1182

• httpvoid / writeups

  appsecsecuritysecurity-vulnerability
  1155

• jxy-s / herpaderping

  Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

  exploitwindowssecurityprocess-herpaderpingvulnerabilitysecurity-vulnerabilityexploitationexploitsexploit-developmentexploit-frameworkwindows-10windows-7windows-defenderantivirusantivirus-evasionprocess-migrationprocess-hollowingprocess-doppelganging
  Language:C++ 1057

• bloodzer0 / ossa

  Open-Source Security Architecture | 开源安全架构

  application-securitybusiness-securitycode-auditidsipssecuritysecurity-auditsecurity-scannersecurity-toolssecurity-vulnerabilityvulnerabilitiesvulnerability-scanners
  920

• PentestPad / subzy

  Subdomain takeover vulnerability checker

  cybersecuritybugbountysecurity-vulnerabilitysubdomain-takeoversecurity-research
  Language:Go 869

• 0xbug / SQLiScanner

  Automatic SQL injection with Charles and sqlmap api

  autoscanscannersecuritysecurity-auditsecurity-vulnerabilitysqlmapsqlmap-webuisqlmapapi
  Language:Python 774

• ohmybahgosh / RockYou2021.txt

  RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!

  wordlistrockyourockyou2021wordlistspassword-strengthpassword-safetyhashcatsecurity-auditsecurity-vulnerabilitysecuritywordlists-dictionary-collection
  736

• Eugnis / spectre-attack

  Example of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)

  cexampleexploitsecurity-vulnerabilityspectre
  Language:C 735

• nluedtke / linux_kernel_cves

  Tracking CVEs for the linux Kernel

  cvelinuxlinux-kernellinux-securitysecurity-auditsecurity-vulnerabilitytrackertracking-cves
  Language:Vue 720

• Fuzzapi / fuzzapi

  Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem

  apiautomationfuzzerrailsrubysecuritysecurity-vulnerability
  Language:Ruby 619

• tlsfuzzer / tlsfuzzer

  SSL and TLS protocol test suite and fuzzer

  tlslite-ngtlssslsecurity-auditsecurity-vulnerabilitytest-frameworktest-automationtesting-toolstest-suitetlsliteprotocol-verifierprotocol-testerautomationrfc-compliancestandard-conformityrobotdrowntls13tls12fuzzer
  Language:Python 536

• LockGit / Hacking

  Hacker, ready for more of our story ! 🚀

  hackattackgeekcrackerpochackingtoolshackerhacking-toolattackerattackssecurity-vulnerabilityscannervulnerabilityvulnerabilitiesvulnerability-scannerssecuritysecurity-researchtool
  Language:Python 521

• pyupio / pyup

  A tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.

  dependencydependency-managersecurity-vulnerabilitysecuritysecurity-tools
  Language:Python 439

• flipkart-incubator / watchdog

  Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

  security-toolssecuritysecurity-vulnerabilitysecurity-testingvulnerability-managementvulnerability-assessmentpentest-toolpenetration-testing-frameworkcve-databasescve-searchapplication-securitynetwork-securityproduct-securitybugbounty
  Language:Python 407

• zricethezav / h1domains

  HackerOne "in scope" domains

  securitysecurity-toolssecurity-vulnerabilitysecurity-automationhackeronehackerone-api
  Language:Python 372

• factionsecurity / faction

  Pen Test Report Generation and Assessment Collaboration

  application-securityhackingpenetration-testingpenetration-testing-toolspentestingreportingsecuritysecurity-auditsecurity-automationsecurity-toolssecurity-vulnerability
  Language:JavaScript 352

• srcclr / commit-watcher

  Find interesting and potentially hazardous commits in git projects

  regular-expressionauditingrdssecurity-vulnerabilitydockerrailsemail-notificationdatabasewatchfavor
  Language:Ruby 351

• Boyan-MILANOV / ropium

  ROPium is a tool that helps you building ROP exploits by finding and chaining gadgets together

  gadgetrop-chainrop-gadgetssemanticchaining-gadgetsrop-exploitsexploit-developmentbinary-exploitationsecuritysecurity-vulnerability
  Language:C++ 349

• deadbits / InsecureProgramming

  mirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/

  cexploitationlearning-exercisesecuritysecurity-vulnerabilityvulnerabilities
  Language:C 261

• momo5502 / cod-exploits

  ☠️ Call of Duty - Vulnerabilities and proof-of-concepts

  assemblycodcppexploithackidamw2pocsecurity-vulnerability
  Language:C++ 252

• bureado / awesome-software-supply-chain-security

  A compilation of resources in the software supply chain security domain, with emphasis on open source

  reproducible-buildssupply-chain-securitydevsecopsvulnerability-scanningsecurity-vulnerabilityvulnerability-managementsupply-chain-attackssbompackage-managementdependency-managementstatic-analysissoftware-composition-analysisoss-compliancesoftware-supply-chainsoftware-supply-chain-securitydependenciescve-scanningattestationawesome-list
  251

• narbehaj / ssl-checker

  Python script that collects SSL/TLS information from hosts

  sslcertificatex509x509certificatesssl-certificatestlspythonopensslpython-scriptssl-checkerpyopensslpoodlehearbeathearbleedsecurity-vulnerabilityjsoncsvanalyzeanalyzerhtml
  Language:Python 238

• fabric8-analytics / fabric8-analytics-vscode-extension

  Red Hat Dependency Analytics extension

  dependency-analyticssecurity-vulnerabilityinsightscvenvdonline-flowide-extension
  Language:TypeScript 220

• radenvodka / Recsech

  Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

  reconresearchtoolsrecon-toolsphpsecurity-vulnerabilitysecurity-auditsecurity-toolshacking-toolwebsecurityscanner-vulnerabilityrecsechpenetration-testing-toolspenetration-testingdnsscannerscanner-websubdomain-enumerationreconnaissancesubdomain-takeovers
  Language:PHP 209