vulnerability-detection
There are 677 repositories under vulnerability-detection topic.
aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
projectdiscovery/nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
CISOfy/lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
future-architect/vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
kubescape/kubescape
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
projectdiscovery/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
dependency-check/DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
GhostTroops/scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
deepfence/ThreatMapper
Open Source Cloud Native Application Protection Platform (CNAPP)
greenbone/openvas-scanner
This repository contains the scanner component for Greenbone Community Edition.
Arachni/arachni
Web Application Security Scanner Framework
scipag/vulscan
Advanced vulnerability scanning with Nmap NSE
ysrc/xunfeng
巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
DependencyTrack/dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
cve-search/cve-search
cve-search - a tool to perform local searches for known vulnerabilities
Checkmarx/kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
protectai/vulnhuntr
Zero shot vulnerability discovery using LLMs
anouarbensaad/vulnx
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
skavngr/rapidscan
:new: The Multi-Tool Web Vulnerability Scanner.
pyupio/safety
Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.
0xInfection/TIDoS-Framework
The Offensive Manual Web Application Penetration Testing Framework.
lutfumertceylan/top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
wagiro/BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
murphysecurity/murphysec
An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。
metlo-labs/metlo
Metlo is an open-source API security platform.
Moham3dRiahi/XAttacker
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
wireghoul/graudit
grep rough audit - source code auditing tool
aquasecurity/trivy-operator
Kubernetes-native security toolkit
0xricksanchez/paper_collection
Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read
Lucifer1993/SatanSword
红队综合渗透框架
mikeroyal/Open-Source-Security-Guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
bitquark/shortscan
An IIS short filename enumeration tool
toolswatch/vFeed
The Correlated CVE Vulnerability And Threat Intelligence Database API
CERT-Polska/Artemis
A modular vulnerability scanner with automatic report generation capabilities.
wazuh/wazuh-docker
Wazuh - Docker containers