Search Results for "cve"
Sort By:
Showing 27 open source projects for "cve"
View related business solutions-
99.99% Uptime for MySQL and PostgreSQL on Google CloudCloud SQL Enterprise Plus gives you a 99.99% availability SLA with near-zero downtime maintenance—typically under 10 seconds. Get 2x better read/write performance, intelligent data caching, and 35 days of point-in-time recovery. Supports MySQL, PostgreSQL, and SQL Server with built-in vector search for gen AI apps. New customers get $300 in free credit.
-
Cut Data Warehouse Costs up to 54% with BigQueryBigQuery delivers up to 54% lower TCO than cloud alternatives. Migrate from legacy or competing warehouses using free BigQuery Migration Service with automated SQL translation. Get serverless scale with no infrastructure to manage, compressed storage, and flexible pricing—pay per query or commit for deeper discounts. New customers get $300 in free credit.
-
1
MySQLTuner
Script written in Perl to assist with MySQL configurations
MySQLTuner is a script written in Perl that will assist you with your MySQL configuration and make recommendations for increased performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions. MySQLTuner supports ~300 indicators for MySQL/MariaDB/Percona Server in this last version. MySQLTuner is maintained and indicator collect is increasing week after week supporting a lot of... -
2
PSI Probe
Advanced manager and monitor for Apache Tomcat
...Generally supported versions for third-party tomcat providers align with their support but earlier versions may still work. It is advisable in every case to use only supported tomcat releases per specific vendor. Our support will only be against non-CVE releases. -
3
K8SGPT
Giving Kubernetes Superpowers to everyone
K8sGPT is a tool for scanning your Kubernetes clusters and diagnosing and triaging issues in simple English. It has SRE experience codified into its analyzers and helps to pull out the most relevant information to enrich it with AI. We have created analyzers that search your Kubernetes cluster for common problems and issues. These analyzers are based on SRE experience and are constantly being updated to keep up with the latest Kubernetes releases. Our ambition is to support multiple... -
4
Flan Scan
A pretty sweet vulnerability scanner
Flan Scan is a lightweight open-source network vulnerability scanner designed to make it easy to detect exposed services, open ports, and associated vulnerabilities across IP ranges or network segments as part of security audit and compliance workflows. It is essentially a thin wrapper around the widely-used Nmap scanner, augmenting it with scripts and tooling that transform raw Nmap output into vulnerability-focused reports that map detected services to known CVEs, making results more... -
Deploy Apps in Seconds with Cloud RunCloud Run is the fastest way to deploy containerized apps. Push your code in Go, Python, Node.js, Java, or any language and Cloud Run builds and deploys it automatically. Get fast autoscaling, pay only when your code runs, and skip the infrastructure headaches. Two million requests free per month. And new customers get $300 in free credit.
