[ { "id": 24422837, "name": "bash-cve-2014-6271-fixes", "full_name": "dlitz\/bash-cve-2014-6271-fixes", "owner": { "login": "dlitz", "id": 99377, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99377?v=4", "html_url": "https:\/\/github.com\/dlitz" }, "html_url": "https:\/\/github.com\/dlitz\/bash-cve-2014-6271-fixes", "description": "Collected fixes for bash CVE-2014-6271", "fork": false, "created_at": "2014-09-24T16:26:17Z", "updated_at": "2014-09-24T16:26:17Z", "pushed_at": "2014-09-24T17:38:11Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 24427252, "name": "ansible-bashpocalypse", "full_name": "npm\/ansible-bashpocalypse", "owner": { "login": "npm", "id": 6078720, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6078720?v=4", "html_url": "https:\/\/github.com\/npm" }, "html_url": "https:\/\/github.com\/npm\/ansible-bashpocalypse", "description": "Patch for CVE-2014-6271", "fork": false, "created_at": "2014-09-24T18:27:03Z", "updated_at": "2019-11-15T20:59:42Z", "pushed_at": "2014-09-24T19:03:14Z", "stargazers_count": 6, "watchers_count": 6, "forks_count": 6, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 6, "watchers": 6, "score": 0 }, { "id": 24433228, "name": "patched-bash-4.3", "full_name": "ryancnelson\/patched-bash-4.3", "owner": { "login": "ryancnelson", "id": 347171, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/347171?v=4", "html_url": "https:\/\/github.com\/ryancnelson" }, "html_url": "https:\/\/github.com\/ryancnelson\/patched-bash-4.3", "description": "patched-bash-4.3 for CVE-2014-6271", "fork": false, "created_at": "2014-09-24T21:24:43Z", "updated_at": "2014-09-24T21:32:34Z", "pushed_at": "2014-09-26T23:35:52Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 24437176, "name": "cookbook-bash-CVE-2014-6271", "full_name": "jblaine\/cookbook-bash-CVE-2014-6271", "owner": { "login": "jblaine", "id": 438740, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/438740?v=4", "html_url": "https:\/\/github.com\/jblaine" }, "html_url": "https:\/\/github.com\/jblaine\/cookbook-bash-CVE-2014-6271", "description": "Chef cookbook that will fail if bash vulnerability found per CVE-2014-6271", "fork": false, "created_at": "2014-09-25T00:11:01Z", "updated_at": "2014-09-25T00:13:03Z", "pushed_at": "2014-09-25T12:45:54Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 24438512, "name": "cve-2014-6271-spec", "full_name": "rrreeeyyy\/cve-2014-6271-spec", "owner": { "login": "rrreeeyyy", "id": 2457736, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2457736?v=4", "html_url": "https:\/\/github.com\/rrreeeyyy" }, "html_url": "https:\/\/github.com\/rrreeeyyy\/cve-2014-6271-spec", "description": null, "fork": false, "created_at": "2014-09-25T01:12:04Z", "updated_at": "2014-09-25T01:12:24Z", "pushed_at": "2014-09-25T01:12:24Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 24440225, "name": "shellshock_scanner", "full_name": "scottjpack\/shellshock_scanner", "owner": { "login": "scottjpack", "id": 2293674, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2293674?v=4", "html_url": "https:\/\/github.com\/scottjpack" }, "html_url": "https:\/\/github.com\/scottjpack\/shellshock_scanner", "description": "Python Scanner for \"ShellShock\" (CVE-2014-6271)", "fork": false, "created_at": "2014-09-25T02:15:24Z", "updated_at": "2022-08-01T22:05:04Z", "pushed_at": "2014-09-29T23:22:12Z", "stargazers_count": 44, "watchers_count": 44, "forks_count": 57, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 57, "watchers": 44, "score": 0 }, { "id": 24441140, "name": "Cgi-bin_bash_Reverse", "full_name": "Anklebiter87\/Cgi-bin_bash_Reverse", "owner": { "login": "Anklebiter87", "id": 6879102, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6879102?v=4", "html_url": "https:\/\/github.com\/Anklebiter87" }, "html_url": "https:\/\/github.com\/Anklebiter87\/Cgi-bin_bash_Reverse", "description": "Written fro CVE-2014-6271", "fork": false, "created_at": "2014-09-25T02:47:25Z", "updated_at": "2017-10-30T23:29:58Z", "pushed_at": "2017-10-30T23:30:30Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 3, "watchers": 1, "score": 0 }, { "id": 24446252, "name": "bash-up", "full_name": "justzx2011\/bash-up", "owner": { "login": "justzx2011", "id": 1185865, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1185865?v=4", "html_url": "https:\/\/github.com\/justzx2011" }, "html_url": "https:\/\/github.com\/justzx2011\/bash-up", "description": "a auto script to fix CVE-2014-6271 bash vulnerability", "fork": false, "created_at": "2014-09-25T06:24:18Z", "updated_at": "2014-09-25T06:24:18Z", "pushed_at": "2014-09-25T06:31:08Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 24449282, "name": "CVE-2014-6271", "full_name": "mattclegg\/CVE-2014-6271", "owner": { "login": "mattclegg", "id": 303487, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/303487?v=4", "html_url": "https:\/\/github.com\/mattclegg" }, "html_url": "https:\/\/github.com\/mattclegg\/CVE-2014-6271", "description": null, "fork": false, "created_at": "2014-09-25T08:10:26Z", "updated_at": "2014-09-25T08:27:53Z", "pushed_at": "2014-09-25T08:30:36Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 24451053, "name": "Nessus_CVE-2014-6271_check", "full_name": "ilismal\/Nessus_CVE-2014-6271_check", "owner": { "login": "ilismal", "id": 5867683, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5867683?v=4", "html_url": "https:\/\/github.com\/ilismal" }, "html_url": "https:\/\/github.com\/ilismal\/Nessus_CVE-2014-6271_check", "description": "Quick and dirty nessus .audit file to check is bash is vulnerable to CVE-2014-6271", "fork": false, "created_at": "2014-09-25T09:02:42Z", "updated_at": "2017-03-28T13:33:35Z", "pushed_at": "2017-03-28T13:33:34Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 24457150, "name": "Rainstorm", "full_name": "RainMak3r\/Rainstorm", "owner": { "login": "RainMak3r", "id": 3872733, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3872733?v=4", "html_url": "https:\/\/github.com\/RainMak3r" }, "html_url": "https:\/\/github.com\/RainMak3r\/Rainstorm", "description": "CVE-2014-6271 RCE tool ", "fork": false, "created_at": "2014-09-25T12:28:33Z", "updated_at": "2018-11-16T13:59:04Z", "pushed_at": "2014-09-26T01:09:55Z", "stargazers_count": 2, "watchers_count": 2, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 2, "score": 0 }, { "id": 24457675, "name": "shocknaww", "full_name": "gabemarshall\/shocknaww", "owner": { "login": "gabemarshall", "id": 2541585, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2541585?v=4", "html_url": "https:\/\/github.com\/gabemarshall" }, "html_url": "https:\/\/github.com\/gabemarshall\/shocknaww", "description": "Simple script to check for CVE-2014-6271", "fork": false, "created_at": "2014-09-25T12:46:13Z", "updated_at": "2016-02-20T13:34:31Z", "pushed_at": "2014-09-29T15:53:21Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 1, "score": 0 }, { "id": 24458320, "name": "CVE-2014-6271", "full_name": "woltage\/CVE-2014-6271", "owner": { "login": "woltage", "id": 250504, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/250504?v=4", "html_url": "https:\/\/github.com\/woltage" }, "html_url": "https:\/\/github.com\/woltage\/CVE-2014-6271", "description": null, "fork": false, "created_at": "2014-09-25T13:06:50Z", "updated_at": "2014-09-25T13:11:11Z", "pushed_at": "2014-09-26T05:59:06Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 24465754, "name": "vagrant-shellshock", "full_name": "ariarijp\/vagrant-shellshock", "owner": { "login": "ariarijp", "id": 635649, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/635649?v=4", "html_url": "https:\/\/github.com\/ariarijp" }, "html_url": "https:\/\/github.com\/ariarijp\/vagrant-shellshock", "description": "CVE-2014-6271の検証用Vagrantfileです", "fork": false, "created_at": "2014-09-25T16:19:41Z", "updated_at": "2021-05-13T14:11:03Z", "pushed_at": "2014-09-28T04:25:41Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 24477401, "name": "shellshock", "full_name": "themson\/shellshock", "owner": { "login": "themson", "id": 6145047, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6145047?v=4", "html_url": "https:\/\/github.com\/themson" }, "html_url": "https:\/\/github.com\/themson\/shellshock", "description": "scripts associate with bourne shell EVN function parsing vulnerability CVE-2014-6271", "fork": false, "created_at": "2014-09-25T22:22:40Z", "updated_at": "2016-04-16T03:43:20Z", "pushed_at": "2014-09-27T17:38:07Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 1, "score": 0 }, { "id": 24481523, "name": "BadBash", "full_name": "securusglobal\/BadBash", "owner": { "login": "securusglobal", "id": 709629, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/709629?v=4", "html_url": "https:\/\/github.com\/securusglobal" }, "html_url": "https:\/\/github.com\/securusglobal\/BadBash", "description": "CVE-2014-6271 (ShellShock) RCE PoC tool ", "fork": false, "created_at": "2014-09-26T01:30:14Z", "updated_at": "2020-09-25T16:27:43Z", "pushed_at": "2014-09-26T01:35:34Z", "stargazers_count": 4, "watchers_count": 4, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 4, "score": 0 }, { "id": 24485944, "name": "CVE-2014-6271", "full_name": "villadora\/CVE-2014-6271", "owner": { "login": "villadora", "id": 724998, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/724998?v=4", "html_url": "https:\/\/github.com\/villadora" }, "html_url": "https:\/\/github.com\/villadora\/CVE-2014-6271", "description": "scaner for cve-2014-6271", "fork": false, "created_at": "2014-09-26T04:15:15Z", "updated_at": "2014-09-28T02:16:43Z", "pushed_at": "2014-09-26T04:15:31Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 0, "score": 0 }, { "id": 24495682, "name": "salt-shellshock", "full_name": "APSL\/salt-shellshock", "owner": { "login": "APSL", "id": 469968, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/469968?v=4", "html_url": "https:\/\/github.com\/APSL" }, "html_url": "https:\/\/github.com\/APSL\/salt-shellshock", "description": "Salt recipe for shellshock (CVE-2014-6271)", "fork": false, "created_at": "2014-09-26T10:30:37Z", "updated_at": "2014-09-26T18:01:43Z", "pushed_at": "2014-09-26T11:04:53Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 1, "score": 0 }, { "id": 24504536, "name": "bash-fix-exploit", "full_name": "teedeedubya\/bash-fix-exploit", "owner": { "login": "teedeedubya", "id": 6623145, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6623145?v=4", "html_url": "https:\/\/github.com\/teedeedubya" }, "html_url": "https:\/\/github.com\/teedeedubya\/bash-fix-exploit", "description": "Ansible role to check the CVE-2014-6271 vulnerability", "fork": false, "created_at": "2014-09-26T15:21:10Z", "updated_at": "2014-09-26T15:21:10Z", "pushed_at": "2014-10-13T04:18:49Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 24511712, "name": "debian-lenny-bash_3.2.52-cve-2014-6271", "full_name": "internero\/debian-lenny-bash_3.2.52-cve-2014-6271", "owner": { "login": "internero", "id": 553577, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/553577?v=4", "html_url": "https:\/\/github.com\/internero" }, "html_url": "https:\/\/github.com\/internero\/debian-lenny-bash_3.2.52-cve-2014-6271", "description": "Debian Lenny Bash packages with cve-2014-6271 patches (i386 and amd64)", "fork": false, "created_at": "2014-09-26T18:59:04Z", "updated_at": "2014-09-26T18:59:04Z", "pushed_at": "2014-09-26T19:10:42Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 24543190, "name": "bash-3.2-fixed-CVE-2014-6271", "full_name": "u20024804\/bash-3.2-fixed-CVE-2014-6271", "owner": { "login": "u20024804", "id": 47252, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47252?v=4", "html_url": "https:\/\/github.com\/u20024804" }, "html_url": "https:\/\/github.com\/u20024804\/bash-3.2-fixed-CVE-2014-6271", "description": null, "fork": false, "created_at": "2014-09-27T21:29:23Z", "updated_at": "2014-09-27T22:21:09Z", "pushed_at": "2014-09-27T22:21:05Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 24544128, "name": "bash-4.2-fixed-CVE-2014-6271", "full_name": "u20024804\/bash-4.2-fixed-CVE-2014-6271", "owner": { "login": "u20024804", "id": 47252, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47252?v=4", "html_url": "https:\/\/github.com\/u20024804" }, "html_url": "https:\/\/github.com\/u20024804\/bash-4.2-fixed-CVE-2014-6271", "description": null, "fork": false, "created_at": "2014-09-27T22:22:27Z", "updated_at": "2014-09-27T22:38:34Z", "pushed_at": "2014-09-27T22:38:32Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 24544131, "name": "bash-4.3-fixed-CVE-2014-6271", "full_name": "u20024804\/bash-4.3-fixed-CVE-2014-6271", "owner": { "login": "u20024804", "id": 47252, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47252?v=4", "html_url": "https:\/\/github.com\/u20024804" }, "html_url": "https:\/\/github.com\/u20024804\/bash-4.3-fixed-CVE-2014-6271", "description": null, "fork": false, "created_at": "2014-09-27T22:22:41Z", "updated_at": "2014-09-27T22:58:14Z", "pushed_at": "2014-09-27T22:58:11Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 24549863, "name": "shellshock-cgi", "full_name": "francisck\/shellshock-cgi", "owner": { "login": "francisck", "id": 8943367, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8943367?v=4", "html_url": "https:\/\/github.com\/francisck" }, "html_url": "https:\/\/github.com\/francisck\/shellshock-cgi", "description": "A python script to enumerate CGI scripts vulnerable to CVE-2014-6271 on one specific server", "fork": false, "created_at": "2014-09-28T04:08:07Z", "updated_at": "2022-02-05T11:05:37Z", "pushed_at": "2015-06-19T04:48:17Z", "stargazers_count": 10, "watchers_count": 10, "forks_count": 9, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 9, "watchers": 10, "score": 0 }, { "id": 24566397, "name": "ShellShock-CGI-Scan", "full_name": "proclnas\/ShellShock-CGI-Scan", "owner": { "login": "proclnas", "id": 3154242, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3154242?v=4", "html_url": "https:\/\/github.com\/proclnas" }, "html_url": "https:\/\/github.com\/proclnas\/ShellShock-CGI-Scan", "description": "A script, in C, to check if CGI scripts are vulnerable to CVE-2014-6271 (The Bash Bug)", "fork": false, "created_at": "2014-09-28T18:05:20Z", "updated_at": "2020-04-01T13:28:02Z", "pushed_at": "2014-09-28T17:57:57Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 3, "watchers": 1, "score": 0 }, { "id": 24589519, "name": "RIS", "full_name": "sch3m4\/RIS", "owner": { "login": "sch3m4", "id": 607081, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/607081?v=4", "html_url": "https:\/\/github.com\/sch3m4" }, "html_url": "https:\/\/github.com\/sch3m4\/RIS", "description": "CVE-2014-6271 Remote Interactive Shell - PoC Exploit", "fork": false, "created_at": "2014-09-29T10:06:18Z", "updated_at": "2019-08-13T15:51:47Z", "pushed_at": "2014-09-29T10:09:16Z", "stargazers_count": 2, "watchers_count": 2, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 2, "score": 0 }, { "id": 24595830, "name": "CVE-2014-6271_Test", "full_name": "ryeyao\/CVE-2014-6271_Test", "owner": { "login": "ryeyao", "id": 1586403, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1586403?v=4", "html_url": "https:\/\/github.com\/ryeyao" }, "html_url": "https:\/\/github.com\/ryeyao\/CVE-2014-6271_Test", "description": null, "fork": false, "created_at": "2014-09-29T13:16:08Z", "updated_at": "2014-12-22T09:56:08Z", "pushed_at": "2014-09-29T18:33:11Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0 }, { "id": 24602197, "name": "CGIShell", "full_name": "cj1324\/CGIShell", "owner": { "login": "cj1324", "id": 489649, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/489649?v=4", "html_url": "https:\/\/github.com\/cj1324" }, "html_url": "https:\/\/github.com\/cj1324\/CGIShell", "description": "shellshock CVE-2014-6271 CGI Exploit, Use like Openssh via CGI", "fork": false, "created_at": "2014-09-29T16:02:15Z", "updated_at": "2020-04-07T07:58:34Z", "pushed_at": "2014-10-02T10:36:15Z", "stargazers_count": 14, "watchers_count": 14, "forks_count": 12, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 12, "watchers": 14, "score": 0 }, { "id": 24608575, "name": "puppet-shellshock", "full_name": "renanvicente\/puppet-shellshock", "owner": { "login": "renanvicente", "id": 5564668, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5564668?v=4", "html_url": "https:\/\/github.com\/renanvicente" }, "html_url": "https:\/\/github.com\/renanvicente\/puppet-shellshock", "description": "This module determine the vulnerability of a bash binary to the shellshock exploits (CVE-2014-6271 or CVE-2014-7169) and then patch that where possible", "fork": false, "created_at": "2014-09-29T18:57:38Z", "updated_at": "2020-04-07T07:58:55Z", "pushed_at": "2014-09-29T20:07:14Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 2, "watchers": 1, "score": 0 }, { "id": 24765252, "name": "Shellshock-Vulnerability-Scan", "full_name": "indiandragon\/Shellshock-Vulnerability-Scan", "owner": { "login": "indiandragon", "id": 1708856, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1708856?v=4", "html_url": "https:\/\/github.com\/indiandragon" }, "html_url": "https:\/\/github.com\/indiandragon\/Shellshock-Vulnerability-Scan", "description": "Android app to scan for bash Vulnerability - CVE-2014-6271 also known as Shellshock", "fork": false, "created_at": "2014-10-03T16:22:28Z", "updated_at": "2022-08-27T00:18:03Z", "pushed_at": "2021-08-31T06:14:06Z", "stargazers_count": 10, "watchers_count": 10, "forks_count": 8, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 8, "watchers": 10, "score": 0 }, { "id": 26286804, "name": "pyshellshock", "full_name": "ramnes\/pyshellshock", "owner": { "login": "ramnes", "id": 835072, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/835072?v=4", "html_url": "https:\/\/github.com\/ramnes" }, "html_url": "https:\/\/github.com\/ramnes\/pyshellshock", "description": ":scream: Python library and utility for CVE-2014-6271 (aka. \"shellshock\")", "fork": false, "created_at": "2014-11-06T19:45:54Z", "updated_at": "2018-12-26T07:54:55Z", "pushed_at": "2017-02-04T23:06:48Z", "stargazers_count": 