✍️ A curated list of CVE PoCs.Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you might also want to check out awesome-web-security.
awesome cve pocVulnerability Labs for security analysis
cve vulnerability security exploit快速搭建各种漏洞环境(Various vulnerability environment)
vulnerabilities docker struts vulnhub cveA collection of JavaScript engine CVEs with PoCs
cve vulnerabilityThis repository provides content for aiding DoD administrators in verifying systems have applied and enabled mitigations for hardware and firmware vulnerabilities such as side-channel and UEFI vulnerabilities. The repository is a companion to NSA Cybersecurity Advisories such as Vulnerabilities Affecting Modern Processors. This repository is updated as new information, research, strategies, and guidance are developed. The following mitigations generally apply to all systems. For specific steps for a particular operating system or vendor product, consult detailed instructions and strategies at Specific Guidance.
audit vulnerability cve nessus spectre guidance meltdown cve-2017-5754 cve-2017-5715 cve-2017-5753 cve-2018-3640 cve-2018-3639 cve-2018-3693 cve-2018-3665A collection of curated Java Deserialization Exploits
exploits deserialization-rce cveSupports both x32 and x64. Tested on: Win7 x32, Win7 x64, Win2008 x32, Win2008 R2 x32, Win2008 R2 Datacenter x64, Win2008 Enterprise x64.
exploit cve cve-2018-8210Star the repo, if it was useful for you ⭐️.
security browser xss vulnerability cveImportant: this repository is now partially redundant with the CVEProject/cvelist project that allows to explore the CVE®/NVD modification history using git as well as submitting new vulnerabilities using GitHub pull requests. However, this repository is still synchronized with the dictionaries to allow to fetch each vulnerability in JSON format. This repository contains JSON files describing vulnerabilities from the NVD and CVE® dictionaries.
cve vulnerability-identificationSystem Security Checker is a bundle of small shell scripts to assess your computer security. Clone the latest version of sysechk.
security security-checker shell cve-scanning cveThis role mitigates/patches the defined CVEs. Dirty COW vuln. http://dirtycow.ninja. Defaults to false. This mitigation will need to be run everytime the server it has been applied on restarts.
testing test-driven-development test-driven-infrastructure ansible ansible-role kitchen bats cve mitigationNIST Data Mirror is a Java command-line utility that mirrors the NVD CPE/CVE XML and JSON data from NIST. The intended purpose of nist-data-mirror is to be able to replicate the NIST vulnerabiity data inside a company firewall so that local (faster) access to NIST data can be achieved.
appsec nvd software-security nist cpe cve software-composition-analysis scaInstall redis-server and nmap. Install the foreman gem.
vulnerability-scanners rails nmap security-tools security-audit security network network-analysis scanner cve cve-scanning vulnerability-assessment vulnerability-detection hacking hacking-toolPyParser is a vulnerability parser that looks for CVE's from different sources. It employs the Shodan API, has the ability to retrieve and process data from CVE Mitre and comes with functionality to install and use Offensive Security's ExploitDB Searchsploit utility. Start the program from the command line with python cveparser.py. Once the program has been started it will prompt for your Shodan.io API key. Once provided it will prompt to install Searchsploit, which is optional. After these operations a menu will be displayed the options for which are as follows.
cve parser vulnerabilities osint penetration-testing pentest-tool pentest infosecCollection of malware samples, research and guides to understand it and to practice, learn and build mechanism to defeat it. Collection of Malware samples, research and guides to understand it and to practice, learn and build mechanism to defeat it.
malware security research malware-examples code-inspection exploits cve poccve-check-tool, as its name suggests, is a tool for checking known (public) CVEs. The tool will identify potentially vunlnerable software packages within Linux distributions through version matching. Where possible it will also seek to determine (through a distribution implemention) if a vulnerability has been addressed by way of a patch. CVEs are only ever potential - due to the various policies of various distributions, and indeed semantics in versioning within various projects, it is expected that the tool may generate false positives.
cve vulnerability xml nvd databaseThis repo records all the vulnerabilities of linux software I have reproduced in my local workspace. If you encounter problems with keyword "Failed to lock files", you could try to delete any .lck or .lock files or folders in the directory of the problematic VM.
vulnerability reproduction cve edbPatton-cli (PC) born with the objective to be a knife for system admins and security auditors. PC could be filled with many different sources and report in many formats, being great for scripting.
patton security cve vulnerability-detection security-tools cpePatton Server can resolve any library name to their CPE. Then returns the associated CVEs for this CPE. There're many tasks to do.You can check the Issues and send us a Pull Request.
security security-tools cve cpe vulnerability-identificationExploits by 1N3@CrowdShield
cve ctf 0day poc exploits bug-bounties 1n3 crowdshield
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.