Web Security Research Papers.
Cyber security insights and guidance from the frontlines. Read expert perspectives and get all the latest cyber security industry news at the Mandiant blog.
Latest web security & vulnerabilities, product releases, product docs and faq blogs.
PoC auto collect from GitHub. Be careful Malware.
A searchable directory of TLS ciphersuites.
The world's best dynamic repository for security vulnerabilities.
Tenable maintains a list of Common Vulnerabilities and Exposures (CVEs) and their affected products. Tenable augments the data to include related Tenable Plugins that detect each vulnerability. 252428 CVEs are indexed from NVD.
CWE (Common Weakness Enumeration) is a community-developed list of software and hardware weakness types. It serves as a common language, a measuring stick for security tools, and as a baseline for weakness identification, mitigation, and prevention efforts.
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
CVEDetails.com is a vulnerability intelligence solution providing CVE security vulnerability database, exploits, advisories, product and CVE risk scores, attack surface intelligence, open source vulnerabilities, code changes, vulnerabilities affecting your attack surface and software inventory/tech stack. You can view CVE vulnerability details, exploits, references, metasploit modules, full list of vulnerable products and cvss score reports and vulnerability trends over time
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
RTC security Research, talks and tools. We are researchers in cyber-security, continually educating ourselves and developing knowledge and code. By sharing what we learn, we hope to push RTC security forward.
A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities.
The web application vulnerabilities index lists vulnerabilities according to its severity and is classified by the compliance standard it falls under.
Third party vulnerabilities that have been reported by VulnCheck.
Your comprehensive database for CVE exploits from across the internet.
The leading database for open source vulnerabilities and cloud misconfigurations.
Research from Assetnote.
A list of all publicly disclosed vulnerabilities discovered by Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, Trend Micro customers are protected from exploitation by security filters delivered ahead of public disclosure.
Well-documented, relevant, reliably discovered vulnerabilities and dedicated tools for pentesters by our IT security experts. TL;DR - we break things.
0day Today is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals. Our aim is to collect exploits from submittals and various mailing lists and concentrate them in one, easy-to-navigate database. This was written solely for educational purposes. Use it at your own risk. The author will be not responsible for any damage.
Browse all public vulnerabilities.
A blog about vulnerabilities and attacks affecting VoIP and WebRTC applications and infrastructure by Enable Security.
Extremely passionate about Windows exploit development, internals, C, Assembly, or anything low-level.
Kroll specialists regularly publish articles, blogs, studies and books that help our clients better understand the changing business landscape. Browse our featured items below, or search for all recent materials by service, industry or topic.