12 Repositories
JavaScript cve-scanning Libraries
POC OF CVE-2022-21970
CVE-2022-21970 Description Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This vulnerability allows an attacker to execute java
CVE-2022-22629 Proof of Concept
CVE-2022-22629 Proof of concept This post is about the poc for the WebGL bug that was patched in Safari 15.4 security updates. If you want to learn in
A community-led token scanner for Replit utilizing its own APIs.
Replit Token Scanner A community-led project that aims to scan published Repls to find secrets and invalidate them. Usage This repo contains the scann
Challenge for you all to prove that CVE-2022–29622 is not false
CVE-2022–29622: (In)vulnerability Analysis This codebase was created to help security professionals and developers to understand why I think Formidabl
Zed Attack Proxy Scripts for finding CVEs and Secrets.
zap-scripts Zed Attack Proxy Scripts for finding CVEs and Secrets. Building This project uses Gradle to build the ZAP add-on, simply run: ./gradlew bu
A quick and easy to use security reconnaissance webapp tool, does OSINT, analysis and red-teaming in both passive and active mode. Written in nodeJS and Electron.
ᵔᴥᵔ RedJoust A quick and easy to use security reconnaissance webapp tool, does OSINT, analysis and red-teaming in both passive and active mode. Writte
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report - Scanmycode Community Edition (CE)
Star it If you like it, please give it a GitHub star/fork/contribute. This will ensure continous development ⭐ TLDR; To install it. Install docker and
LunaSec - Open Source Security Software built by Security Engineers. Scan your dependencies for Log4Shell, or add Data Tokenization to prevent data leaks. Try our live Tokenizer demo: https://app.lunasec.dev
Our Software We're a team of Security Engineers on a mission to make awesome Open Source Application Security tooling. It all lives in this repo. Here
Chrome extension that uses vulnerabilities CVE-2021-33044 and CVE-2021-33045 to log in to Dahua cameras without authentication.
DahuaLoginBypass Chrome extension that uses vulnerability CVE-2021-33044 to log in to Dahua IP cameras and VTH/VTO (video intercom) devices without au
An open letter against Apple's new privacy-invasive client-side content scanning.
Apple Privacy Letter An open letter against Apple's new privacy-invasive client-side content scanning technology. View the letter Sign the letter This
Moodle ( 3.6.2, 3.5.4, 3.4.7, 3.1.16) XSS PoC for Privilege Escalation (Student to Admin)
Moodle CVE-2019-3810 Moodle ( 3.6.2, 3.5.4, 3.4.7, 3.1.16) XSS PoC for Privilege Escalation (Student to Admin). This is one of the past bugs th
Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass
CVE-2021-25735 Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass Set the Vulnerable Environment Let's start with running the scri