There are 155 repositories under vulnerability topic.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
Source code for Hacker101.com - a free online web and mobile security class.
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
A list of web application security
All about bug bounty (bypasses, payloads, and etc)
Advanced vulnerability scanning with Nmap NSE
This repository contains the scanner component for Greenbone Community Edition.
Automatic SSRF fuzzer and exploitation tool
🎯 Command Injection Payload List
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Penetration tests guide based on OWASP including test cases, resources and examples.
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
Reverse Shell as a Service
HummerRisk 是云原生安全平台,包括混合云安全治理和云原生安全检测。
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.