2, "watchers_count": 2, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "python", "security", "security-audit", "security-vulnerability" ], "visibility": "public", "forks": 0, "watchers": 2, "score": 0 }, { "id": 31171880, "name": "shellshocker-python", "full_name": "akiraaisha\/shellshocker-python", "owner": { "login": "akiraaisha", "id": 6212018, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6212018?v=4", "html_url": "https:\/\/github.com\/akiraaisha" }, "html_url": "https:\/\/github.com\/akiraaisha\/shellshocker-python", "description": "This is a Python Application that helps you detect if your machine that run bash is vulnerable by CVE-2014-6271", "fork": false, "created_at": "2015-02-22T17:32:48Z", "updated_at": "2016-09-15T06:06:42Z", "pushed_at": "2015-02-21T13:35:15Z", "stargazers_count": 3, "watchers_count": 3, "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 2, "watchers": 3, "score": 0 }, { "id": 32577814, "name": "shellshock_crawler", "full_name": "352926\/shellshock_crawler", "owner": { "login": "352926", "id": 2149434, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2149434?v=4", "html_url": "https:\/\/github.com\/352926" }, "html_url": "https:\/\/github.com\/352926\/shellshock_crawler", "description": "Using google to scan sites for \"ShellShock\" (CVE-2014-6271)", "fork": false, "created_at": "2015-03-20T10:35:29Z", "updated_at": "2015-03-20T10:35:29Z", "pushed_at": "2014-09-27T04:18:57Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 2, "watchers": 0, "score": 0 }, { "id": 36965942, "name": "cve-2014-6271-mengjia-kong", "full_name": "kelleykong\/cve-2014-6271-mengjia-kong", "owner": { "login": "kelleykong", "id": 6037450, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6037450?v=4", "html_url": "https:\/\/github.com\/kelleykong" }, "html_url": "https:\/\/github.com\/kelleykong\/cve-2014-6271-mengjia-kong", "description": "system reading course", "fork": false, "created_at": "2015-06-06T03:27:24Z", "updated_at": "2015-06-06T03:27:24Z", "pushed_at": "2015-06-06T03:30:34Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 37169826, "name": "cve-2014-6271-huan-lu", "full_name": "huanlu\/cve-2014-6271-huan-lu", "owner": { "login": "huanlu", "id": 7565089, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7565089?v=4", "html_url": "https:\/\/github.com\/huanlu" }, "html_url": "https:\/\/github.com\/huanlu\/cve-2014-6271-huan-lu", "description": "reading course", "fork": false, "created_at": "2015-06-10T02:04:43Z", "updated_at": "2017-10-09T03:28:13Z", "pushed_at": "2015-06-10T02:11:15Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 37593862, "name": "shellshocker-android", "full_name": "sunnyjiang\/shellshocker-android", "owner": { "login": "sunnyjiang", "id": 3793477, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3793477?v=4", "html_url": "https:\/\/github.com\/sunnyjiang" }, "html_url": "https:\/\/github.com\/sunnyjiang\/shellshocker-android", "description": "This is an Android Application that helps you detect if your machine that run bash is vulnerable by CVE-2014-6271", "fork": false, "created_at": "2015-06-17T12:36:49Z", "updated_at": "2017-12-22T21:03:24Z", "pushed_at": "2015-01-28T21:36:24Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 1, "score": 0 }, { "id": 38138919, "name": "ShellShock-CGI-Scan", "full_name": "P0cL4bs\/ShellShock-CGI-Scan", "owner": { "login": "P0cL4bs", "id": 8557864, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8557864?v=4", "html_url": "https:\/\/github.com\/P0cL4bs" }, "html_url": "https:\/\/github.com\/P0cL4bs\/ShellShock-CGI-Scan", "description": "A script, in C, to check if CGI scripts are vulnerable to CVE-2014-6271 (The Bash Bug).", "fork": false, "created_at": "2015-06-26T23:34:01Z", "updated_at": "2022-06-20T12:50:51Z", "pushed_at": "2015-06-26T23:34:33Z", "stargazers_count": 7, "watchers_count": 7, "forks_count": 13, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 13, "watchers": 7, "score": 0 }, { "id": 38941390, "name": "vaas-cve-2014-6271", "full_name": "hmlio\/vaas-cve-2014-6271", "owner": { "login": "hmlio", "id": 11684719, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11684719?v=4", "html_url": "https:\/\/github.com\/hmlio" }, "html_url": "https:\/\/github.com\/hmlio\/vaas-cve-2014-6271", "description": "Vulnerability as a service: showcasing CVS-2014-6271, a.k.a. Shellshock", "fork": false, "created_at": "2015-07-11T21:42:05Z", "updated_at": "2021-03-14T13:05:11Z", "pushed_at": "2019-10-08T09:12:48Z", "stargazers_count": 20, "watchers_count": 20, "forks_count": 8, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 8, "watchers": 20, "score": 0 }, { "id": 75884815, "name": "exploit-CVE-2014-6271", "full_name": "opsxcq\/exploit-CVE-2014-6271", "owner": { "login": "opsxcq", "id": 16995025, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16995025?v=4", "html_url": "https:\/\/github.com\/opsxcq" }, "html_url": "https:\/\/github.com\/opsxcq\/exploit-CVE-2014-6271", "description": "Shellshock exploit + vulnerable environment", "fork": false, "created_at": "2016-12-07T23:38:50Z", "updated_at": "2022-09-10T02:09:56Z", "pushed_at": "2017-10-30T22:46:11Z", "stargazers_count": 138, "watchers_count": 138, "forks_count": 53, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "docker", "docker-image", "exploit", "shellshock", "shellshock-vulnerability", "vulnerable-container" ], "visibility": "public", "forks": 53, "watchers": 138, "score": 0 }, { "id": 80061523, "name": "docker_CVE-2014-6271.", "full_name": "Pilou-Pilou\/docker_CVE-2014-6271.", "owner": { "login": "Pilou-Pilou", "id": 6388024, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6388024?v=4", "html_url": "https:\/\/github.com\/Pilou-Pilou" }, "html_url": "https:\/\/github.com\/Pilou-Pilou\/docker_CVE-2014-6271.", "description": null, "fork": false, "created_at": "2017-01-25T21:51:52Z", "updated_at": "2017-01-25T21:53:34Z", "pushed_at": "2017-01-25T21:56:03Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 89873101, "name": "CVE-2014-6271", "full_name": "zalalov\/CVE-2014-6271", "owner": { "login": "zalalov", "id": 15165282, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15165282?v=4", "html_url": "https:\/\/github.com\/zalalov" }, "html_url": "https:\/\/github.com\/zalalov\/CVE-2014-6271", "description": "Shellshock POC | CVE-2014-6271 | cgi-bin reverse shell", "fork": false, "created_at": "2017-04-30T19:47:00Z", "updated_at": "2022-10-02T18:59:43Z", "pushed_at": "2017-04-30T20:00:27Z", "stargazers_count": 3, "watchers_count": 3, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 3, "score": 0 }, { "id": 107244024, "name": "shellshock-shell", "full_name": "heikipikker\/shellshock-shell", "owner": { "login": "heikipikker", "id": 16557916, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16557916?v=4", "html_url": "https:\/\/github.com\/heikipikker" }, "html_url": "https:\/\/github.com\/heikipikker\/shellshock-shell", "description": "A simple python shell-like exploit for the Shellschok CVE-2014-6271 bug.", "fork": false, "created_at": "2017-10-17T09:04:44Z", "updated_at": "2022-07-21T14:31:17Z", "pushed_at": "2014-11-28T12:10:36Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 111820652, "name": "CVE-2014-6271", "full_name": "0x00-0x00\/CVE-2014-6271", "owner": { "login": "0x00-0x00", "id": 23364530, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4", "html_url": "https:\/\/github.com\/0x00-0x00" }, "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2014-6271", "description": "Shellshock exploitation script that is able to upload and RCE using any vector due to its versatility.", "fork": false, "created_at": "2017-11-23T14:45:22Z", "updated_at": "2022-08-23T14:13:52Z", "pushed_at": "2017-11-23T14:53:58Z", "stargazers_count": 2, "watchers_count": 2, "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 2, "watchers": 2, "score": 0 }, { "id": 132219121, "name": "CVE-2014-6271", "full_name": "kowshik-sundararajan\/CVE-2014-6271", "owner": { "login": "kowshik-sundararajan", "id": 14358565, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14358565?v=4", "html_url": "https:\/\/github.com\/kowshik-sundararajan" }, "html_url": "https:\/\/github.com\/kowshik-sundararajan\/CVE-2014-6271", "description": "CS4238 Computer Security Practices", "fork": false, "created_at": "2018-05-05T05:50:50Z", "updated_at": "2019-09-23T06:47:03Z", "pushed_at": "2018-05-04T07:16:13Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 137775612, "name": "ShockZaum-CVE-2014-6271", "full_name": "w4fz5uck5\/ShockZaum-CVE-2014-6271", "owner": { "login": "w4fz5uck5", "id": 32375656, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32375656?v=4", "html_url": "https:\/\/github.com\/w4fz5uck5" }, "html_url": "https:\/\/github.com\/w4fz5uck5\/ShockZaum-CVE-2014-6271", "description": "Shellshock vulnerability attacker", "fork": false, "created_at": "2018-06-18T16:09:15Z", "updated_at": "2020-10-18T20:27:03Z", "pushed_at": "2018-06-20T14:25:53Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 1, "score": 0 }, { "id": 