OSS-Fuzz - continuous fuzzing for open source software.

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

快速搭建各种漏洞环境(Various vulnerability environment)

Kubernetes security notes and best practices

All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)

PAKURI has been merged with Python and launched as a new project, PAKURI-THON.

MONARC - Method for an Optimised aNAlysis of Risks by @NC3-LU

Security Research

Collection of CVEs from Sick Codes, or collaborations on https://sick.codes security research & advisories.

A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan

HTTP3-attacks (CVE-2022-30592)

Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]

Making CoreOS' Clair easily work in CI/CD pipelines

Shell scripts to identify and fix installations of xz-utils affected by the CVE-2024-3094 vulnerability. Versions 5.6.0 and 5.6.1 of xz-utils are known to be vulnerable, and this script aids in detecting them and optionally downgrading to a stable, un-compromised version (5.4.6) or upgrading to latest version. Added Ansible Playbook

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

A small and efficient tool to find open redirect vulnerabilities.

Start your journey with Bug Bounty.

This is created for updating Various Viruses, malware, and all! Also new kind for vulnerability and attacks!

💥 This tool is intended for bounty hunters, the script installs and launches the best set of tools for expanding the attack surface, for Web Sites, portals, and Organizations.