vulnerability
There are 1587 repositories under vulnerability topic.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
The-Art-of-Hacking/h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
Hacker0x01/hacker101
Source code for Hacker101.com - a free online web and mobile security class.
chaitin/SafeLine
A web security gateway, serve as a reverse proxy to protect your websites from attacks and exploits.
chaitin/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
anchore/grype
A vulnerability scanner for container images and filesystems
frohoff/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
edoardottt/awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
trickest/cve
Gather and update all available and newest CVEs with their PoC.
nomi-sec/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
KathanP19/HowToHunt
Collection of methodology and test case for various web vulnerabilities.
LandGrey/SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
infoslack/awesome-web-hacking
A list of web application security
daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
infobyte/faraday
Open Source Vulnerability Management Platform
zhzyker/exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
hahwul/dalfox
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
scipag/vulscan
Advanced vulnerability scanning with Nmap NSE
greenbone/openvas-scanner
This repository contains the scanner component for Greenbone Community Edition.
Bo0oM/fuzz.txt
Potentially dangerous files
swisskyrepo/SSRFmap
Automatic SSRF fuzzer and exploitation tool
payloadbox/command-injection-payload-list
🎯 Command Injection Payload List
goodwithtech/dockle
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Voorivex/pentest-guide
Penetration tests guide based on OWASP including test cases, resources and examples.
tunz/js-vuln-db
A collection of JavaScript engine CVEs with PoCs
Az0x7/vulnerability-Checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
c0ny1/vulstudy
使用docker快速搭建各大漏洞靶场,目前可以一键搭建17个靶场。
iSafeBlue/TrackRay
溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
NCSC-NL/log4shell
Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
anouarbensaad/vulnx
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
Bearer/bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
lukechilds/reverse-shell
Reverse Shell as a Service
HummerRisk/HummerRisk
HummerRisk 是云原生安全平台,包括混合云安全治理和云原生安全检测。
Lifka/hacking-resources
Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.
0x727/SpringBootExploit
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。