139251572, "name": "CVE-2014-6271", "full_name": "Aruthw\/CVE-2014-6271", "owner": { "login": "Aruthw", "id": 38236012, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38236012?v=4", "html_url": "https:\/\/github.com\/Aruthw" }, "html_url": "https:\/\/github.com\/Aruthw\/CVE-2014-6271", "description": null, "fork": false, "created_at": "2018-06-30T13:26:20Z", "updated_at": "2018-07-18T13:52:31Z", "pushed_at": "2018-07-18T13:52:30Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 164345621, "name": "cve-2014-6271", "full_name": "cved-sources\/cve-2014-6271", "owner": { "login": "cved-sources", "id": 46423677, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", "html_url": "https:\/\/github.com\/cved-sources" }, "html_url": "https:\/\/github.com\/cved-sources\/cve-2014-6271", "description": "cve-2014-6271", "fork": false, "created_at": "2019-01-06T21:08:32Z", "updated_at": "2021-04-15T21:10:06Z", "pushed_at": "2021-04-15T20:54:28Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 183810840, "name": "exploit-CVE-2014-6271", "full_name": "shawntns\/exploit-CVE-2014-6271", "owner": { "login": "shawntns", "id": 22453528, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22453528?v=4", "html_url": "https:\/\/github.com\/shawntns" }, "html_url": "https:\/\/github.com\/shawntns\/exploit-CVE-2014-6271", "description": null, "fork": false, "created_at": "2019-04-27T18:55:39Z", "updated_at": "2019-04-28T17:16:22Z", "pushed_at": "2019-04-28T17:16:20Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 221209412, "name": "cve-2014-6271", "full_name": "Sindadziy\/cve-2014-6271", "owner": { "login": "Sindadziy", "id": 55396899, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55396899?v=4", "html_url": "https:\/\/github.com\/Sindadziy" }, "html_url": "https:\/\/github.com\/Sindadziy\/cve-2014-6271", "description": null, "fork": false, "created_at": "2019-11-12T12:10:09Z", "updated_at": "2019-11-12T12:16:55Z", "pushed_at": "2019-11-12T12:16:54Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 221470015, "name": "bash-shellshock", "full_name": "wenyu1999\/bash-shellshock", "owner": { "login": "wenyu1999", "id": 55389198, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55389198?v=4", "html_url": "https:\/\/github.com\/wenyu1999" }, "html_url": "https:\/\/github.com\/wenyu1999\/bash-shellshock", "description": "cve-2014-6271", "fork": false, "created_at": "2019-11-13T13:48:51Z", "updated_at": "2019-11-13T13:49:40Z", "pushed_at": "2019-11-13T13:49:38Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 221475763, "name": "CVE-2019-14287-CVE-2014-6271", "full_name": "Sindayifu\/CVE-2019-14287-CVE-2014-6271", "owner": { "login": "Sindayifu", "id": 55397670, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55397670?v=4", "html_url": "https:\/\/github.com\/Sindayifu" }, "html_url": "https:\/\/github.com\/Sindayifu\/CVE-2019-14287-CVE-2014-6271", "description": null, "fork": false, "created_at": "2019-11-13T14:17:19Z", "updated_at": "2021-12-06T02:50:39Z", "pushed_at": "2020-01-08T13:20:00Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 1, "score": 0 }, { "id": 232056169, "name": "CVE-2014-6271", "full_name": "Any3ite\/CVE-2014-6271", "owner": { "login": "Any3ite", "id": 20638313, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20638313?v=4", "html_url": "https:\/\/github.com\/Any3ite" }, "html_url": "https:\/\/github.com\/Any3ite\/CVE-2014-6271", "description": null, "fork": false, "created_at": "2020-01-06T08:24:35Z", "updated_at": "2020-01-06T09:45:29Z", "pushed_at": "2020-01-06T08:30:08Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0 }, { "id": 236683250, "name": "Shell-Shock", "full_name": "somhm-solutions\/Shell-Shock", "owner": { "login": "somhm-solutions", "id": 56839517, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56839517?v=4", "html_url": "https:\/\/github.com\/somhm-solutions" }, "html_url": "https:\/\/github.com\/somhm-solutions\/Shell-Shock", "description": "*CVE-2014-6271* Unix Arbitrary Code Execution Exploit commonly know as Shell Shock. Examples, Docs, Incident Response and Vulnerability\/Risk Assessment, and Additional Resources may be dumped here. Enjoy :) --- somhmxxghoul ---", "fork": false, "created_at": "2020-01-28T07:48:46Z", "updated_at": "2020-01-28T07:50:28Z", "pushed_at": "2020-01-28T07:50:26Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 263410214, "name": "CVE-2014-6271-Shellshock-", "full_name": "rashmikadileeshara\/CVE-2014-6271-Shellshock-", "owner": { "login": "rashmikadileeshara", "id": 63233037, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63233037?v=4", "html_url": "https:\/\/github.com\/rashmikadileeshara" }, "html_url": "https:\/\/github.com\/rashmikadileeshara\/CVE-2014-6271-Shellshock-", "description": "This is an individual assignment for secure network programming", "fork": false, "created_at": "2020-05-12T17:51:06Z", "updated_at": "2020-05-12T17:54:13Z", "pushed_at": "2020-05-12T17:54:11Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 263420463, "name": "CVE-2014-6271", "full_name": "Dilith006\/CVE-2014-6271", "owner": { "login": "Dilith006", "id": 53945641, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53945641?v=4", "html_url": "https:\/\/github.com\/Dilith006" }, "html_url": "https:\/\/github.com\/Dilith006\/CVE-2014-6271", "description": null, "fork": false, "created_at": "2020-05-12T18:37:14Z", "updated_at": "2020-05-12T18:39:12Z", "pushed_at": "2020-05-12T18:39:11Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 275136536, "name": "Shellbash-CVE-2014-6271", "full_name": "cyberharsh\/Shellbash-CVE-2014-6271", "owner": { "login": "cyberharsh", "id": 57433814, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57433814?v=4", "html_url": "https:\/\/github.com\/cyberharsh" }, "html_url": "https:\/\/github.com\/cyberharsh\/Shellbash-CVE-2014-6271", "description": null, "fork": false, "created_at": "2020-06-26T11:08:22Z", "updated_at": "2020-08-15T09:54:15Z", "pushed_at": "2020-08-15T09:54:12Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 312164705, "name": "CVE-2014-6271-IPFire", "full_name": "MuirlandOracle\/CVE-2014-6271-IPFire", "owner": { "login": "MuirlandOracle", "id": 58998623, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58998623?v=4", "html_url": "https:\/\/github.com\/MuirlandOracle" }, "html_url": "https:\/\/github.com\/MuirlandOracle\/CVE-2014-6271-IPFire", "description": null, "fork": false, "created_at": "2020-11-12T04:12:55Z", "updated_at": "2021-11-15T09:28:07Z", "pushed_at": "2020-11-25T00:47:14Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 2, "watchers": 1, "score": 0 }, { "id": 389035137, "name": "CVE-2014-6271-Apache-Debian", "full_name": "mochizuki875\/CVE-2014-6271-Apache-Debian", "owner": { "login": "mochizuki875", "id": 37737691, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37737691?v=4", "html_url": "https:\/\/github.com\/mochizuki875" }, "html_url": "https:\/\/github.com\/mochizuki875\/CVE-2014-6271-Apache-Debian", "description": "This Repo is PoC environment of CVE-2014-6271(https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2014-6271).", "fork": false, "created_at": "2021-07-24T07:47:55Z", "updated_at": "2022-03-29T09:27:33Z", "pushed_at": "2021-10-06T17:00:54Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0 }, { "id": 390603767, "name": "CVE-2014-6271", "full_name": "b4keSn4ke\/CVE-2014-6271", "owner": { "login": "b4keSn4ke", "id": 44183775, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44183775?v=4", "html_url": "https:\/\/github.com\/b4keSn4ke" }, "html_url": "https:\/\/github.com\/b4keSn4ke\/CVE-2014-6271", "description": "Shellshock exploit aka CVE-2014-6271", "fork": false, "created_at": "2021-07-29T04:51:43Z", "updated_at": "2022-04-21T12:51:31Z", "pushed_at": "2022-04-01T03:17:09Z", "stargazers_count": 3, "watchers_count": 3, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "apache", "bash", "exploit", "poc", "python", "python3", "rce", "remote-code-execution", "shellshock", "shellshock-vulnerability" ], "visibility": "public", "forks": 0, "watchers": 3, "score": 0 }, { "id": 459666650, "name": "ShellShock", "full_name": "abandonedship\/ShellShock", "owner": { "login": "abandonedship", "id": 84399986, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84399986?v=4", "html_url": "https:\/\/github.com\/abandonedship" }, "html_url": "https:\/\/github.com\/abandonedship\/ShellShock", "description": "Local and Remote scan for shellshock vulnerability for Bash versions lower than 4.3.