#Cve
Showing 60 of 149 repositories tagged #cve, ranked by stars
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Gather and update all available and newest CVEs with their PoC.
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Open Source Vulnerability Management Platform
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
Malwoverview is a first response tool for threat hunting across VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, IPInfo, Shodan, AbuseIPDB, GreyNoise, URLScan.io, Whois/RDAP, NIST, and VulnCheck. Supports LLM enrichment, IOC extraction, YARA scanning, and Android analysis.
快速搭建各种漏洞环境(Various vulnerability environment)
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
Linux Patch Management & Automation Platform
Vulnerability Intelligence Platform
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
一个基于 docsify 快速部署 Awesome-POC 漏洞文档的项目。Deploying the Awesome-POC repository via docsify.
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
Attack surface mapping
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
SSH-MITM - ssh audits made simple
傻瓜式漏洞PoC测试框架
75k+ WordPress Nuclei templates, updated daily from Wordfence intel—filter by severity/tags/CVE and scan in one line. 🚀🔒
Automatically Collect POC or EXP from GitHub by CVE ID.
Vulnerability Labs for security analysis
WebMap-Nmap Web Dashboard and Reporting
Agent-driven automated CVE discovery platform for source code auditing, vulnerability verification, and report generation.
Production-grade MCP server giving Claude 27 security intelligence tools across 21 APIs — CVE lookup, EPSS scoring, CISA KEV, MITRE ATT&CK, Shodan, VirusTotal, and more.
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
The Correlated CVE Vulnerability And Threat Intelligence Database API
一个开源的、开箱即用的漏洞批量验证框架
Vulnerability (CVE) scanner for Nix/NixOS [maintainer=@henrirosten]
🔪Browser logic vulnerabilities :skull_and_crossbones:
事件驱动的渗透测试扫描器 Event-driven pentest scanner
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
Collection of knowledge about information security
OSINT tool - gets data from services like shodan, censys etc. in one app
汽车/安卓/固件/代码安全测试工具集
Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Fast, developer-friendly JS/TS dependency vulnerability scanner with local lockfile scanning, OSV matching, direct vs transitive visibility, --fix, JSON output, and practical remediation guidance.
这个仓库收集了所有在 GitHub 上能找到的 CVE 漏洞利用工具。 This repository collects all CVE exploits found on GitHub.
A Terminal UI for browsing security vulnerabilities (CVEs)
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
AI-powered subdomain enumeration tool with local LLM analysis via Ollama - 100% private, zero API costs
a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations on decentralized finance
Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
A command-line scanner for batch detection of Next.js application versions and determining if they are affected by CVE-2025-66478 vulnerability.
SOFA | A MacAdmin's Simple Organized Feed for Apple Software Updates
🔍 Github CVE POC 信息监控推送 🚀
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337
Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.
Generate MITRE ATT&CK and D3FEND from a list of CVEs. Database with CVE, CWE, CAPEC, MITRE ATT&CK D3FEND and ATLAS Techniques data is updated daily. Showcased at BlackHat Europe 2025 Arsenal.
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). :rainbow:
SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a web interface.
Hourly updated database of exploit and exploitation reports
Aggregates security advisories from 10 international CERTs daily and provides an AI skill that cross-references alerts against your project's tech stack.
威胁情报-漏洞存储库
python dependency vulnerability scanner, written in Rust.
🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
Independent research white paper by Jon “GainSec” Gaines examining the security posture of a connected public safety technology ecosystem.
Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity