vulnerability-scanning

There are 14 repositories under vulnerability-scanning topic.

• scipag / vulscan

  Advanced vulnerability scanning with Nmap NSE

  vulnerabilityvulnerability-scannersvulnerability-detectionvulnerability-identificationvulnerability-assessmentsecuritysecurity-auditsecurity-scannerpenetration-testingnmapnmap-scriptsexploitvulnerability-scanningvulnerability-databasesvulnerability-database-entrynmap-scan-scriptnsensescriptlualua-script
  Language:Lua 3688

• grayddq / GScan

  本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

  securitysecurity-scanningsecurity-toolsvulnerability-scanningauditingsecurity-audit
  Language:Python 2772
• crlfuzz

  dwisiswant0 / crlfuzz

  A fast tool to scan CRLF vulnerability written in Go

  crlf-injectiongolangvulnerability-scanningvulnerability-scannergo
  Language:Go 1488

• topscoder / nuclei-wordfence-cve

  60k+ WordPress Nuclei templates, updated daily from Wordfence intel—filter by severity/tags/CVE and scan in one line. 🚀🔒

  cvenucleinuclei-templateswordfencebugbountyexploitsprojectdiscoverysecuritywordpresspentestingscannervulnerabilityvulnerability-scanningawesome-listcybersecurityethical-hackinghackervulnerability-managementnuclei-scan
  Language:Python 1135

• ivan-sincek / penetration-testing-cheat-sheet

  Work in progress...

  bug-bountyethical-hackingoffensive-securitypenetration-testingred-team-engagementsecuritywebweb-penetration-testingenumerationopen-source-intelligenceosintreconnaissancevulnerability-scanningexploitation
  Language:PHP 770

• olacabs / jackhammer

  Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

  security-vulnerability-assessmentvulnerability-managementstatic-code-analysismobile-securitywebappsecwordpress-securitynetwork-securitysecurity-scannersecuritydynamic-analysissource-code-analysispenetration-testingpenetration-testing-frameworkapplication-securityvulnerability-scannersvulnerability-scanningvulnerability-assessment
  Language:Java 739

• vulscanteam / vulscan

  vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...

  vulscanwebscanpocpocscannerwebscannerpocscanvulnerabilityvulnerability-scannersvulnerability-databasesvulnerability-scanningvulnerability-database-entryexploitation-frameworkexploit-databasesecurity-vulnerabilitysecurity-toolsscanner-web
  Language:Python 629

• SasanLabs / VulnerableApp

  OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.

  owasp-zapvulnerable-applicationlearn-securitytest-vulnerability-scanning-toolsburpsuitepayload-testingpractice-hackingvulnerability-scanningspring-bootjavascriptcsshacktoberfestappsecjavaowaspvulnerability
  Language:Java 351

• bureado / awesome-software-supply-chain-security

  A compilation of resources in the software supply chain security domain, with emphasis on open source

  attestationawesome-listcve-scanningdependenciesdependency-managementdevsecopsoss-compliancepackage-managementreproducible-buildssbomsecurity-vulnerabilitysoftware-composition-analysissoftware-supply-chainsoftware-supply-chain-securitystatic-analysissupply-chain-attackssupply-chain-securityvulnerability-managementvulnerability-scanning
  334

• enlightn / security-checker

  A PHP dependency vulnerabilities scanner based on the Security Advisories Database.

  phpsecuritysecurity-scannervulnerability-scannervulnerability-scanning
  Language:PHP 334

• 0x4D31 / salt-scanner

  Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

  securitysecurity-scannervulnerability-scannersvulnerability-scanningsecurity-toolssecurity-auditpythondevopsdevops-toolssaltstacksalt
  Language:Python 263
• GVM-Docker

  Secure-Compliance-Solutions-LLC / GVM-Docker

  Greenbone Vulnerability Management Docker Image with OpenVAS

  openvasdocker-containerdocker-imagescanningnvtsgvmvulnerability-scannersvulnerabilitiesvulnerabilityvulnerability-scanningvulnerability-managementgreenbonegreenbone-vulnerability-manageropen-sourcecybersecuritycyber-securitygreenbone-vulnerability-managementarchitecturepostgresqldocker
  Language:XSLT 249

• scmanjarrez / CVEScannerV2

  Nmap script that scans for probable vulnerabilities based on services discovered in open ports.

