vulnerability

There are 186 repositories under vulnerability topic.

PayloadsAllTheThings
swisskyrepo / PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bounty bugbounty bypass cheatsheet enumeration hacking hacktoberfest methodology payload payloads penetration-testing pentest privilege-escalation redteam security vulnerability web-application
Language:Python 71496
aquasecurity / trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
containers devsecops docker go golang hacktoberfest iac infrastructure-as-code kubernetes misconfiguration security security-tools vulnerability vulnerability-detection vulnerability-scanners
Language:Go 29739
h4cker
The-Art-of-Hacking / h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
ai ai-security artificial-intelligence awesome-list awesome-lists cybersecurity ethical-hacking exploit exploit-development exploits hacker hackers hacking hacking-series penetration-testing training vulnerability vulnerability-assessment vulnerability-identification vulnerability-management
Language:Jupyter Notebook 23959
SafeLine
chaitin / SafeLine
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
api-gateway application-security appsec blueteam bruteforce captcha cve cybersecurity firewall hackers http-flood security self-hosted sql-injection vulnerability waf web-application-firewall web-security websecurity xss
Language:Go 19093
Hacker0x01 / hacker101
Source code for Hacker101.com - a free online web and mobile security class.
education hacking security hackerone hacker101 xss clickjacking csrf web-security session-fixation unchecked-redirects sql-injection mobile-security vulnerability
Language:SCSS 14263
xray
chaitin / xray
一款长亭自研的完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
passive-vulnerability-scanner poc security sqlinjection vulnerability vulnerability-scanner xss
Language:Vue 11293
grype
anchore / grype
A vulnerability scanner for container images and filesystems
container-image containers cyclonedx docker go golang hacktoberfest oci openvex security static-analysis tool vex vulnerabilities vulnerability
Language:Go 10980
ysoserial
frohoff / ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
deserialization exploit gadget java javadeser jvm poc serialization vulnerability
Language:Java 8575
nomi-sec / PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
cve exploit poc security vulnerability
7368
trickest / cve
Gather and update all available and newest CVEs with their PoC.
poc cve cve-poc latest-cve vulnerability vulnerabilities software-vulnerabilities software-security exploit security infosec hacking pentesting penetration-testing red-team security-tools software-vulnerability
Language:HTML 7335
KathanP19 / HowToHunt
Collection of methodology and test case for various web vulnerabilities.
bugbounty bugbountytips bughunting-methodology tutorials vulnerability
6790
infoslack / awesome-web-hacking
A list of web application security
appsec hacking hacking-tools metasploit owasp penetration-testing pentesting scanner security vulnerabilities vulnerability web-hacking web-security
6535
daffainfo / AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
bugbounty bugbountytips bypass payloads reconnaissance bug hacking security payload penetration-testing vulnerability infosec pentest
6496
LandGrey / SpringBootVulExploit
SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list
springboot springboot-actuator-rce rce spring-boot-vulnerability springcloud spring-vulnerability vulnerability spring-actuator-vulnerability
Language:Java 6050
infobyte / faraday
Open Source Vulnerability Management Platform
appsec burpsuite collaboration continuous-scanning cve cybersecurity devops devsecops infosec nessus nmap orchestration penetration-testing pentesting security security-audit security-automation vulnerability vulnerability-management vulnerability-scanners
Language:Python 6009
dalfox
hahwul / dalfox
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
bugbounty bugbounty-tool cicd-pipeline devsecops golang hacktoberfest security vulnerability xss xss-bruteforce xss-detection xss-exploit xss-scanner
Language:Go 4672
zhzyker / exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
cve-2020-10199 cve-2020-10204 cve-2020-11444 cve-2020-14882 cve-2020-1938 cve-2020-2551 cve-2020-2555 cve-2020-2883 cve-2020-5902 drupal exp exploit getshell nexus poc tomcat vulnerability weblogic webshell
Language:Python 4260
greenbone / openvas-scanner
This repository contains the scanner component for Greenbone Community Edition.
c foo greenbone greenbone-community-edition greenbone-vulnerability-management gvm openvas openvas-scanner scanner techops vulnerability vulnerability-assessment vulnerability-detection vulnerability-management vulnerability-scanners
Language:Rust 4148
scipag / vulscan
Advanced vulnerability scanning with Nmap NSE
vulnerability vulnerability-scanners vulnerability-detection vulnerability-identification vulnerability-assessment security security-audit security-scanner penetration-testing nmap nmap-scripts exploit vulnerability-scanning vulnerability-databases vulnerability-database-entry nmap-scan-script nse nsescript lua lua-script
Language:Lua 3688
payloadbox / command-injection-payload-list
🎯 Command Injection Payload List
command-injection injection security-vulnerability vulnerability payload-list payload os-injection command os unix linux windows macos application application-security bugbounty security security-research vulnerability-research security-testing
3608
swisskyrepo / SSRFmap
Automatic SSRF fuzzer and exploitation tool
ctf exploitation hacktoberfest pentest server-side-request-forgery ssrf ssrfmap vulnerability
Language:Python 3393
Bo0oM / fuzz.txt
Potentially dangerous files
list web vulnerability files fuzz dirbuster
3237
Az0x7 / vulnerability-Checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
bugbounty security sqlinjection vulnerability vulnerability-checklist web-vulnerability
3133
goodwithtech / dockle
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
containers docker go golang kubernetes linter security security-audit security-tools vulnerability
Language:Go 3082
pentest-guide
Voorivex / pentest-guide
Penetration tests guide based on OWASP including test cases, resources and examples.
pentest bugbounty owasp-tests penetration-testing vulnerability payload bypass writeup
2708
bearer
Bearer / bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
appsec compliance devsecops devsecops-tools security security-tools dataflow gdpr privacy sast static-code-analysis vulnerability security-audit security-scanner vulnerabilities code-quality static-analysis security-automation owasp
Language:Go 2461
c0ny1 / vulstudy
使用docker快速搭建各大漏洞靶场，目前可以一键搭建17个靶场。
docker-image-builder vulnerability
Language:Shell 2385
google / osv.dev
Open source vulnerability DB and triage service.
security security-tools vulnerability-scanners vulnerability-management vulnerability vulnerability-databases
Language:Python 2369
tunz / js-vuln-db
A collection of JavaScript engine CVEs with PoCs
javascript cve vulnerability
2306
Lifka / hacking-resources
Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.
hacking malware osint gathering powershell vulnerability hacker tools social-engineering network-monitoring ethicalhacking
2235
iSafeBlue / TrackRay
溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）
pentest vulnerability
Language:Java 2074
anouarbensaad / vulnx
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
crawler information-gathering cms-detector cloudflare-detection bot pentest wp-scanner auto-exploiter vulnerability hacking website-vulnerability-scanner security-tools vulnerability-assessment vulnerability-exploit vulnerability-detection shell-injection detects-vulnerabilities exploits dorks subdomains-gathering
Language:Python 1996
Threekiii / Vulnerability-Wiki
一个基于 docsify 快速部署 Awesome-POC 漏洞文档的项目。Deploying the Awesome-POC repository via docsify.
docker docsify vulnerability wiki cve
Language:HTML 1979
lukechilds / reverse-shell
Reverse Shell as a Service
reverse-shell exploit vulnerability pentesting joke prank microservice
Language:JavaScript 1924
NCSC-NL / log4shell
Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
cve-2021-4104 cve-2021-44228 cve-2021-45046 cve-2021-45105 log4j log4shell vulnerability
Language:Python 1892
0x727 / SpringBootExploit
项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。
spring springboot vul vulnerability exploit exp
Language:Java 1890