vulnerability-scanner

There are 369 repositories under vulnerability-scanner topic.

  • sqlmapproject/sqlmap

    Automatic SQL injection and database takeover tool

    Language:Python35.8k1.1k5.4k6.1k

  • projectdiscovery/nuclei

    Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

    Language:Go25.4k2432.7k2.9k

  • future-architect/vuls

    Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

    Language:Go11.8k3256331.2k
  • xray

    chaitin/xray

    一款长亭自研的完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

    Language:Vue11.3k2084851.9k

  • google/osv-scanner

    Vulnerability scanner written in Go which uses the data provided by https://osv.dev

    Language:Go8k62460478
  • commix

    commixproject/commix

    Automated All-in-One OS Command Injection Exploitation Tool.

    Language:Python5.5k156996901

  • OWASP/Nettacker

    Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

    Language:Python4.6k108253934

  • zan8in/afrog

    A Security Tool for Bug Bounty, Pentest and Red Teaming.

    Language:HTML4.1k47138452

  • almandin/fuxploider

    File upload vulnerability scanner and exploitation tool.

    Language:Python3.3k690520

  • evyatarmeged/Raccoon

    A high performance offensive security tool for reconnaissance and vulnerability scanning

    Language:Python3.3k10839418
  • emba

    e-m-b-a/emba

    EMBA - The firmware security analyzer

    Language:Shell3.2k42321284

  • Qianlitp/crawlergo

    A powerful browser crawler for web vulnerability scanners

    Language:Go3k52133498

  • tr0uble-mAker/POC-bomber

    利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点

    Language:Python2.3k3743386

  • MegaManSec/SSH-Snake

    SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

    Language:Shell2.3k2516218

  • Xyntax/POC-T

    渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

    Language:Python2k9235744

  • skavngr/rapidscan

    :new: The Multi-Tool Web Vulnerability Scanner.

    Language:Python1.9k6939427

  • wagiro/BurpBounty

    Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

    Language:Java1.8k59103341
  • XAttacker

    Moham3dRiahi/XAttacker

    X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

    Language:Perl1.7k1030474

  • KeenSecurityLab/BinAbsInspector

    BinAbsInspector: Vulnerability Scanner for Binaries

    Language:Java1.7k2759243

  • attify/firmware-analysis-toolkit

    Toolkit to emulate firmware and analyse it for security vulnerabilities

    Language:Python1.5k5390276
  • crlfuzz

    dwisiswant0/crlfuzz

    A fast tool to scan CRLF vulnerability written in Go

    Language:Go1.5k1815148

  • s0md3v/Corsy

    CORS Misconfiguration Scanner

    Language:Python1.5k2823188

  • fkie-cad/cwe_checker

    cwe_checker finds vulnerable patterns in binary executables

    Language:Rust1.3k26109137

  • s0md3v/Silver

    Mass scan IPs for vulnerable services

    Language:Python1k2020150

  • RUB-NDS/Terrapin-Scanner

    This repository contains a simple vulnerability scanner for the Terrapin attack present in the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".

    Language:Go983122268

  • CERT-Polska/Artemis

    A modular vulnerability scanner with automatic report generation capabilities.

    Language:Python9681712385

  • lintsinghua/XCodeReviewer

    XCodeReviewer 是一款基于大语言模型(LLM)的智能审计工具,支持 GPT、Claude、Gemini、通义千问、DeepSeek、Ollama 等十余主流 AI 模型。它能够自动检测代码中的安全漏洞、性能问题和代码异味,显著提升代码质量与安全性。XCodeReviewer 支持 GitHub/GitLab 集成,可无缝嵌入 CI/CD 流程,实现自动化代码审查与持续安全保障,同时兼容十多种编程语言,满足多样化项目需求。

    Language:TypeScript86073187

  • R0X4R/Garud

    An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

    Language:Shell7971638176

  • bahaabdelwahed/killshot

    A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

    Language:Ruby728313157

  • attacksurge/ax

    The Distributed Scanning Framework for Everybody! Control Your Infrastructure, Scale Your Scanning-On Your Terms. Easily distribute arbitrary binaries and scripts using any of our nine supported cloud providers!

    Language:Shell659112871

  • chushuai/wscan

    Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.

    Language:Go651153777

  • mergebase/log4j-detector

    A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC

    Language:Java641247698

  • eraser-dev/eraser

    🧹 Cleaning up images from Kubernetes nodes

    Language:Go5711331367
  • HexraysToolbox

    patois/HexraysToolbox

    Hexrays Toolbox - Find code patterns within the Hexrays ctree

    Language:Python47411546

  • zt2/sqli-hunter

    SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

    Language:Ruby4321911127

  • dongfangyuxiao/BurpExtend

    基于Burp插件开发打造渗透测试自动化

    Language:HTML4267178