torque59

Nosql-Exploitation-Framework

A Python Framework For NoSQL Scanning and Exploitation

nosqlpot

The NoSQL Honeypot Framework

ctf-vagrant-64

64 bit - Vagrant CTF Box

afl-launch

Boring tool to launch multiple afl-fuzz instances

apache-commons-text-rce

Apache Commons Text below 1.10.0 RCE Vulnerability POC

codeql

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security (code scanning), LGTM.com, and LGTM Enterprise

cq-provider-sdk

CloudQuery Provider SDK enables building providers to query any service or custom in-house solutions with SQL

Docker-OSX

Mac in Docker! Run near native OSX-KVM in Docker! X11 Forwarding!

dvws-node

Damn Vulnerable Web Services is a vulnerable application with a web service and an API that can be used to learn about webservices/API related vulnerabilities.

ebpf-docker-for-mac

How to run eBPF on Docker for mac

flask-restplus-full-todo-example-with-jwt

Auth with JWT, good project structure with namespaces and blueprints, SQL_ALCHEMY, custom error handlers, tests and some more are here!

honggfuzz

Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

learning

Becoming 1% better at data science everyday

lemurs

Linux eBPF Monitoring Daemon

llama_index

LlamaIndex (GPT Index) is a project that provides a central interface to connect your LLM's with external data.

log4j-rce

log4jpwn

log4j rce test environment and poc

mobsfscan

mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.

ninjasworkout

Vulnerable NodeJS Web Application

ovaa

Oversecured Vulnerable Android App

progress-burp

Burp Suite extension to track vulnerability assessment progress

pwn2own2020

Compromising the macOS Kernel through Safari by Chaining Six Vulnerabilities

python-codeql-test

Sample Python codeql project

semgrep-rules

Semgrep rules registry

spring-framework

Spring Framework

syzkaller

syzkaller is an unsupervised coverage-guided kernel fuzzer

terragoat

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

toothpicker

vulnerability-db

Vulnerability database and package search for sources such as NVD, GitHub.

vulnerable-node

A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools