Proof of concept code for Datadog Security Labs referenced exploits.
β447Jun 16, 2026Updated 3 weeks ago
Alternatives and similar repositories for security-labs-pocs
Users that are interested in security-labs-pocs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- CVE-2022-21449 Proof of Concept demonstrating its usage with a client running on a vulnerable Java version and a malicious TLS serverβ121Mar 15, 2026Updated 3 months ago
- ποΈ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.β76Aug 22, 2024Updated last year
- Granular, Actionable Adversary Emulation for the Cloudβ2,351Updated this week
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.β619Mar 4, 2021Updated 5 years ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID securityβ178Oct 26, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient β’ AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).β90Jan 28, 2024Updated 2 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRFβ59Sep 20, 2023Updated 2 years ago
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.β344Jun 19, 2026Updated 2 weeks ago
- Detects request smuggling via HTTP/2 downgrades.β94Jul 30, 2022Updated 3 years ago
- β94Sep 18, 2021Updated 4 years ago
- β1,201Sep 2, 2022Updated 3 years ago
- Kubernetes Unhinged Shell πβ46Oct 8, 2022Updated 3 years ago
- β15Oct 25, 2021Updated 4 years ago
- Repository to store exploits created by Assetnotes Security Research teamβ183Nov 7, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer β’ AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Link sources to sinks in C# applications.β151Apr 10, 2023Updated 3 years ago
- π¦π Awesome list of secrets in environment variables π₯οΈβ911Sep 21, 2022Updated 3 years ago
- An Evil OIDC Serverβ53Oct 19, 2022Updated 3 years ago
- Compares and analyzes GCP IAM roles.β78Mar 9, 2025Updated last year
- Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized enβ¦β1,225Feb 3, 2025Updated last year
- Container Excape PoC for CVE-2022-0847 "DirtyPipe"β77Apr 20, 2022Updated 4 years ago
- an Evil Java RMI Registry.β50Feb 8, 2023Updated 3 years ago
- Automating situational awareness for cloud penetration tests.β2,510May 26, 2026Updated last month
- π Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.β430Jun 23, 2026Updated last week
- Deploy open-source AI quickly and easily - Special Bonus Offer β’ AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerabilityβ981Dec 31, 2021Updated 4 years ago
- A Burp Suite Extension for parsing Project Files from the CLI.β94Jan 16, 2026Updated 5 months ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!β1,083Mar 24, 2026Updated 3 months ago
- This repo has been replaced by https://www.cloudvulndb.orgβ724Jun 29, 2022Updated 4 years ago
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizableβ¦β1,790Jun 17, 2026Updated 2 weeks ago
- User enumeration and password spraying tool for testing Azure ADβ71Mar 3, 2022Updated 4 years ago
- A simple tool to audit your AWS/GCP infrastructure for misconfiguration or potential security issues with plugins integrationβ341Jun 18, 2026Updated 2 weeks ago
- Azure Security Resources and Notesβ1,761Feb 17, 2026Updated 4 months ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.β5,262May 19, 2026Updated last month
- 1-Click AI Models by DigitalOcean Gradient β’ AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Tool to check for dependency confusion vulnerabilities in multiple package management systemsβ786Aug 19, 2024Updated last year
- Peirates - Kubernetes Penetration Testing toolβ1,462Jun 14, 2026Updated 3 weeks ago
- SMBeagle - Fileshare auditing tool.β745Nov 4, 2025Updated 8 months ago
- JNDI-Exploitation-KitοΌA modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Sβ¦β941Sep 2, 2025Updated 10 months ago
- Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogicβ308Jan 6, 2023Updated 3 years ago
- Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registrationβ306Jun 26, 2026Updated last week
- A collection of Azure AD/Entra tools for offensive and defensive security purposesβ2,651May 21, 2026Updated last month