vulnerability
There are 2093 repositories under vulnerability topic.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
The-Art-of-Hacking/h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
chaitin/SafeLine
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
Hacker0x01/hacker101
Source code for Hacker101.com - a free online web and mobile security class.
chaitin/xray
一款长亭自研的完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
anchore/grype
A vulnerability scanner for container images and filesystems
frohoff/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
nomi-sec/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
trickest/cve
Gather and update all available and newest CVEs with their PoC.
KathanP19/HowToHunt
Collection of methodology and test case for various web vulnerabilities.
infoslack/awesome-web-hacking
A list of web application security
daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
LandGrey/SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
infobyte/faraday
Open Source Vulnerability Management Platform
hahwul/dalfox
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
zhzyker/exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
greenbone/openvas-scanner
This repository contains the scanner component for Greenbone Community Edition.
scipag/vulscan
Advanced vulnerability scanning with Nmap NSE
payloadbox/command-injection-payload-list
🎯 Command Injection Payload List
swisskyrepo/SSRFmap
Automatic SSRF fuzzer and exploitation tool
Bo0oM/fuzz.txt
Potentially dangerous files
Az0x7/vulnerability-Checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
goodwithtech/dockle
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Voorivex/pentest-guide
Penetration tests guide based on OWASP including test cases, resources and examples.
Bearer/bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
c0ny1/vulstudy
使用docker快速搭建各大漏洞靶场,目前可以一键搭建17个靶场。
google/osv.dev
Open source vulnerability DB and triage service.
tunz/js-vuln-db
A collection of JavaScript engine CVEs with PoCs
Lifka/hacking-resources
Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.
iSafeBlue/TrackRay
溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
anouarbensaad/vulnx
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
Threekiii/Vulnerability-Wiki
一个基于 docsify 快速部署 Awesome-POC 漏洞文档的项目。Deploying the Awesome-POC repository via docsify.
lukechilds/reverse-shell
Reverse Shell as a Service
NCSC-NL/log4shell
Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
0x727/SpringBootExploit
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。