Vulnerability Research

24 projects

Showing 24 of 24 projects

A software reverse engineering framework for analyzing compiled code across multiple platforms, offering disassembly, decompilation, and scripting.

#software-analysis#disassembly#disassembler

Course materials for a university-level class on vulnerability research, reverse engineering, and binary exploitation.

#wargame#linux-exploitation#cybersecurity-education

Stars6.0k

Forks906

Last commit4 years ago

CSCI 4968C

A university course repository teaching vulnerability research, reverse engineering, and binary exploitation through hands-on labs.

#academic-course#exploit-development#wargame

Stars6.0k

Forks906

Last commit4 years ago

Awesome vehicle security and car hacking

A curated list of resources for learning about vehicle security, car hacking, and automotive tinkering.

#automotive-cybersecurity#can-bus#embedded-security

Stars4.3k

Forks699

Last commit9 days ago

PHPGGCPHP

A library and tool to generate PHP unserialize() payloads for exploiting gadget chains in popular frameworks.

#exploit-development#php-security#gadget-chains

Stars3.8k

Forks551

Last commit8 months ago

awesome-cve-poc

A curated collection of proof-of-concept exploits for Common Vulnerabilities and Exposures (CVEs).

#cve#exploit-development#penetration-testing

Stars3.5k

Forks720

Last commit4 years ago

Android Reports and Resources

A curated collection of disclosed Android security reports from HackerOne and educational resources for vulnerability research.

#exploit-development#mobile-pentesting#android-resource

Stars1.7k

Forks331

Last commit9 months ago

Understanding the basics of Linux Binary ExploitationC

A comprehensive tutorial series on modern Linux binary exploitation techniques, from stack overflows to heap vulnerabilities.

#buffer-overflow#exploit-development#consolidation

A command-line utility for performing hash length extension attacks against vulnerable cryptographic hash functions.

#command-line-tool#penetration-testing#vulnerability-research

Stars1.2k

Forks195

Last commit1 year ago

Awesome Electron.js Hacking

A curated collection of resources for security research, vulnerability discovery, and pentesting of Electron.js applications.

#electronjs#desktop-apps#awesome-list

Stars676

Forks65

Last commit1 year ago

Awesome Bluetooth Security

A curated list of Bluetooth security resources covering vulnerabilities, tools, research, and conference talks for BR/EDR, LE, and Mesh.

#conference-talks#bluetooth-hacking#bluetooth-security

Stars605

Forks60

Last commit8 months ago

CI/CD Attacks

A curated collection of offensive security research, techniques, and tools for attacking CI/CD pipelines and software supply chains.

#cicd#attack-techniques#red-teaming

Stars602

Forks56

Last commit6 days ago

Prototype pollution attack in NodeJS applicationJavaScript

Research presentation and paper analyzing prototype pollution attacks in Node.js, presented at NorthSec 2018.

#prototype-pollution#northsec-2018#vulnerability-research

A binary diffing and patch analysis tool for reverse engineering and vulnerability research.

#binary-diffing#vulnerability-research#security-tools

Stars365

Forks66

Last commit5 years ago

Awesome WebSocket Security

A curated collection of CVEs, research, tools, and resources for WebSocket security testing and vulnerability research.

#fuzzing#websocket-security#penetration-testing

Stars309

Forks32

Last commit4 years ago

CVE-2016-6366Python

An improved exploit implementation for CVE-2016-6366 (EXTRABACON) targeting Cisco ASA devices with extended version support.

#cisco-asa#exploit-development#penetration-testing

Stars163

Forks63

Last commit9 years ago

oneiromancerRust

A reverse engineering assistant that uses a locally running LLM to analyze Hex-Rays pseudocode for improved code understanding.

#pseudocode#pseudo-code#llm

Stars136

Forks13

Last commit6 days ago

haruspexRust

A fast IDA Pro headless plugin that extracts decompiled pseudocode for vulnerability research and static analysis.

#security-tooling#vulnerability-research#binary-analysis

Stars126

Forks9

Last commit7 days ago

rhabdomancerRust

A fast IDA Pro plugin that finds calls to insecure API functions in binaries to aid vulnerability research.

#headless-tool#vulnerability-research#binary-analysis

Stars117

Forks12

Last commit2 days ago

NTFuzzF#

A type-aware kernel fuzzing framework for Windows that uses static binary analysis to infer system call types for more effective fuzzing.

#research-tool#fuzzer#kernel-fuzzer

Stars112

Forks25

Last commit4 years ago

augurRust

A fast IDA Pro headless plugin that extracts strings and related pseudocode from binary files for reverse engineering.

#string-extraction#pseudocode#plugin

Stars111

Forks6

Last commit2 days ago

Log4PotPython

A honeypot that detects and logs exploitation attempts targeting the Log4Shell vulnerability (CVE-2021-44228).

#honeypot#vulnerability-research#python

Stars94

Forks29

Last commit1 year ago

X-Frame-Options: All about Clickjacking?

A repository containing Cure53's security audit reports, white papers, academic publications, and security tools.

#web-security#penetration-testing#vulnerability-research

Stars86

Forks10

Last commit3 years ago

HyperionPython

A collection of security tools, exploits, proof-of-concept code, shellcodes, and scripts for educational purposes.

#educational-resources#penetration-testing#vulnerability-research

Stars73

Forks18

Last commit

Related Tags

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub