vulnerability

This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security, vulnerability research, exploit development, reverse engineering, and more. Also check: https://hackertraining.org

training ai exploit hackers hacking artificial-intelligence cybersecurity penetration-testing exploits vulnerability awesome-list hacker vulnerability-management vulnerability-identification vulnerability-assessment ethical-hacking awesome-lists exploit-development ai-security hacking-series

Updated Mar 12, 2026
Jupyter Notebook

chaitin / SafeLine

Star 20.9k

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

security hackers api-gateway captcha firewall waf xss bruteforce self-hosted cybersecurity sql-injection vulnerability application-security web-security cve appsec web-application-firewall http-flood blueteam websecurity

Updated Nov 5, 2025
Go

Hacker0x01 / hacker101

Star 14.4k

Source code for Hacker101.com - a free online web and mobile security class.

education security hacking xss sql-injection vulnerability csrf web-security mobile-security clickjacking hackerone session-fixation hacker101 unchecked-redirects

Updated Feb 22, 2025
SCSS

anchore / grype

Star 11.7k

A vulnerability scanner for container images and filesystems

go docker golang security tool containers static-analysis oci vulnerability vex vulnerabilities hacktoberfest container-image cyclonedx openvex

Updated Mar 17, 2026
Go

chaitin / xray

Star 11.5k

Yi Kuan Chang Ting Zi Yan De Wan Shan De An Quan Ping Gu Gong Ju ,Zhi Chi Chang Jian web An Quan Wen Ti Sao Miao He Zi Ding Yi poc | Shi Yong Zhi Qian Wu Bi Xian Yue Du Wen Dang

security xss poc vulnerability passive-vulnerability-scanner sqlinjection vulnerability-scanner

Updated Oct 29, 2024
Vue

frohoff / ysoserial

Star 8.8k

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

java serialization exploit jvm deserialization gadget poc vulnerability javadeser

Updated Dec 4, 2025
Java

trickest / cve

Star 7.6k

Gather and update all available and newest CVEs with their PoC.

security exploit hacking penetration-testing poc vulnerability infosec pentesting vulnerabilities cve software-security red-team security-tools software-vulnerability software-vulnerabilities latest-cve cve-poc

Updated Mar 17, 2026
HTML

nomi-sec / PoC-in-GitHub

Star 7.6k

PoC auto collect from GitHub. Be careful Malware.

security exploit poc vulnerability cve

Updated Mar 17, 2026

KathanP19 / HowToHunt

Star 7.1k

Collection of methodology and test case for various web vulnerabilities.

tutorials vulnerability bugbounty bugbountytips bughunting-methodology

Updated Jun 25, 2025

infoslack / awesome-web-hacking

Star 6.8k

A list of web application security

security scanner hacking owasp penetration-testing vulnerability web-security pentesting vulnerabilities appsec metasploit web-hacking hacking-tools

Updated Feb 27, 2026

daffainfo / AllAboutBugBounty

Sponsor

Star 6.7k

All about bug bounty (bypasses, payloads, and etc)

security bug hacking penetration-testing vulnerability infosec bugbounty pentest bypass payload payloads reconnaissance bugbountytips

Updated Sep 8, 2023

infobyte / faraday

Star 6.3k

Open Source Vulnerability Management Platform

security devops security-audit collaboration orchestration cybersecurity nmap penetration-testing vulnerability infosec pentesting cve nessus appsec vulnerability-management vulnerability-scanners burpsuite security-automation devsecops continuous-scanning

Updated Feb 13, 2026
Python

LandGrey / SpringBootVulExploit

Star 6.1k

SpringBoot Xiang Guan Lou Dong Xue Xi Zi Liao ,Li Yong Fang Fa He Ji Qiao He Ji ,Hei He An Quan Ping Gu check list

rce vulnerability springboot springcloud springboot-actuator-rce spring-boot-vulnerability spring-vulnerability spring-actuator-vulnerability

Updated Mar 10, 2021
Java

hahwul / dalfox

Sponsor

Star 4.9k

Dalfox is a powerful open-source XSS scanner and utility focused on automation.

golang security xss vulnerability bugbounty xss-scanner xss-detection hacktoberfest devsecops xss-exploit xss-bruteforce cicd-pipeline bugbounty-tool

Updated Mar 17, 2026
Go

gommzystudio / device-activity-tracker

Star 4.8k

A phone number can reveal whether a device is active, in standby or offline (and more). This PoC demonstrates how delivery receipts + RTT timing leak sensitive device-activity patterns. (WhatsApp / Signal)

react nodejs tracking privacy typescript exploit phone-number messenger poc whatsapp vulnerability signal baileys

Updated Dec 31, 2025
TypeScript

greenbone / openvas-scanner

Star 4.5k

This repository contains the scanner component for Greenbone Community Edition.

c scanner vulnerability openvas vulnerability-detection vulnerability-management techops vulnerability-scanners vulnerability-assessment gvm foo greenbone greenbone-vulnerability-management openvas-scanner greenbone-community-edition

Updated Mar 17, 2026
Rust

zhzyker / exphub

Star 4.3k

Exphub[Lou Dong Li Yong Jiao Ben Ku ] Bao Gua Webloigc, Struts2, Tomcat, Nexus, Solr, Jboss, DrupalDe Lou Dong Li Yong Jiao Ben ,Zui Xin Tian Jia CVE-2020-14882, CVE-2020-11444, CVE-2020-10204, CVE-2020-10199, CVE-2020-1938, CVE-2020-2551, CVE-2020-2555, CVE-2020-2883, CVE-2019-17558, CVE-2019-6340

drupal exploit nexus tomcat poc vulnerability webshell exp weblogic getshell cve-2020-1938 cve-2020-2551 cve-2020-2555 cve-2020-10199 cve-2020-10204 cve-2020-2883 cve-2020-11444 cve-2020-5902 cve-2020-14882

Updated Apr 4, 2021
Python

scipag / vulscan

Star 3.7k

Advanced vulnerability scanning with Nmap NSE

security security-audit lua exploit lua-script nmap penetration-testing vulnerability vulnerability-databases vulnerability-detection nse vulnerability-identification vulnerability-scanners security-scanner vulnerability-assessment nmap-scripts nsescript nmap-scan-script vulnerability-scanning vulnerability-database-entry

Updated Feb 6, 2026
Lua

Improve this page

Add a description, image, and links to the vulnerability topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the vulnerability topic, visit your repo's landing page and select "manage topics."

Learn more

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly