vulnerability-research
There are 115 repositories under vulnerability-research topic.
payloadbox/command-injection-payload-list
🎯 Command Injection Payload List
lutfumertceylan/top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
gobysec/Goby
Attack surface mapping
sergey-pronin/Awesome-Vulnerability-Research
🦄 A curated list of the awesome resources about the Vulnerability Research
Battelle/afl-unicorn
afl-unicorn lets you fuzz any piece of binary that can be emulated by Unicorn Engine.
sgayou/subaru-starlink-research
Subaru StarLink persistent root code execution.
0xdea/semgrep-rules
A collection of my Semgrep rules to facilitate vulnerability research.
insightglacier/Shiro_exploit
Apache Shiro 反序列化漏洞检测与利用工具
clearbluejar/ghidriff
Python Command-Line Ghidra Binary Diffing Engine
kac89/vulnrepo
VULNRΞPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE, CVE, MITRE ATT&CK, PCI DSS, issues import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/PDF report, attachments, automatic changelog, statistics, vulnerability management, bug bounty, pentest reporting, etc..
hugsy/CFB
Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.
foundryzero/llef
LLEF is a plugin for LLDB to make it more useful for RE and VR
quarkslab/conf-presentations
Quarkslab conference talks
0xdea/ghidra-scripts
A collection of my Ghidra scripts to facilitate reverse engineering and vulnerability research.
oryxlabs/PolarDNS
PolarDNS is a specialized authoritative DNS server suitable for penetration testing and vulnerability research.
softrams/bulwark
An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Sentinel-One/peafl64
Static Binary Instrumentation tool for Windows x64 executables
quarkslab/qbindiff
Quarkslab Bindiffer but not only !
VerSprite/research
VerSprite Security Research
user1342/Obfu-DE-Scate
Obfu[DE]scate is a de-obfuscation tool for Android APKs that uses fuzzy comparison logic to identify similarities between functions, even if they have been renamed as part of obfuscation. It compares two versions of an APK and generates a mapping text file and an interactive HTML file as outputs!
quarkslab/pastis
PASTIS: Collaborative Fuzzing Framework
user1342/Monocle
Tooling backed by an LLM for performing natural language searches against compiled target binaries. Search for encryption logic, password strings, vulnerabilities, etc.
jthuraisamy/DIRT
Driver Initial Reconnaissance Tool
lhmtriet/awesome-vulnerability-assessment
An ever-growing list of resources for data-driven vulnerability assessment and prioritization
0xdea/weggli-patterns
A collection of my weggli patterns to facilitate vulnerability research.
cetfor/PaperMachete
A project that uses Binary Ninja and GRAKN.AI to perform static analysis on binary files with the goal of identifying bugs in software.
cve-north-stars/cve-north-stars.github.io
Leveraging CVEs as North Stars in vulnerability discovery and comprehension.
Karmaz95/Snake_Apple
The code repository for the Snake&Apple article series.
user1342/AutoCorpus
AutoCorpus is a tool backed by a large language model (LLM) for automatically generating corpus files for fuzzing.
usnistgov/vulntology
Development of the NIST vulnerability data ontology (Vulntology).
paulveillard/cybersecurity-blue-team
A collection of awesome software, libraries, learning tutorials, documents and books, technical resources and cool stuff about Blue Team in Cybersecurity.
RevEngAI/reai-ghidra
RevEng.AI Ghidra Plugin
M507/Miner
Local Privilege Escalation Miner
OWASP/www-project-top-25-parameters
OWASP Foundation Web Respository
proxytype/Hide-FS
Inject dll to explorer.exe and hide file from process.
r3kind1e/Log4Shell-obfuscated-payloads-generator
Generate primary obfuscated or secondary obfuscated CVE-2021-44228 or CVE-2021-45046 payloads to evade WAF detection.