security-vulnerability

future-architect/vuls

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

presidentbeef/brakeman

A static analysis security vulnerability scanner for Ruby on Rails applications

google/syzkaller

syzkaller is an unsupervised coverage-guided kernel fuzzer

OlivierLaflamme/Cheatsheet-God

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

payloadbox/command-injection-payload-list

🎯 Command Injection Payload List

Roave/SecurityAdvisories

:closed_lock_with_key: Security advisories as a simple composer exclusion list, updated daily

cliffe/SecGen

Create randomly insecure VMs

0xRadi/OWASP-Web-Checklist

OWASP Web Application Security Testing Checklist

brunofacca/zen-rails-security-checklist

Checklist of security precautions for Ruby on Rails applications.

pyupio/safety

Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.

opensec-cn/kunpeng

kunpeng是一个Golang编写的开源POC框架/库，以动态链接库的形式提供各种语言调用，通过此项目可快速开发漏洞检测类的系统。

jaebradley/uber-cli

🚗Uber, at your fingertips

httpvoid/writeups

PentestPad/subzy

Subdomain takeover vulnerability checker

jxy-s/herpaderping

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

bloodzer0/ossa

Open-Source Security Architecture | 开源安全架构

ohmybahgosh/RockYou2021.txt

RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!

0xbug/SQLiScanner

Automatic SQL injection with Charles and sqlmap api

Eugnis/spectre-attack

Example of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)

nluedtke/linux_kernel_cves

Tracking CVEs for the linux Kernel

Fuzzapi/fuzzapi

Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem

tlsfuzzer/tlsfuzzer

SSL and TLS protocol test suite and fuzzer

LockGit/Hacking

Hacker, ready for more of our story ! 🚀

factionsecurity/faction

Pen Test Report Generation and Assessment Collaboration

pyupio/pyup

A tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.

orhun/flawz

A Terminal UI for browsing security vulnerabilities (CVEs)

zricethezav/h1domains

HackerOne "in scope" domains

flipkart-incubator/watchdog

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

Boyan-MILANOV/ropium

ROPium is a tool that helps you building ROP exploits by finding and chaining gadgets together

srcclr/commit-watcher

Find interesting and potentially hazardous commits in git projects

bureado/awesome-software-supply-chain-security

A compilation of resources in the software supply chain security domain, with emphasis on open source

deadbits/InsecureProgramming

mirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/

narbehaj/ssl-checker

Python script that collects SSL/TLS information from hosts

momo5502/cod-exploits

☠️ Call of Duty - Vulnerabilities and proof-of-concepts

fabric8-analytics/fabric8-analytics-vscode-extension

Red Hat Dependency Analytics extension