-
5
waymap
Waymap is a fast and optimized web vulnerability scanner
...Features Overview Latest Update v5.2.1 New Sql Injection Scanning Module High Accuracy And Less False Positive Access it using: --scan sqli v5.3.1 Added Boolean Based Sqli Testing (OWN LOGIC) High Accuracy, Can Give False Positive Sometimes Access it using: --scan sqli Waymap Features Vulnerability Scanning Modules: SQL Injection (SQLi) Command Injection Server-Side Template Injection (SSTI) Cross-Site Scripting (XSS) with filter bypass payload testing Local File Inclusion (LFI) Open Redirect Carriage Return and Line Feed (CRLF) Cross-Origin Resource Sharing (CORS) Critical and High-Risk Scan Profiles using CVE exploits (32 CVEs: WordPress - 19, Drupal - 4, Joomla - 7, Generic/Others - 2) -
6
Metztli Reiser4
Reiser4 SFRN 4.0.2 /Zstd Debian Trixie minimal install media ISO/USB
Modified Debian netboot with rtw89 WiFi-support install image suitable to be 'burned' onto ~340 MB CD|USB media with command (assuming USB device is at /dev/sdc *else* modify or you risk data loss) at Linux shell: dd if=metztli-reiser4.iso of=/dev/sdc bs=4M; sync Enables native reiser4 create/partition/format of storage media during Debian OS installation—accomplished via Internet. Guided non-expert install defaults to 500MB /boot JFS & reiser4 non-LVM others. Expert... -
7
VcenterKit
Vcenter Comprehensive Penetration and Exploitation Toolkit
VcenterKit is a Python-based toolkit focused on penetration testing and exploitation targeting VMware vCenter environments, giving security researchers and red team professionals a consolidated toolset to assess and exploit known vulnerabilities. The project includes modules that automate the detection and exploitation of specific CVEs (common vulnerabilities and exposures) in vCenter servers, often used to manage virtual infrastructure in enterprise environments. With features tailored... -
8
...Perform an NMAP scan like how Trinity did to hack the grid! try all ports :) 6. Good luck and enjoy the CTF! Learning Pre-Requisites - This VM does not require exploiting a CVE, or use of MetaSploit/Commercial exploit tools. - Requires intermediary knowlege of linux as it is based on Alpine.
-
9
Kernelhub
Kernel privilege escalation vulnerability collection
The original intention of making the project is for, learning, analyzing, and research the latest kernel vulnerabilities are not needed to see the system and related content. This project is a collection of proprietary, except for test failure or unspecified Exp, Demo GIF map. If there is an omission of the omission of CVE vulnerabilities, please join your issues and bring your use of code. Project code is prohibited from testing in a real environment! The reliability of the code is self-verified, and the cause of the fault you have is not responsible. -
Cut Cloud Costs with Google Compute EngineSave on compute costs with Compute Engine. Reduce your batch jobs and workload bill 60-91% with Spot VMs. Compute Engine's committed use offers customers up to 70% savings through sustained use discounts. Plus, you get one free e2-micro VM monthly and $300 credit to start.
-
10
Vision nmap's CPE to CVE conversor
Nmap's XML result parse and NVD's CPE correlation to search CVE.
Nmap's XML result parse and NVD's CPE correlation to search CVE. https://github.com/CoolerVoid/Vision2 -
11
CVE-2021-31166
Remote HTTP.sys use-after-free triggered remotely
This is a proof of concept for CVE-2021-31166 ("HTTP Protocol Stack Remote Code Execution Vulnerability"), a use-after-free dereference in http.sys patched by Microsoft in May 2021. The bug itself happens in http!UlpParseContentCoding where the function has a local LIST_ENTRY and appends an item to it. When it's done, it moves it into the Request structure; but it doesn't NULL out the local list. -
12
CVE is a collaborative virtual environment for education, especially computer science, a combination of a Multiuser Online 3D world and a collaborative integrated development environment.
-
13
phpcs-security-audit v3
A set of PHP_CodeSniffer rules that finds vulnerabilities
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code. It currently has core PHP rules as well as Drupal 7-specific rules. The tool also checks for CVE issues and security advisories related to the CMS/framework. This enables you to follow the versioning of components during static code analysis. The main reason for this project being an extension of PHP_CodeSniffer is to have easy integration into continuous integration systems. It also allows for finding security bugs that are not detected with some object-oriented analysis (such as PHPMD). phpcs-security-audit in its beginning was backed by Pheromone (later on named Floe Design + Technologies) and written by Jonathan Marcil. ... -
14
Sagacity
Security Assessment Data Management and Analysis Tool
We have migrated development of Sagacity to GitHub at https://github.com/cyberperspectives/sagacity Sagacity is a vulnerability assessment and STIG compliance data management tool designed to make security testing more efficient, effective and complete. Security assessments, especially those done for DoD and Federal organizations, produce tremendous amounts of scan and compliance data that security engineers must sort through and deconflict, identify untested requirements, and somehow... -
15
Advanced Persistent Security
Advanced Persistent Threat Security
The architecture of the system is integrated by different Fingerprinting mechanisms. The system is designed from a core that avoids the detection of sdhash and Memory analysis Built-in security, allows anonymous browsing by filtering requests external identification, Exit Tor Nodes and using the TOR Fingerprinting structure The system is designed to navigate without being detected or registered by any search engine or online platform denying all types of response to servers, The... -
16
OWASP JSEC CVE Details is is an opensource application developed in Java that is used to know about details of CVE , current CVE releases and also search exploits and proof of concept. https://www.owasp.org/index.php/OWASP_JSEC_CVE_Details [Features] [+] Fetch Recent CVEs [New Features included in v2.0] [+] Search for vulnerabilities of different platform/application/categories [+] Search CVEs [+] Search POC & Exploits Project/Source Code : http://dibsy.github.io/JSEC_CVE_DETAILS/
-
17
bWAPP
an extremely buggy web app !
bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific... -
18
Linux Exploit Suggester
Linux Exploit Suggester; based on operating system release number
Linux Exploit Suggester is a lightweight Perl script designed to help security testers quickly identify local Linux kernel privilege-escalation candidates by matching the host’s kernel/OS release string against a curated list of known vulnerable versions. It runs uname -r by default (or accepts a manual -k kernel string) and prints a suggestive, human-readable list of possible exploit names, CVEs, and references that match that kernel version. The tool intentionally keeps its logic simple:... -
19
Heartbleed
A checker (site and tool) for CVE-2014-0160
Heartbleed contains a compact, purpose-built implementation for detecting the infamous Heartbleed vulnerability in OpenSSL’s TLS heartbeat extension (CVE-2014-0160). It focuses on demonstrating and testing the flaw rather than being a general-purpose security toolkit, which makes the code approachable for learning and auditing. The project illustrates how a malformed heartbeat request could coax vulnerable servers into leaking memory contents, including potentially sensitive data. ... -
20
Java Exploit For Openssl Heartbleed Bug
Client exploit for openssl heartbleed bug written in Java
This is a Java client program that is used to exploit the openssl heartbleed bug. It is based on the quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org). Just run the program as: java -cp "." JavaHeartBleed <host> <port> Example, java -cp "." JavaHeartBleed localhost 443. You are free to distribute and modify the program as per your requirement. For queries/feedback, feel free to drop an e-mail to: saurabhsule82@yahoo.co.in. -
21
SSL Diagnos
SSL Strength Evaluation and Test Utility
SSL Diagnos is used to test SSL strength; get information about SSL protocols (pct, ssl2, ssl3, tls, dtls) and cipher suites. It can also be used for testing and rating ciphers on SSL clients. It has also specific support for pop3s, sip, smtp and explicit ftps. Tests for heartbleed (including dtls). Furthermore a separate tool, SSLPressure, not using openssl can be used to check the whole spectrum of possible SSL protocols on a server. Can also be used for testing ssl for... -
22
Sandi
Sandi Exploit Search Engine
Sandi and open source project for search the exploits from exploit databases ... -
23
cvechecker is an application that allows you to pull in the (latest) CVE entries and match these against your own system. The application attempts to discover the installed versions and lists those that are a potential target for an existing CVE.
-
24
QDCC (Quick and Dirty CVE Checker) is a tool for simply test if a system is affected by some CVE. It could be used on any unix systems that have perl. QDCC already handle Gentoo, Debian and CentOS and could easily handle others systems.
-
25
SQT
A tool that uses stochastic calculus to quantify security
SQT is an open source program written in VB.Net that, implements a novel method for the security quantification of an Information System (IS), a service or a product. This new proposed security metric, is using stochastic calculus in order to provide us with a deterministic and unbiased measurement of the security level of an IS. Because the approach is vulnerability-driven, and for ensuring unbiased results, it uses the National Vulnerability Database.
