vulnerability-scanners

There are 940 repositories under vulnerability-scanners topic.

  • aquasecurity/trivy

    Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

    Language:Go28.9k1842.9k2.8k

  • CISOfy/lynis

    Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

    Language:Shell14.7k3489011.5k

  • future-architect/vuls

    Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

    Language:Go11.7k3286301.2k
  • Scanners-Box

    We5ter/Scanners-Box

    A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

    8.6k406442.4k

  • promptfoo/promptfoo

    Test your prompts, agents, and RAGs. AI Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration.

    Language:TypeScript8.4k23985698
  • tfsec

    aquasecurity/tfsec

    Tfsec is now part of Trivy

    Language:Go6.9k700552

  • infobyte/faraday

    Open Source Vulnerability Management Platform

    Language:Python5.9k2544481k

  • GhostTroops/scan4all

    Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

    Language:Go5.9k70107703
  • ThreatMapper

    deepfence/ThreatMapper

    Open Source Cloud Native Application Protection Platform (CNAPP)

    Language:TypeScript5.1k57608629

  • charles2gan/GDA-android-reversing-Tool

    the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc.

    Language:Java4.6k101174552

  • mitchellkrogza/nginx-ultimate-bad-bot-blocker

    Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders

    Language:Shell4.5k135458505

  • OWASP/Nettacker

    Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

    Language:Python4.5k112240911

  • greenbone/openvas-scanner

    This repository contains the scanner component for Greenbone Community Edition.

    Language:Rust4.1k90182708

  • scipag/vulscan

    Advanced vulnerability scanning with Nmap NSE

    Language:Lua3.7k1340687

  • ysrc/xunfeng

    巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。

    Language:Python3.6k1811911.3k

  • deepfence/SecretScanner

    :unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:

    Language:Go3.2k4843336
  • emba

    e-m-b-a/emba

    EMBA - The firmware security analyzer

    Language:Shell3.1k44315275

  • Checkmarx/kics

    Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

    Language:Open Policy Agent2.5k282k341

  • google/osv.dev

    Open source vulnerability DB and triage service.

    Language:Python2k47679225

  • skavngr/rapidscan

    :new: The Multi-Tool Web Vulnerability Scanner.

    Language:Python1.9k6939426
  • safety

    pyupio/safety

    Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.

    Language:Python1.9k32249168

  • Tencent/AI-Infra-Guard

    A.I.G (AI-Infra-Guard) is a comprehensive, intelligent, and easy-to-use AI Red Teaming platform developed by Tencent Zhuque Lab.

    Language:Python1.7k2336190

  • aquasecurity/trivy-operator

    Kubernetes-native security toolkit

    Language:Go1.6k11770247

  • v3n0m-Scanner/V3n0M-Scanner

    Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

    Language:Python1.5k91180413

  • AlisamTechnology/ATSCAN

    Advanced dork Search & Mass Exploit Scanner

    Language:Perl1.5k9456354

  • Lucifer1993/AngelSword

    Python3编写的CMS漏洞检测框架

    Language:Python1.5k5911517

  • jweny/pocassist

    傻瓜式漏洞PoC测试框架

    Language:Go1.4k2949249

  • c0ny1/passive-scan-client

    Burp被动扫描流量转发插件

    Language:Java1.4k1636172

  • Lucifer1993/struts-scan

    Python2编写的struts2漏洞全版本检测和利用工具

    Language:Python1.4k5917502

  • arch3rPro/PentestTools

    Awesome Pentest Tools Collection

    1.4k256305
  • npq

    lirantal/npq

    safely install npm packages by auditing them pre-install stage

    Language:JavaScript1.3k410430

  • Autumn-27/ScopeSentry

    ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes

    Language:Python1.3k14196181

  • 4ra1n/super-xray

    Web漏洞扫描工具XRAY的GUI启动器

    Language:Java1.3k18158150
  • go-dork

    dwisiswant0/go-dork

    The fastest dork scanner written in Go.

    Language:Go1.3k2218130

  • Lucifer1993/SatanSword

    红队综合渗透框架

    Language:Python1.2k186208

  • owasp-dep-scan/dep-scan

    OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

    Language:Python1.2k19195117