* [CVE-2014-6271].", "fork": false, "created_at": "2022-02-15T16:48:14Z", "updated_at": "2022-02-15T16:56:11Z", "pushed_at": "2022-01-29T02:17:18Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 476981161, "name": "CVE-2014-6271", "full_name": "akr3ch\/CVE-2014-6271", "owner": { "login": "akr3ch", "id": 97300177, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97300177?v=4", "html_url": "https:\/\/github.com\/akr3ch" }, "html_url": "https:\/\/github.com\/akr3ch\/CVE-2014-6271", "description": "ShellShock interactive-shell exploit", "fork": false, "created_at": "2022-04-02T07:30:31Z", "updated_at": "2022-04-02T07:33:11Z", "pushed_at": "2022-04-02T07:31:35Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "cve-2014-6271", "shellshock", "shellshock-vulnerability" ], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 479846687, "name": "CVE-2014-6271", "full_name": "0xkasra\/CVE-2014-6271", "owner": { "login": "0xkasra", "id": 51972282, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", "html_url": "https:\/\/github.com\/0xkasra" }, "html_url": "https:\/\/github.com\/0xkasra\/CVE-2014-6271", "description": null, "fork": false, "created_at": "2022-04-09T21:24:12Z", "updated_at": "2022-04-09T21:24:47Z", "pushed_at": "2022-04-14T02:56:49Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 499297285, "name": "CVE-2014-6271", "full_name": "trhacknon\/CVE-2014-6271", "owner": { "login": "trhacknon", "id": 98242014, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98242014?v=4", "html_url": "https:\/\/github.com\/trhacknon" }, "html_url": "https:\/\/github.com\/trhacknon\/CVE-2014-6271", "description": null, "fork": false, "created_at": "2022-06-02T21:33:59Z", "updated_at": "2022-09-27T23:17:32Z", "pushed_at": "2022-06-02T21:37:56Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 1, "score": 0 }, { "id": 499301275, "name": "exploit-CVE-2014-6271", "full_name": "trhacknon\/exploit-CVE-2014-6271", "owner": { "login": "trhacknon", "id": 98242014, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98242014?v=4", "html_url": "https:\/\/github.com\/trhacknon" }, "html_url": "https:\/\/github.com\/trhacknon\/exploit-CVE-2014-6271", "description": null, "fork": false, "created_at": "2022-06-02T21:52:52Z", "updated_at": "2022-09-27T23:29:25Z", "pushed_at": "2022-06-02T21:55:37Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 1, "score": 0 }, { "id": 506769957, "name": "cgi-bin-shellshock", "full_name": "Gurguii\/cgi-bin-shellshock", "owner": { "login": "Gurguii", "id": 101645735, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101645735?v=4", "html_url": "https:\/\/github.com\/Gurguii" }, "html_url": "https:\/\/github.com\/Gurguii\/cgi-bin-shellshock", "description": "[Python\/Shell] - Tested in HackTheBox - Shocker (Easy) CVE-2014-6271", "fork": false, "created_at": "2022-06-23T19:42:03Z", "updated_at": "2022-09-07T04:13:27Z", "pushed_at": "2022-08-15T10:22:11Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0 }, { "id": 508072181, "name": "shellshock-victim-host", "full_name": "anujbhan\/shellshock-victim-host", "owner": { "login": "anujbhan", "id": 14915809, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14915809?v=4", "html_url": "https:\/\/github.com\/anujbhan" }, "html_url": "https:\/\/github.com\/anujbhan\/shellshock-victim-host", "description": "A docker container vulnerable to Shellshock - CVE-2014-6271", "fork": false, "created_at": "2022-06-27T21:52:28Z", "updated_at": "2022-06-27T22:06:01Z", "pushed_at": "2022-06-27T22:05:58Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 }, { "id": 525001967, "name": "PenTesting", "full_name": "sidd3009\/PenTesting", "owner": { "login": "sidd3009", "id": 81908523, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81908523?v=4", "html_url": "https:\/\/github.com\/sidd3009" }, "html_url": "https:\/\/github.com\/sidd3009\/PenTesting", "description": "### **Awesome Penetration Testing** [![Links Check](https:\/\/4.bp.blogspot.com\/-_NIGc5XKpSw\/WHt9d7wCXaI\/AAAAAAAAB0o\/OYIv8EWjIoYh44jfxIRSrRYbgrn3MZKEQCLcB\/s1600\/penetration%2Btesting.png)](http:\/\/kalitut.com) [![10 Common Hacking Techniques](http:\/\/img.youtube.com\/vi\/V3CTfJ2ZP7M\/0.jpg)](http:\/\/www.youtube.com\/watch?v=V3CTfJ2ZP7M \"10 Common Hacking Techniques\") A collection of awesome penetration testing resources - [Online Resources](#online-resources) - [Penetration Testing Resources](#penetration-testing-resources) - [Exploit development](#exploit-development) - [Social Engineering Resources](#social-engineering-resources) - [Lock Picking Resources](#lock-picking-resources) - [Tools](#tools) - [Penetration Testing Distributions](#penetration-testing-distributions) - [Basic Penetration Testing Tools](#basic-penetration-testing-tools) - [Docker for Penetration Testing](#docker-for-penetration-testing) - [Vulnerability Scanners](#vulnerability-scanners) - [Network Tools](#network-tools) - [Wireless Network Tools](#wireless-network-tools) - [SSL Analysis Tools](#ssl-analysis-tools) - [Web exploitation](#web-exploitation) - [Hex Editors](#hex-editors) - [Crackers](#crackers) - [Windows Utils](#windows-utils) - [Linux Utils](#linux-utils) - [DDoS Tools](#ddos-tools) - [Social Engineering Tools](#social-engineering-tools) - [OSInt Tools](#osint-tools) - [Anonymity Tools](#anonymity-tools) - [Reverse Engineering Tools](#reverse-engineering-tools) - [CTF Tools](#ctf-tools) - [Books](#books) - [Penetration Testing Books](#penetration-testing-books) - [Hackers Handbook Series](#hackers-handbook-series) - [Defensive Development](#defensive-development) - [Network Analysis Books](#network-analysis-books) - [Reverse Engineering Books](#reverse-engineering-books) - [Malware Analysis Books](#malware-analysis-books) - [Windows Books](#windows-books) - [Social Engineering Books](#social-engineering-books) - [Lock Picking Books](#lock-picking-books) - [Vulnerability Databases](#vulnerability-databases) - [Security Courses](#security-courses) - [Information Security Conferences](#information-security-conferences) - [Information Security Magazines](#information-security-magazines) ### Online Resources #### Penetration Testing Resources * [Metasploit Unleashed](https:\/\/www.offensive-security.com\/metasploit-unleashed\/) - Free Offensive Security Metasploit course * [PTES](http:\/\/www.pentest-standard.org\/) - Penetration Testing Execution Standard * [OWASP](https:\/\/www.owasp.org\/index.php\/Main_Page) - Open Web Application Security Project * [PENTEST-WIKI](https:\/\/github.com\/nixawk\/pentest-wiki) - A free online security knowledge library for pentesters \/ researchers. * [Vulnerability Assessment Framework](http:\/\/www.vulnerabilityassessment.co.uk\/Penetration%20Test.html) - Penetration Testing Framework. * [The Pentesters Framework](https:\/\/github.com\/trustedsec\/ptf) - PTF attempts to install all of your penetration testing tools (latest and greatest), compile them, build them, and make it so that you can install\/update your distribution on any machine. Everything is organized in a fashion that is cohesive to the Penetration Testing Execution Standard (PTES) and eliminates a lot of things that are hardly used. #### Exploit development * [Shellcode Tutorial](http:\/\/www.vividmachines.com\/shellcode\/shellcode.html) - Tutorial on how to write shellcode * [Shellcode Examples](http:\/\/shell-storm.org\/shellcode\/) - Shellcodes database * [Exploit Writing Tutorials](https:\/\/www.corelan.be\/index.php\/2009\/07\/19\/exploit-writing-tutorial-part-1-stack-based-overflows\/) - Tutorials on how to develop exploits * [shellsploit](https:\/\/github.com\/b3mb4m\/shellsploit-framework) - New Generation Exploit Development Kit * [Voltron](https:\/\/github.com\/snare\/voltron) - A hacky debugger UI for hackers #### Social Engineering Resources * [Social Engineering Framework](http:\/\/www.social-engineer.org\/framework\/general-discussion\/) - An information resource for social engineers #### Lock Picking Resources * [Schuyler Towne channel](https:\/\/www.youtube.com\/user\/SchuylerTowne\/) - Lockpicking videos and security talks * [\/r\/lockpicking](https:\/\/www.reddit.com\/r\/lockpicking) - Resources for learning lockpicking, equipment recommendations. ### Tools #### Penetration Testing Distributions * [Kali](https:\/\/www.kali.org\/) - A Linux distribution designed for digital forensics and penetration testing * [ArchStrike](https:\/\/archstrike.org\/) - An Arch Linux repository for security professionals and enthusiasts * [BlackArch](https:\/\/www.blackarch.org\/) - Arch Linux-based distribution for penetration testers and security researchers * [NST](http:\/\/networksecuritytoolkit.org\/) - Network Security Toolkit distribution * [Pentoo](http:\/\/www.pentoo.ch\/) - Security-focused livecd based on Gentoo * [BackBox](https:\/\/backbox.org\/) - Ubuntu-based distribution for penetration tests and security assessments * [Parrot](https:\/\/www.parrotsec.org\/) - A distribution similar to Kali, with multiple architecture * [Fedora Security Lab](https:\/\/labs.fedoraproject.org\/en\/security\/) - Provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies. #### Basic Penetration Testing Tools * [Metasploit Framework](https:\/\/www.metasploit.com\/) - World's most used penetration testing software * [Burp Suite](https:\/\/portswigger.net\/burp\/) - An integrated platform for performing security testing of web applications * [ExploitPack](http:\/\/exploitpack.com\/) - Graphical tool for penetration testing with a bunch of exploits * [BeeF](https:\/\/github.com\/beefproject\/beef) - The Browser Exploitation