ExploitDB
The Exploit Database is a CVE compliant archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. It serves as a repository for exploits and proof-of-concepts, making it a valuable resource for those who need actionable data right away. The database also includes the Google Hacking Database (GHDB), a categorized index of Internet search engine queries designed to uncover interesting and sensitive information made publicly available on the Internet. The GHDB is a valuable resource for penetration testers and vulnerability researchers, providing a collection of search queries that can be used to uncover sensitive information. The database is maintained by OffSec, an information security training company, and is provided as a public service. The Exploit Database and GHDB are essential tools for anyone involved in penetration testing, vulnerability research, or cybersecurity in general.
FEATURES
ALTERNATIVES
A blog post about abusing exported functions and exposed DCOM interfaces for pass-thru command execution and lateral movement
FOCA is a tool used to find metadata and hidden information in scanned documents, with capabilities to analyze various file types and extract EXIF information.
MiniCPS is a framework for Cyber-Physical Systems real-time simulation with support for physical process and control devices simulation, and network emulation.
Very vulnerable ARM/ARM64[AARCH64] application with various levels of vulnerabilities for exploitation training.
A collection of Microsoft PowerShell modules for penetration testing purposes.
XAHICO Web Platform is a cloud-based solution for vulnerability detection, penetration testing, and adversary simulation, accessible through web browsers and suitable for various user levels.
A modular and script-friendly multithread bruteforcer for managing task parameters in Python scripts.
Abusing SCF files to gather user hashes from an unauthenticated writable Windows-based file share.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.