awesome-cve-poc - ✍️ A curated list of CVE PoCs.

✍️ A curated list of CVE PoCs.Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you might also want to check out awesome-web-security.

labs - Vulnerability Labs for security analysis

•    Python

Vulnerability Labs for security analysis

VulApps - 快速搭建各种漏洞环境(Various vulnerability environment)

•    Shell

快速搭建各种漏洞环境(Various vulnerability environment)

js-vuln-db - A collection of JavaScript engine CVEs with PoCs

A collection of JavaScript engine CVEs with PoCs

java-deserialization-exploits - A collection of curated Java Deserialization Exploits

•    Python

A collection of curated Java Deserialization Exploits

CVE-2018-8120 - CVE-2018-8120 Windows LPE exploit

•    C++

Supports both x32 and x64. Tested on: Win7 x32, Win7 x64, Win2008 x32, Win2008 R2 x32, Win2008 R2 Datacenter x64, Win2008 Enterprise x64.

uxss-db - 🔪Browser logic-based vulnerabilities DB :skull_and_crossbones:

•    HTML

Star the repo, if it was useful for you ⭐️.

nvdcve - NVD/CVE as JSON files

Important: this repository is now partially redundant with the CVEProject/cvelist project that allows to explore the CVE®/NVD modification history using git as well as submitting new vulnerabilities using GitHub pull requests. However, this repository is still synchronized with the dictionaries to allow to fetch each vulnerability in JSON format. This repository contains JSON files describing vulnerabilities from the NVD and CVE® dictionaries.

sysechk - System Security Checker is a bundle of small shell scripts to assess your computer security

•    Shell

System Security Checker is a bundle of small shell scripts to assess your computer security. Clone the latest version of sysechk.

ansible-role-cve - Mitigates CVE-2016-5195 aka DirtyCOW

•    Shell

This role mitigates/patches the defined CVEs. Dirty COW vuln. http://dirtycow.ninja. Defaults to false. This mitigation will need to be run everytime the server it has been applied on restarts.

nist-data-mirror - A simple Java command-line utility to mirror the CVE XML and JSON data from NIST.

•    Java

NIST Data Mirror is a Java command-line utility that mirrors the NVD CPE/CVE XML and JSON data from NIST. The intended purpose of nist-data-mirror is to be able to replicate the NIST vulnerabiity data inside a company firewall so that local (faster) access to NIST data can be achieved.

HellRaiser - Vulnerability Scanner

•    Ruby

Install redis-server and nmap. Install the foreman gem.

PyParser-CVE - Multi source CVE/exploit parser.

•    Python

PyParser is a vulnerability parser that looks for CVE's from different sources. It employs the Shodan API, has the ability to retrieve and process data from CVE Mitre and comes with functionality to install and use Offensive Security's ExploitDB Searchsploit utility. Start the program from the command line with python cveparser.py. Once the program has been started it will prompt for your Shodan.io API key. Once provided it will prompt to install Searchsploit, which is optional. After these operations a menu will be displayed the options for which are as follows.

malware-research - Samples, research and documents about any kind of malware and misc source which should be released for the public

•    C

Collection of malware samples, research and guides to understand it and to practice, learn and build mechanism to defeat it. Collection of Malware samples, research and guides to understand it and to practice, learn and build mechanism to defeat it.

cve-check-tool - Original Automated CVE Checking Tool

•    C

cve-check-tool, as its name suggests, is a tool for checking known (public) CVEs. The tool will identify potentially vunlnerable software packages within Linux distributions through version matching. Where possible it will also seek to determine (through a distribution implemention) if a vulnerability has been addressed by way of a patch. CVEs are only ever potential - due to the various policies of various distributions, and indeed semantics in versioning within various projects, it is expected that the tool may generate false positives.

LinuxFlaw - This repo records all the vulnerabilities of linux software I have reproduced in my local workspace

•    C

This repo records all the vulnerabilities of linux software I have reproduced in my local workspace. If you encounter problems with keyword "Failed to lock files", you could try to delete any .lck or .lock files or folders in the directory of the problematic VM.

patton-cli - The knife of the Admin & Security auditor

•    Python

Patton-cli (PC) born with the objective to be a knife for system admins and security auditors. PC could be filled with many different sources and report in many formats, being great for scripting.

patton-server - The clever vulnerability dependency finder

•    Python

Patton Server can resolve any library name to their CPE. Then returns the associated CVEs for this CPE. There're many tasks to do.You can check the Issues and send us a Pull Request.

Exploits - Exploits by 1N3@CrowdShield

•    Python

Exploits by 1N3@CrowdShield

cve-2016-1764 - Extraction of iMessage Data via XSS

•    Javascript

While the majority of recent debate around Apple has been focused on cryptography, the industry and law enforcement seems to have forgotten that simpler, application-level vulnerabilities can be leveraged to forgo encryption altogether. CVE-2016-1764, which was fixed by Apple in March of 2016, is an application-layer bug that results in the remote disclosure of all message content and attachments in plaintext by exploiting the OS X iMessage client. Moreover, you do not need a graduate degree in mathematics to exploit it, nor does it require detailed knowledge of memory managment, shellcode, or intricate ASLR bypass ROP chains. In fact, it is a relatively simple bug that can be exploited by anyone with a basic knowledge of JavaScript. Messages (iMessage) for OS X from Apple, implements its user interface using an embedded version of WebKit, furthermore Messages on OS X will render any URI as a clickable HTML <a href= link. An attacker can create a simple JavaScript URI (e.g., javascript:) which when clicked grants the attacker initial JavaScript execution (XSS) in the context of the application DOM. Though the embedded WebKit library used by Messages for OS X executes in an applewebdata:// origin, an attacker can still read arbitrary files using XMLHttpRequest (XHR) GET requests to a file:// URI since there is no same-origin policy (SOP) implemented. By abusing XHR to read files an attacker can upload a victim’s entire chat history and attachments to a remote server as fast as the victims Internet connect will allow; the only user interaction required is clicking on a single link in chat. Furthermore, if SMS forwarding is enabled the attacker can also recover messages sent to/from the victim's iPhone.