Framework Project * [faraday](https:\/\/github.com\/infobyte\/faraday) - Collaborative Penetration Test and Vulnerability Management Platform * [evilgrade](https:\/\/github.com\/infobyte\/evilgrade) - The update explotation framework * [commix](https:\/\/github.com\/stasinopoulos\/commix) - Automated All-in-One OS Command Injection and Exploitation Tool * [routersploit](https:\/\/github.com\/reverse-shell\/routersploit) - Automated penetration testing software for router * [redsnarf] (https:\/\/github.com\/nccgroup\/redsnarf) - Post-exploitation tool for grabbing credentials #### Docker for Penetration Testing * `docker pull kalilinux\/kali-linux-docker` [official Kali Linux](https:\/\/hub.docker.com\/r\/kalilinux\/kali-linux-docker\/) * `docker pull owasp\/zap2docker-stable` - [official OWASP ZAP](https:\/\/github.com\/zaproxy\/zaproxy) * `docker pull wpscanteam\/wpscan` - [official WPScan](https:\/\/hub.docker.com\/r\/wpscanteam\/wpscan\/) * `docker pull pandrew\/metasploit` - [docker-metasploit](https:\/\/hub.docker.com\/r\/pandrew\/metasploit\/) * `docker pull citizenstig\/dvwa` - [Damn Vulnerable Web Application (DVWA)](https:\/\/hub.docker.com\/r\/citizenstig\/dvwa\/) * `docker pull wpscanteam\/vulnerablewordpress` - [Vulnerable WordPress Installation](https:\/\/hub.docker.com\/r\/wpscanteam\/vulnerablewordpress\/) * `docker pull hmlio\/vaas-cve-2014-6271` - [Vulnerability as a service: Shellshock](https:\/\/hub.docker.com\/r\/hmlio\/vaas-cve-2014-6271\/) * `docker pull hmlio\/vaas-cve-2014-0160` - [Vulnerability as a service: Heartbleed](https:\/\/hub.docker.com\/r\/hmlio\/vaas-cve-2014-0160\/) * `docker pull opendns\/security-ninjas` - [Security Ninjas](https:\/\/hub.docker.com\/r\/opendns\/security-ninjas\/) * `docker pull diogomonica\/docker-bench-security` - [Docker Bench for Security](https:\/\/hub.docker.com\/r\/diogomonica\/docker-bench-security\/) * `docker pull ismisepaul\/securityshepherd` - [OWASP Security Shepherd](https:\/\/hub.docker.com\/r\/ismisepaul\/securityshepherd\/) * `docker pull danmx\/docker-owasp-webgoat` - [OWASP WebGoat Project docker image](https:\/\/hub.docker.com\/r\/danmx\/docker-owasp-webgoat\/) * `docker-compose build && docker-compose up` - [OWASP NodeGoat](https:\/\/github.com\/owasp\/nodegoat#option-3---run-nodegoat-on-docker) * `docker pull citizenstig\/nowasp` - [OWASP Mutillidae II Web Pen-Test Practice Application](https:\/\/hub.docker.com\/r\/citizenstig\/nowasp\/) * `docker pull bkimminich\/juice-shop` - [OWASP Juice Shop](https:\/\/github.com\/bkimminich\/juice-shop#docker-container--) #### Vulnerability Scanners * [Nexpose](https:\/\/www.rapid7.com\/products\/nexpose\/) - Vulnerability Management & Risk Management Software * [Nessus](http:\/\/www.tenable.com\/products\/nessus-vulnerability-scanner) - Vulnerability, configuration, and compliance assessment * [Nikto](https:\/\/cirt.net\/nikto2) - Web application vulnerability scanner * [OpenVAS](http:\/\/www.openvas.org\/) - Open Source vulnerability scanner and manager * [OWASP Zed Attack Proxy](https:\/\/www.owasp.org\/index.php\/OWASP_Zed_Attack_Proxy_Project) - Penetration testing tool for web applications * [Secapps](https:\/\/secapps.com\/) - Integrated web application security testing environment * [w3af](https:\/\/github.com\/andresriancho\/w3af) - Web application attack and audit framework * [Wapiti](http:\/\/wapiti.sourceforge.net\/) - Web application vulnerability scanner * [WebReaver](http:\/\/www.webreaver.com\/) - Web application vulnerability scanner for Mac OS X * [DVCS Ripper](https:\/\/github.com\/kost\/dvcs-ripper) - Rip web accessible (distributed) version control systems: SVN\/GIT\/HG\/BZR * [arachni](https:\/\/github.com\/Arachni\/arachni) - Web Application Security Scanner Framework #### Network Tools * [nmap](https:\/\/nmap.org\/) - Free Security Scanner For Network Exploration & Security Audits * [pig](https:\/\/github.com\/rafael-santiago\/pig) - A Linux packet crafting tool * [tcpdump\/libpcap](http:\/\/www.tcpdump.org\/) - A common packet analyzer that runs under the command line * [Wireshark](https:\/\/www.wireshark.org\/) - A network protocol analyzer for Unix and Windows * [Network Tools](http:\/\/network-tools.com\/) - Different network tools: ping, lookup, whois, etc * [netsniff-ng](https:\/\/github.com\/netsniff-ng\/netsniff-ng) - A Swiss army knife for for network sniffing * [Intercepter-NG](http:\/\/sniff.su\/) - a multifunctional network toolkit * [SPARTA](http:\/\/sparta.secforce.com\/) - Network Infrastructure Penetration Testing Tool * [dnschef](http:\/\/thesprawl.org\/projects\/dnschef\/) - A highly configurable DNS proxy for pentesters * [DNSDumpster](https:\/\/dnsdumpster.com\/) - Online DNS recon and search service * [dnsenum](https:\/\/github.com\/fwaeytens\/dnsenum\/) - Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results * [dnsmap](https:\/\/github.com\/makefu\/dnsmap\/) - Passive DNS network mapper * [dnsrecon](https:\/\/github.com\/darkoperator\/dnsrecon\/) - DNS Enumeration Script * [dnstracer](http:\/\/www.mavetju.org\/unix\/dnstracer.php) - Determines where a given DNS server gets its information from, and follows the chain of DNS servers * [passivedns-client](https:\/\/github.com\/chrislee35\/passivedns-client) - Provides a library and a query tool for querying several passive DNS providers * [passivedns](https:\/\/github.com\/gamelinux\/passivedns) - A network sniffer that logs all DNS server replies for use in a passive DNS setup * [Mass Scan](https:\/\/github.com\/robertdavidgraham\/masscan) - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. * [Zarp](https:\/\/github.com\/hatRiot\/zarp) - Zarp is a network attack tool centered around the exploitation of local networks * [mitmproxy](https:\/\/github.com\/mitmproxy\/mitmproxy) - An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers * [mallory](https:\/\/github.com\/justmao945\/mallory) - HTTP\/HTTPS proxy over SSH * [Netzob](https:\/\/github.com\/netzob\/netzob) - Reverse engineering, traffic generation and fuzzing of communication protocols * [DET](https:\/\/github.com\/sensepost\/DET) - DET is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time * [pwnat](https:\/\/github.com\/samyk\/pwnat) - punches holes in firewalls and NATs * [dsniff](https:\/\/www.monkey.org\/~dugsong\/dsniff\/) - a collection of tools for network auditing and pentesting * [tgcd](http:\/\/tgcd.sourceforge.net\/) - a simple Unix network utility to extend the accessibility of TCP\/IP based network services beyond firewalls * [smbmap](https:\/\/github.com\/ShawnDEvans\/smbmap) - a handy SMB enumeration tool * [scapy](https:\/\/github.com\/secdev\/scapy) - a python-based interactive packet manipulation program & library * [Dshell](https:\/\/github.com\/USArmyResearchLab\/Dshell) - Network forensic analysis framework * [Debookee (MAC OS X)](http:\/\/www.iwaxx.com\/debookee\/) - Intercept traffic from any device on your network * [Dripcap](https:\/\/github.com\/dripcap\/dripcap) - Caffeinated packet analyzer #### Wireless Network Tools * [Aircrack-ng](http:\/\/www.aircrack-ng.org\/) - a set of tools for auditing wireless network * [Kismet](https:\/\/kismetwireless.net\/) - Wireless network detector, sniffer, and IDS * [Reaver](https:\/\/code.google.com\/archive\/p\/reaver-wps) - Brute force attack against Wifi Protected Setup * [Wifite](https:\/\/github.com\/derv82\/wifite) - Automated wireless attack tool * [wifiphisher](https:\/\/github.com\/sophron\/wifiphisher) - Automated phishing attacks against Wi-Fi networks #### SSL Analysis Tools * [SSLyze](https:\/\/github.com\/nabla-c0d3\/sslyze) - SSL configuration scanner * [sslstrip](https:\/\/www.thoughtcrime.org\/software\/sslstrip\/) - a demonstration of the HTTPS stripping attacks * [sslstrip2](https:\/\/github.com\/LeonardoNve\/sslstrip2) - SSLStrip version to defeat HSTS * [tls_prober](https:\/\/github.com\/WestpointLtd\/tls_prober) - fingerprint a server's SSL\/TLS implementation #### Web exploitation * [WPScan](https:\/\/wpscan.org\/) - Black box WordPress vulnerability scanner * [SQLmap](http:\/\/sqlmap.org\/) - Automatic SQL injection and database takeover tool * [weevely3](https:\/\/github.com\/epinna\/weevely3) - Weaponized web shell * [Wappalyzer](https:\/\/wappalyzer.com\/) - Wappalyzer uncovers the technologies used on websites * [cms-explorer](https:\/\/code.google.com\/archive\/p\/cms-explorer\/) - CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running. * [joomscan](https:\/\/www.owasp.org\/index.php\/Category:OWASP_Joomla_Vulnerability_Scanner_Project) - Joomla CMS scanner * [WhatWeb](https:\/\/github.com\/urbanadventurer\/WhatWeb) - Website Fingerprinter * [BlindElephant](http:\/\/blindelephant.sourceforge.net\/) - Web Application Fingerprinter * [fimap](https:\/\/github.com\/kurobeats\/fimap) - Find, prepare, audit, exploit and even google automatically for LFI\/RFI bugs * [Kadabra](https:\/\/github.com\/D35m0nd142\/Kadabra) - Automatic LFI exploiter and scanner * [Kadimus](https:\/\/github.com\/P0cL4bs\/Kadimus) - LFI scan and exploit