security-scanner

There are 431 repositories under security-scanner topic.

  • projectdiscovery/nuclei

    Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

    Language:Go22.7k2472.6k2.6k

  • CISOfy/lynis

    Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

    Language:Shell14k3428761.5k

  • zaproxy/zaproxy

    The ZAP by Checkmarx Core project

    Language:Java13.4k3965.2k2.3k

  • future-architect/vuls

    Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

    Language:Go11.3k3266091.2k

  • wpscanteam/wpscan

    WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com

    Language:Ruby8.9k2681.5k1.3k
  • bandit

    PyCQA/bandit

    Bandit is a tool designed to find common security issues in Python code.

    Language:Python6.9k70666631
  • awesome-shodan-queries

    jakejarvis/awesome-shodan-queries

    🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

    6.2k1899915

  • GhostTroops/scan4all

    Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

    Language:Go5.6k66107679
  • Ladon

    k8gege/Ladon

    Ladon大型内网渗透扫描器,PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)或方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等,大量高危漏洞检测模块MS17010、Zimbra、Exchange

    Language:C#5k8881876

  • microsoft/ApplicationInspector

    A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

    Language:C#4.3k82255359

  • toolswatch/blackhat-arsenal-tools

    Official Black Hat Arsenal Security Tools Repository

    4k339101.1k

  • webhintio/hint

    💡 A hinting engine for the web

    Language:TypeScript3.6k741.8k726

  • scipag/vulscan

    Advanced vulnerability scanning with Nmap NSE

    Language:Lua3.6k1340679

  • evyatarmeged/Raccoon

    A high performance offensive security tool for reconnaissance and vulnerability scanning

    Language:Python3.2k10939411

  • FeeiCN/Cobra

    Source Code Security Audit (源代码安全审计)

    Language:Python3.2k154980952
  • kube-score

    zegl/kube-score

    Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.

    Language:Go2.9k23181182

  • ajinabraham/nodejsscan

    nodejsscan is a static security code scanner for Node.js applications.

    Language:CSS2.5k5787336
  • bearer

    Bearer/bearer

    Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

    Language:Go2.2k22336123
  • sn0int

    kpcyrd/sn0int

    Semi-automatic OSINT framework and package manager

    Language:Rust2.2k41112186

  • codingo/Reconnoitre

    A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

    Language:Python2.2k8853454

  • FeeiCN/GSIL

    GitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)

    Language:Python2.1k6069488

  • skavngr/rapidscan

    :new: The Multi-Tool Web Vulnerability Scanner.

    Language:Python1.8k6939414

  • AV1080p/Hacking-With-Golang

    Golang安全资源合集

    1.8k482349
  • XAttacker

    Moham3dRiahi/XAttacker

    X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

    Language:Perl1.6k1020471
  • inql

    doyensec/inql

    InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

    Language:Kotlin1.6k29107163

  • Adminisme/ServerScan

    ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。

    Language:Go1.6k328221

  • shekyan/slowhttptest

    Application Layer DoS attack simulator

    Language:C++1.5k5565301

  • BishopFox/GitGot

    Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

    Language:Python1.5k4012213

  • ztgrace/changeme

    A default credential scanner.

    Language:Python1.5k6259250

  • denji/golang-tls

    Simple Golang HTTPS/TLS Examples

    1.3k356153

  • fkie-cad/cwe_checker

    cwe_checker finds vulnerable patterns in binary executables

    Language:Rust1.2k27107128

  • adysec/nuclei_poc

    Nuclei POC,每日更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现(已有19w+POC,已校验有效性并去重)

    Language:Python1.1k2304361

  • protofire/solhint

    Solhint is an open-source project to provide a linting utility for Solidity code.

    Language:JavaScript1.1k20278180

  • FeeiCN/ESD

    Enumeration sub domains(枚举子域名)

    Language:Python1.1k2661162

  • WithSecureLabs/doublepulsar-detection-script

    A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

    Language:Python1k8820315

  • Hackmanit/Web-Cache-Vulnerability-Scanner

    Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).

    Language:Go9461717131