⚡ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡

基于Pocsuite3、goby编写的漏洞poc&exp存档

Here is some resources about macOS/iOS system security.

[DEPRECATED] Assign Azure Active Directory Identities to Kubernetes applications.

Git All the Payloads! A collection of web attack payloads.

Lock package.json with yarn

Local privilege escalation via PetitPotam (Abusing impersonate privileges).

一个漏洞 PoC 知识库。A knowledge base for vulnerability PoCs(Proof of Concept), with 1k+ vulnerabilities.

A collection of awesome one-liner scripts especially for bug bounty tips.

Developer-friendly incident response with brilliant Slack integration

Demonstrate changes to `package-lock.json` by `npm install`

增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618，CVE-2019-2729检测，Python3支持

PoC exploits for software vulnerabilities

Scans Software Bill of Materials (SBOMs) for security vulnerabilities

Decrypted content of eqgrp-auction-file.tar.xz

Kernel Driver Utility

JQF + Zest: Coverage-guided semantic fuzzing for Java.

Intentionally vulnerable Node.js REST API for benchmarking SAST, SCA, and code quality tools. Contains 30 real, functional issues across Critical/High/Medium/Low severities covering SQL injection, command injection, path traversal, IDOR, hardcoded secrets, and more. Not for production use.

exploit for CVE-2022-2588

Open source vulnerability DB and triage service.