tool * [liffy](https:\/\/github.com\/hvqzao\/liffy) - LFI exploitation tool #### Hex Editors * [HexEdit.js](https:\/\/hexed.it) - Browser-based hex editing * [Hexinator](https:\/\/hexinator.com\/) (commercial) - World's finest Hex Editor * [HxD - Freeware Hex Editor and Disk Editor](https:\/\/mh-nexus.de\/en\/hxd\/) #### Crackers * [John the Ripper](http:\/\/www.openwall.com\/john\/) - Fast password cracker * [Online MD5 cracker](http:\/\/www.md5crack.com\/) - Online MD5 hash Cracker * [Hashcat](http:\/\/hashcat.net\/hashcat\/) - The more fast hash cracker * [THC Hydra](http:\/\/sectools.org\/tool\/hydra\/) - Another Great Password Cracker #### Windows Utils * [Sysinternals Suite](https:\/\/technet.microsoft.com\/en-us\/sysinternals\/bb842062) - The Sysinternals Troubleshooting Utilities * [Windows Credentials Editor](http:\/\/www.ampliasecurity.com\/research\/windows-credentials-editor\/) - security tool to list logon sessions and add, change, list and delete associated credentials * [mimikatz](http:\/\/blog.gentilkiwi.com\/mimikatz) - Credentials extraction tool for Windows OS * [PowerSploit](https:\/\/github.com\/PowerShellMafia\/PowerSploit) - A PowerShell Post-Exploitation Framework * [Windows Exploit Suggester](https:\/\/github.com\/GDSSecurity\/Windows-Exploit-Suggester) - Detects potential missing patches on the target * [Responder](https:\/\/github.com\/SpiderLabs\/Responder) - A LLMNR, NBT-NS and MDNS poisoner * [Bloodhound](https:\/\/github.com\/adaptivethreat\/Bloodhound\/wiki) - A graphical Active Directory trust relationship explorer * [Empire](https:\/\/github.com\/PowerShellEmpire\/Empire) - Empire is a pure PowerShell post-exploitation agent * [Fibratus](https:\/\/github.com\/rabbitstack\/fibratus) - Tool for exploration and tracing of the Windows kernel #### Linux Utils * [Linux Exploit Suggester](https:\/\/github.com\/PenturaLabs\/Linux_Exploit_Suggester) - Linux Exploit Suggester; based on operating system release number. #### DDoS Tools * [LOIC](https:\/\/github.com\/NewEraCracker\/LOIC\/) - An open source network stress tool for Windows * [JS LOIC](http:\/\/metacortexsecurity.com\/tools\/anon\/LOIC\/LOICv1.html) - JavaScript in-browser version of LOIC * [T50](https:\/\/sourceforge.net\/projects\/t50\/) - The more fast network stress tool #### Social Engineering Tools * [SET](https:\/\/github.com\/trustedsec\/social-engineer-toolkit) - The Social-Engineer Toolkit from TrustedSec #### OSInt Tools * [Maltego](http:\/\/www.paterva.com\/web7\/) - Proprietary software for open source intelligence and forensics, from Paterva. * [theHarvester](https:\/\/github.com\/laramies\/theHarvester) - E-mail, subdomain and people names harvester * [creepy](https:\/\/github.com\/ilektrojohn\/creepy) - A geolocation OSINT tool * [metagoofil](https:\/\/github.com\/laramies\/metagoofil) - Metadata harvester * [Google Hacking Database](https:\/\/www.exploit-db.com\/google-hacking-database\/) - a database of Google dorks; can be used for recon * [Censys](https:\/\/www.censys.io\/) - Collects data on hosts and websites through daily ZMap and ZGrab scans * [Shodan](https:\/\/www.shodan.io\/) - Shodan is the world's first search engine for Internet-connected devices * [recon-ng](https:\/\/bitbucket.org\/LaNMaSteR53\/recon-ng) - A full-featured Web Reconnaissance framework written in Python * [github-dorks](https:\/\/github.com\/techgaun\/github-dorks) - CLI tool to scan github repos\/organizations for potential sensitive information leak * [vcsmap](https:\/\/github.com\/melvinsh\/vcsmap) - A plugin-based tool to scan public version control systems for sensitive information * [Spiderfoot](http:\/\/www.spiderfoot.net\/) - multi-source OSINT automation tool with a Web UI and report visualizations #### Anonymity Tools * [Tor](https:\/\/www.torproject.org\/) - The free software for enabling onion routing online anonymity * [I2P](https:\/\/geti2p.net\/en\/) - The Invisible Internet Project * [Nipe](https:\/\/github.com\/GouveaHeitor\/nipe) - Script to redirect all traffic from the machine to the Tor network. #### Reverse Engineering Tools * [IDA Pro](https:\/\/www.hex-rays.com\/products\/ida\/) - A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger * [IDA Free](https:\/\/www.hex-rays.com\/products\/ida\/support\/download_freeware.shtml) - The freeware version of IDA v5.0 * [WDK\/WinDbg](https:\/\/msdn.microsoft.com\/en-us\/windows\/hardware\/hh852365.aspx) - Windows Driver Kit and WinDbg * [OllyDbg](http:\/\/www.ollydbg.de\/) - An x86 debugger that emphasizes binary code analysis * [Radare2](http:\/\/rada.re\/r\/index.html) - Opensource, crossplatform reverse engineering framework * [x64_dbg](http:\/\/x64dbg.com\/) - An open-source x64\/x32 debugger for windows * [Immunity Debugger](http:\/\/debugger.immunityinc.com\/) - A powerful new way to write exploits and analyze malware * [Evan's Debugger](http:\/\/www.codef00.com\/projects#debugger) - OllyDbg-like debugger for Linux * [Medusa disassembler](https:\/\/github.com\/wisk\/medusa) - An open source interactive disassembler * [plasma](https:\/\/github.com\/joelpx\/plasma) - Interactive disassembler for x86\/ARM\/MIPS. Generates indented pseudo-code with colored syntax code * [peda](https:\/\/github.com\/longld\/peda) - Python Exploit Development Assistance for GDB * [dnSpy](https:\/\/github.com\/0xd4d\/dnSpy) - dnSpy is a tool to reverse engineer .NET assemblies #### CTF Tools * [Pwntools](https:\/\/github.com\/Gallopsled\/pwntools) - CTF framework for use in CTFs ### Books #### Penetration Testing Books * [The Art of Exploitation by Jon Erickson, 2008](http:\/\/amzn.to\/2iqhK9S) * [Metasploit: The Penetration Tester's Guide by David Kennedy et al., 2011](http:\/\/amzn.to\/2jl5pUd) * [Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014](http:\/\/amzn.to\/2jMfK8i) * [Rtfm: Red Team Field Manual by Ben Clark, 2014](http:\/\/amzn.to\/2iz9K4Y) * [The Hacker Playbook 2: Practical Guide To Penetration Testing](http:\/\/amzn.to\/2jMdNbU) * [The Basics of Hacking and Penetration Testing by Patrick Engebretson, 2013](http:\/\/amzn.to\/2jMgMkj) * [Professional Penetration Testing by Thomas Wilhelm, 2013](http:\/\/amzn.to\/2jMq9AI) * [Advanced Penetration Testing for Highly-Secured Environments by Lee Allen, 2012](http:\/\/amzn.to\/2jl6GKU) * [Violent Python by TJ O'Connor, 2012](http:\/\/amzn.to\/2jMbTYy) * [Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton et al., 2007](http:\/\/amzn.to\/2izbgDS) * [Black Hat Python: Python Programming for Hackers and Pentesters by Justin Seitz, 2014](http:\/\/amzn.to\/2jl5FCk) * [Penetration Testing: Procedures & Methodologies by EC-Council, 2010](http:\/\/amzn.to\/2izaBmc) * [Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp, 2010](http:\/\/amzn.to\/2izcwqI) * [Advanced Persistent Threat Hacking: The Art and Science of Hacking Any Organization by Tyler Wrightson, 2014](http:\/\/amzn.to\/2iqoyEj) * [Bug Hunter's Diary by Tobias Klein, 2011](http:\/\/amzn.to\/2jkYHO2) #### Hackers Handbook Series * [The Database Hacker's Handbook, David Litchfield et al., 2005](http:\/\/amzn.to\/2jlcqEB) * [The Shellcoders Handbook by Chris Anley et al., 2007](http:\/\/amzn.to\/2iudxwQ) * [The Mac Hacker's Handbook by Charlie Miller & Dino Dai Zovi, 2009](http:\/\/amzn.to\/2jSUpxO) * [The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011](http:\/\/amzn.to\/2jl0rGQ) * [iOS Hackers Handbook by Charlie Miller et al., 2012](http:\/\/amzn.to\/2jMpWO4) * [Android Hackers Handbook by Joshua J. Drake et al., 2014](http:\/\/amzn.to\/2jmN5tg) * [The Browser Hackers Handbook by Wade Alcorn et al., 2014](http:\/\/amzn.to\/2jl9asy) * [The Mobile Application Hackers Handbook by Dominic Chell et al., 2015](http:\/\/amzn.to\/2jMmtz1) * [Car Hacker's Handbook by Craig Smith, 2016](http:\/\/amzn.to\/2jldxnL) #### Defensive Development * [Holistic Info-Sec for Web Developers (Fascicle 0)](http:\/\/amzn.to\/2jmRqwB) * [Holistic Info-Sec for Web Developers (Fascicle 1)](https:\/\/leanpub.com\/holistic-infosec-for-web-developers-fascicle1-vps-network-cloud-webapplications) #### Network Analysis Books * [Nmap Network Scanning by Gordon Fyodor Lyon, 2009](http:\/\/amzn.to\/2izkmAN) * [Practical Packet Analysis by Chris Sanders, 2011](http:\/\/amzn.to\/2jn091H) * [Wireshark Network Analysis by by Laura Chappell & Gerald Combs, 2012](http:\/\/amzn.to\/2jn4DFU) * [Network Forensics: Tracking Hackers through Cyberspace by Sherri Davidoff & Jonathan Ham, 2012](http:\/\/amzn.to\/2izaCXe) #### Reverse Engineering Books * [Reverse Engineering for Beginners by Dennis Yurichev](http:\/\/beginners.re\/) * [Hacking the Xbox by Andrew Huang, 2003](http:\/\/amzn.to\/2iudEbO) * [The IDA Pro Book by Chris Eagle, 2011](http:\/\/amzn.to\/2itYfbI) * [Practical Reverse Engineering by Bruce Dang et al., 2014](http:\/\/amzn.to\/2jMnAyD) * [Gray Hat Hacking The Ethical Hacker's Handbook by Daniel Regalado et al., 2015](http:\/\/amzn.to\/2iua6q7) #### Malware Analysis Books * [Practical Malware Analysis by Michael Sikorski & Andrew Honig, 2012](http:\/\/amzn.to\/2izon8f) * [The