vulnerability-research

🎯 Command Injection Payload List

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Attack surface mapping

🦄 A curated list of the awesome resources about the Vulnerability Research

afl-unicorn lets you fuzz any piece of binary that can be emulated by Unicorn Engine.

Subaru StarLink persistent root code execution.

Apache Shiro 反序列化漏洞检测与利用工具

VULNRΞPO - Free vulnerability report generator and repository end-to-end encrypted. Complete templates of issues, CWE, CVE, MITRE ATT&CK, PCI DSS, AES encryption, Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy issues import, Jira export, TXT/HTML/PDF report, attachments, automatic changelog, statistics, vulnerability management.

A collection of my Semgrep rules to facilitate vulnerability research.

Canadian Furious Beaver is a tool for monitoring IRP handler in Windows drivers, and facilitating the process of analyzing, replaying and fuzzing Windows drivers for vulnerabilities

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

VerSprite Security Research

A collection of my Ghidra scripts to facilitate reverse engineering and vulnerability research.

Static Binary Instrumentation tool for Windows x64 executables

Driver Initial Reconnaissance Tool

A project that uses Binary Ninja and GRAKN.AI to perform static analysis on binary files with the goal of identifying bugs in software.

Leveraging CVEs as North Stars in vulnerability discovery and comprehension.

An ever-growing list of resources for data-driven vulnerability assessment and prioritization

A search engine on information delivered by OSINT sources to support Vulnerability Assessment

Local Privilege Escalation Miner