cve
There are 1107 repositories under cve topic.
edoardottt/awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Mr-xn/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
trickest/cve
Gather and update all available and newest CVEs with their PoC.
nomi-sec/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
infobyte/faraday
Open Source Vulnerability Management Platform
Medicean/VulApps
快速搭建各种漏洞环境(Various vulnerability environment)
PeiQi0/PeiQi-WIKI-Book
面向网络安全从业者的知识文库🍃
zhzyker/vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
qazbnm456/awesome-cve-poc
✍️ A curated list of CVE PoCs.
OWASP/Nettacker
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
Ascotbe/Kernelhub
:palm_tree:Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
tunz/js-vuln-db
A collection of JavaScript engine CVEs with PoCs
cve-search/cve-search
cve-search - a tool to perform local searches for known vulnerabilities
tr0uble-mAker/POC-bomber
利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
TH3xACE/SUDO_KILLER
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
Ascotbe/Medusa
:cat2:Medusa是一个红队武器库平台,目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能,持续开发中
Notselwyn/CVE-2024-1086
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
opencve/opencve
CVE Alerting Platform
Threekiii/Vulnerability-Wiki
基于 docsify 快速部署 Awesome-POC 中的漏洞文档
jweny/pocassist
傻瓜式漏洞PoC测试框架
gobysec/Goby
Attack surface mapping
mufeedvh/moonwalk
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
nixawk/labs
Vulnerability Labs for security analysis
intel/cve-bin-tool
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
arthepsy/CVE-2021-4034
PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
Puliczek/CVE-2021-44228-PoC-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
toolswatch/vFeed
The Correlated CVE Vulnerability And Threat Intelligence Database API
owasp-dep-scan/dep-scan
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
SabyasachiRana/WebMap
WebMap-Nmap Web Dashboard and Reporting
ycdxsb/PocOrExp_in_Github
聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
b1tg/CVE-2023-38831-winrar-exploit
CVE-2023-38831 winrar exploit generator
bigblackhat/oFx
漏洞批量验证框架
nsacyber/Hardware-and-Firmware-Security-Guidance
Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
topscoder/nuclei-wordfence-cve
The EXCLUSIVE Collection of 37,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.
nluedtke/linux_kernel_cves
Tracking CVEs for the linux Kernel
StarCrossPortal/scalpel
scalpel是一款命令行漏洞扫描工具,支持深度参数注入,拥有一个强大的数据解析和变异算法,可以将常见的数据格式(json, xml, form等)解析为树结构,然后根据poc中的规则,对树进行变异,包括对叶子节点和树结构 的变异。变异完成之后,将树结构还原为原始的数据格式。