Art of Memory Forensics by Michael Hale Ligh et al., 2014](http:\/\/amzn.to\/2iuh1j8) * [Malware Analyst's Cookbook and DVD by Michael Hale Ligh et al., 2010](http:\/\/amzn.to\/2jnag6W) #### Windows Books * [Windows Internals by Mark Russinovich et al., 2012](http:\/\/amzn.to\/2jl4zGJ) #### Social Engineering Books * [The Art of Deception by Kevin D. Mitnick & William L. Simon, 2002](http:\/\/amzn.to\/2jMhgXQ) * [The Art of Intrusion by Kevin D. Mitnick & William L. Simon, 2005](http:\/\/amzn.to\/2jl287p) * [Ghost in the Wires by Kevin D. Mitnick & William L. Simon, 2011](http:\/\/amzn.to\/2izbuuV) * [No Tech Hacking by Johnny Long & Jack Wiles, 2008](http:\/\/amzn.to\/2iudb9G) * [Social Engineering: The Art of Human Hacking by Christopher Hadnagy, 2010](http:\/\/amzn.to\/2iu62WZ) * [Unmasking the Social Engineer: The Human Element of Security by Christopher Hadnagy, 2014](http:\/\/amzn.to\/2izf4W5) * [Social Engineering in IT Security: Tools, Tactics, and Techniques by Sharon Conheady, 2014](http:\/\/amzn.to\/2izlww9) #### Lock Picking Books * [Practical Lock Picking by Deviant Ollam, 2012](http:\/\/amzn.to\/2jmQeJy) * [Keys to the Kingdom by Deviant Ollam, 2012](http:\/\/amzn.to\/2izcvDg) * [CIA Lock Picking Field Operative Training Manual](http:\/\/amzn.to\/2jMrw2c) * [Lock Picking: Detail Overkill by Solomon](https:\/\/www.dropbox.com\/s\/y39ix9u9qpqffct\/Lockpicking%20Detail%20Overkill.pdf?dl=0) * [Eddie the Wire books](https:\/\/www.dropbox.com\/sh\/k3z4dm4vyyojp3o\/AAAIXQuwMmNuCch_StLPUYm-a?dl=0) ### Vulnerability Databases * [NVD](https:\/\/nvd.nist.gov\/) - US National Vulnerability Database * [CERT](https:\/\/www.us-cert.gov\/) - US Computer Emergency Readiness Team * [OSVDB](https:\/\/blog.osvdb.org\/) - Open Sourced Vulnerability Database * [Bugtraq](http:\/\/www.securityfocus.com\/) - Symantec SecurityFocus * [Exploit-DB](https:\/\/www.exploit-db.com\/) - Offensive Security Exploit Database * [Fulldisclosure](http:\/\/seclists.org\/fulldisclosure\/) - Full Disclosure Mailing List * [MS Bulletin](https:\/\/technet.microsoft.com\/en-us\/security\/bulletins) - Microsoft Security Bulletin * [MS Advisory](https:\/\/technet.microsoft.com\/en-us\/security\/advisories) - Microsoft Security Advisories * [Inj3ct0r](http:\/\/www.1337day.com\/) - Inj3ct0r Exploit Database * [Packet Storm](https:\/\/packetstormsecurity.com\/) - Packet Storm Global Security Resource * [SecuriTeam](http:\/\/www.securiteam.com\/) - Securiteam Vulnerability Information * [CXSecurity](http:\/\/cxsecurity.com\/) - CSSecurity Bugtraq List * [Vulnerability Laboratory](http:\/\/www.vulnerability-lab.com\/) - Vulnerability Research Laboratory * [ZDI](http:\/\/www.zerodayinitiative.com\/) - Zero Day Initiative * [Vulners](https:\/\/vulners.com) - Security database of software vulnerabilities ### Security Courses * [Offensive Security Training](https:\/\/www.offensive-security.com\/information-security-training\/) - Training from BackTrack\/Kali developers * [SANS Security Training](http:\/\/www.sans.org\/) - Computer Security Training & Certification * [Open Security Training](http:\/\/opensecuritytraining.info\/) - Training material for computer security classes * [CTF Field Guide](https:\/\/trailofbits.github.io\/ctf\/) - everything you need to win your next CTF competition * [ARIZONA CYBER WARFARE RANGE](http:\/\/azcwr.org\/) - 24x7 live fire exercises for beginners through real world operations; capability for upward progression into the real world of cyber warfare. * [Cybrary](http:\/\/cybrary.it) - Free courses in ethical hacking and advanced penetration testing. Advanced penetration testing courses are based on the book 'Penetration Testing for Highly Secured Enviroments'. * [Computer Security Student](http:\/\/computersecuritystudent.com) - Many free tutorials, great for beginners, $10\/mo membership unlocks all content * [European Union Agency for Network and Information Security](https:\/\/www.enisa.europa.eu\/topics\/trainings-for-cybersecurity-specialists\/online-training-material) - ENISA Cyber Security Training material ### Information Security Conferences * [DEF CON](https:\/\/www.defcon.org\/) - An annual hacker convention in Las Vegas * [Black Hat](http:\/\/www.blackhat.com\/) - An annual security conference in Las Vegas * [BSides](http:\/\/www.securitybsides.com\/) - A framework for organising and holding security conferences * [CCC](https:\/\/events.ccc.de\/congress\/) - An annual meeting of the international hacker scene in Germany * [DerbyCon](https:\/\/www.derbycon.com\/) - An annual hacker conference based in Louisville * [PhreakNIC](http:\/\/phreaknic.info\/) - A technology conference held annually in middle Tennessee * [ShmooCon](http:\/\/shmoocon.org\/) - An annual US east coast hacker convention * [CarolinaCon](http:\/\/www.carolinacon.org\/) - An infosec conference, held annually in North Carolina * [CHCon](https:\/\/chcon.nz) - Christchurch Hacker Con, Only South Island of New Zealand hacker con * [SummerCon](http:\/\/www.summercon.org\/) - One of the oldest hacker conventions, held during Summer * [Hack.lu](https:\/\/2016.hack.lu\/) - An annual conference held in Luxembourg * [HITB](https:\/\/conference.hitb.org\/) - Deep-knowledge security conference held in Malaysia and The Netherlands * [Troopers](https:\/\/www.troopers.de) - Annual international IT Security event with workshops held in Heidelberg, Germany * [Hack3rCon](http:\/\/hack3rcon.org\/) - An annual US hacker conference * [ThotCon](http:\/\/thotcon.org\/) - An annual US hacker conference held in Chicago * [LayerOne](http:\/\/www.layerone.org\/) - An annual US security conference held every spring in Los Angeles * [DeepSec](https:\/\/deepsec.net\/) - Security Conference in Vienna, Austria * [SkyDogCon](http:\/\/www.skydogcon.com\/) - A technology conference in Nashville * [SECUINSIDE](http:\/\/secuinside.com) - Security Conference in [Seoul](https:\/\/en.wikipedia.org\/wiki\/Seoul) * [DefCamp](http:\/\/def.camp\/) - Largest Security Conference in Eastern Europe, held anually in Bucharest, Romania * [AppSecUSA](https:\/\/appsecusa.org\/) - An annual conference organised by OWASP * [BruCON](http:\/\/brucon.org) - An annual security conference in Belgium * [Infosecurity Europe](http:\/\/www.infosecurityeurope.com\/) - Europe's number one information security event, held in London, UK * [Nullcon](http:\/\/nullcon.net\/website\/) - An annual conference in Delhi and Goa, India * [RSA Conference USA](https:\/\/www.rsaconference.com\/) - An annual security conference in San Francisco, California, USA * [Swiss Cyber Storm](https:\/\/www.swisscyberstorm.com\/) - An annual security conference in Lucerne, Switzerland * [Virus Bulletin Conference](https:\/\/www.virusbulletin.com\/conference\/index) - An annual conference going to be held in Denver, USA for 2016 * [Ekoparty](http:\/\/www.ekoparty.org) - Largest Security Conference in Latin America, held annually in Buenos Aires, Argentina * [44Con](https:\/\/44con.com\/) - Annual Security Conference held in London * [BalCCon](https:\/\/www.balccon.org) - Balkan Computer Congress, annualy held in Novi Sad, Serbia * [FSec](http:\/\/fsec.foi.hr) - FSec - Croatian Information Security Gathering in Varaždin, Croatia ### Information Security Magazines * [2600: The Hacker Quarterly](https:\/\/www.2600.com\/Magazine\/DigitalEditions) - An American publication about technology and computer \"underground\" * [Phrack Magazine](http:\/\/www.phrack.org\/) - By far the longest running hacker zine Please have a look at * [Top Hacking Books](http:\/\/www.kalitut.com\/2016\/12\/best-ethical-hacking-books.html) * [Top Reverse Engineering Books](http:\/\/www.kalitut.com\/2017\/01\/Best-reverse-engineering-books.html) * [Top Machine learning Books](http:\/\/www.kalitut.com\/2017\/01\/machine-learning-book.html) * [Top 5 books Programming Books](http:\/\/www.kalitut.com\/2017\/01\/Top-Programming-Books.html) * [Top Java Books](http:\/\/www.kalitut.com\/2017\/01\/Best-Java-Programming-Books.html)", "fork": false, "created_at": "2022-08-15T13:40:44Z", "updated_at": "2022-10-09T13:28:40Z", "pushed_at": "2022-08-15T13:41:52Z", "stargazers_count": 29, "watchers_count": 29, "forks_count": 12, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 12, "watchers": 29, "score": 0 }, { "id": 534601932, "name": "-CVE-2014-6271-Shellshock-Remote-Command-Injection-", "full_name": "FilipStudeny\/-CVE-2014-6271-Shellshock-Remote-Command-Injection-", "owner": { "login": "FilipStudeny", "id": 81091191, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81091191?v=4", "html_url": "https:\/\/github.com\/FilipStudeny" }, "html_url": "https:\/\/github.com\/FilipStudeny\/-CVE-2014-6271-Shellshock-Remote-Command-Injection-", "description": "[CVE-2014-6271] Apache Shellshock Remote Command Injection tool for quick reverse shell and file browsing", "fork": false, "created_at": "2022-09-09T10:44:25Z", "updated_at": "2022-09-09T10:47:31Z", "pushed_at": "2022-09-09T10:48:37Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0 } ]