There are 50 repositories under vulnerability-detection topic.
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Kubescape is a K8s open-source tool providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer and image vulnerabilities scanning.
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Wazuh - The Open Source Security Platform
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Web Application Security Scanner Framework
Advanced vulnerability scanning with Nmap NSE
cve-search - a tool to perform local searches for known vulnerabilities
🔥 🔥 Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more. 🔥 🔥
This repository contains the scanner component for Greenbone Community Edition.
The Offensive Manual Web Application Penetration Testing Framework.
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Safety checks your installed dependencies for known security vulnerabilities
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
:new: The Multi-Tool Web Vulnerability Scanner.
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
grep rough audit - source code auditing tool
Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read
The Correlated CVE Vulnerability And Threat Intelligence Database API
Easy automated vulnerability scanning, reporting and analysis
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Open Source Security Guide
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Detect, analyze and uniquely identify crashes in Windows applications
An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全，具备专业的软件成分分析（SCA）、漏洞检测、专业漏洞库。
Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
NERVE Continuous Vulnerability Scanner
A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner
Wazuh - Docker containers