vulhub

It is an open-source collection of pre-built vulnerable docker environments. The repository contains a variety of vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and more. The environments are designed to be easy to use and require no pre-existing knowledge of...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not specified, but the environments are designed to be vulnerable to various attacks. The probable entry points are not explicitly stated, but the environments are likely to be...

vulhub

It is an offensive tool for Vulnerability Research. The target product/service or framework is a collection of pre-built vulnerable docker environments, including Flask, Apache, Nginx, and Jenkins. The vulnerability class/vector is various, including SSTI Server-Side Template Injection, RCE Remot...

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID is not explicitly mentioned, but the repository contains various vulnerable environments based on Docker-Compose, including ones for CVE-2016-9086, CVE-2013-4547, and CVE-2017-1000353. The target...

vulhub

It is an offensive tool for vulnerable environments. The repository contains a collection of pre-built vulnerable docker environments, allowing users to easily create and test vulnerable environments without requiring prior knowledge of docker. The tool is designed to be user-friendly, with a...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not specified, but the environments are designed to be vulnerable to various attacks. The probable entry points include docker-compose build and run commands. Notable...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability being targeted is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including ones for Flask, Apache, and Jenkins. The target...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability is a Flask SSTI Server-Side Template Injection vulnerability. The target product/service is Flask, a Python web framework. The vulnerability class/vector is SSTI, which allows an attacker to...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID is not specified, but the repository includes various vulnerable environments based on Docker-Compose, such as flask/ssti, httpd/apacheparsingvulnerability, and nginx/nginxparsingvulnerability. The...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability is a Flask SSTI Server-Side Template Injection vulnerability. The target product/service is Flask, a Python web framework. The vulnerability class/vector is SSTI. The probable entry point is the...

vulhub123

It is an offensive tool for web application security training. The target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector is not...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to be vulnerable to various attacks. The probable entry points are not specified, but the environments are likely to be...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to demonstrate various types of vulnerabilities. The probable entry points are the docker-compose files, which define the...

RE:TERNAL - Repo Containing Docker-Compose Files And Setup Scripts Without Having To Clone The Individual Reternal Components

RE:TERNAL is a centralised purple team simulation platform. Reternal uses agents installed on a simulation network to execute various known red-teaming techniques in order to test blue-teaming capabilities. The simulations are mapped to the MITRE ATT&CK framework. This repo contains the compose...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not specified, but the environments are designed to demonstrate various types of vulnerabilities. The probable entry points are not explicitly stated, but the environments are...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an offensive tool for Docker environments. The primary CVE ID is not explicitly mentioned, but the repository contains various vulnerable environments based on Docker-Compose, including CVE-2016-9086 and CVE-2017-1000353. The target product/service or framework is Docker, and the...

vulhub

It is an offensive tool for vulnerable environments. This repository, vulhub, is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to be vulnerable to various attacks. The...

vulhub

This is an open-source collection of pre-built vulnerable docker environments. It is not a single exploit or tool, but rather a collection of vulnerable environments that can be used for testing and training purposes. The target product/service or framework is not explicitly stated, but the...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The target product/service or framework is docker and docker-compose. The vulnerability class/vector is not explicitly stated, but the environments are designed to be vulnerable to various attacks. The probable entry...

Tarnish - A Chrome Extension Static Analysis Tool To Help Aide In Security Reviews

tarnish is a static-analysis tool to aid researchers in security reviews of Chrome extensions. It automates much of the regular grunt work and helps you quickly identify potential security vulnerabilities. This tool accompanies the research blog post which can be found here. If you don't want to ...