  nmapnmap-scriptnmap-scan-scriptexploit-dbnmap-scanmetasploitvulnerability-scannerssecurity-scannervulnerability-detectionvulnerabilitynsescriptnmap-scriptspenetration-testingvulnerability-scanningvulnerability-identificationvulnerability-databasesexploitsecuritysecurity-auditnse
  Language:Lua 211

• Patrowl / PatrowlHears

  PatrowlHears - Vulnerability Intelligence Center / Exploits

  socvulnerabilitiesvulnerability-detectionexploitsexploits-scriptsautomationpatrowlthreatthreat-intelligencethreatintelthreat-huntingvulnerability-identificationvulnerability-scanningsecopsapicvecvsscpecybersecurityvulnerability-intelligence
  Language:Python 165

• aquasecurity / trivy-vscode-extension

  A VS Code Extension for Trivy

  vscode-extensionvulnerability-scanning
  Language:TypeScript 151
• MixewayHub

  Mixeway / MixewayHub

  Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.

  vulnerability-scanningcicdvulnerability-managementdevsecopsdevsecops-pipelinedocker-composesecurity-orchestratorsecurity-toolssecurity-automationopenvasacunetixfortifycheckmarxdependency-track
  Language:Shell 110

• skerkour / phaser

  Automated attack surface mapper and vulnerability scanner (Work In Progress 🚧)

  securitysecurity-toolssecurity-auditvulnerabilityvulnerability-scannervulnerability-scanningattackoffensive-securityoffensiveinfosecpentestingpentestpentest-toolrustrust-langblack-hatblack-hat-rust
  Language:Rust 88

• mfazrinizar / FazScan

  | FazScan is a Perl program to do some vulnerability scanning and pentesting |

  vulnerability-scannersvulnerability-scannervulnerabilityscannerscanningpentesterpentestingdrupaljoomlawordpressmagentoperldefacementvulnerability-detectionvulnerability-scanningcmsperl6sqlisql-injectioninformation-gathering
  Language:Perl 83

• yangr0 / RVuln

  [ Automated Web Vulnerability Scanner ]

  rustvulnerability-scannersvulnerabilitiesvulnerability-scanninghacking-toolsecuritysecurity-toolsrust-langhackingxssxss-vulnerabilitywebweb-scanner
  Language:Rust 74

• drsh4rky / hacking-with-python

  You guessed well, genius !! This tool is intended for the initiation to ethical hacking with python

  hackinghacking-toolpython-hackinginformation-retrievalvulnerability-scanningcyber-attackcyber-securitycybersecuritypassword-attacksddos-attacksshodannmapscapyeavesdropmitm-attacks
  Language:Python 73

• 0dayInc / pwn

  PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.

  automationreverse-engineeringpenetration-testingfuzzingreconnaissanceweb-securitybugbountysecurity-toolsdevsecopspenetration-testing-frameworksastsecurity-researchvulnerability-scanningartificial-intelligencesdrtelecomhardware-securitytelecom-securityai-agents
  Language:Ruby 67

• Hacking-Notes / VulnScan

  Performing website vulnerability scanning using OpenAI technologie

  ai-securitychatgpthacking-toolvulnerability-scannersvulnerability-scanning
  Language:Python 66
• Recon-X

  Yashvendra / Recon-X

  Advanced Reconnaissance tool to enumerate attacking surface of the target.

  information-gatheringreconnaissancescannerhackertargetwhois-lookupnmapgeoipdnssecurity-toolssecurityvulnerability-scanningtraceroutesubdomains
  Language:Shell 55

• ExpLangcn / SiftScan

  SiftScan 是一个集成资产识别、资产梳理、资产收集、弱点检测、漏洞检测等的工具。它致力于提高红蓝对抗/脆弱性赏金的效率。is a tool that integrates asset identification, asset sorting, asset collection, vulnerability detection, vulnerability detection, etc. It is committed to improving the efficiency of the red-blue confrontation/vulnerability bounty.

  nucleiscanningvulnerability-scanningsiftscanvulnerability-bounty
  51

• infobyte / faraday-cli

  Faraday's Command Line Interface

  faradaydevsecopscommand-linepentestvulnerability-managementvulnerability-scanningdevopssecurity-automationsecurity-pipeline
  Language:Python 51

• paulveillard / cybersecurity-blue-team

  A collection of awesome software, libraries, learning tutorials, documents and books, technical resources and cool stuff about Blue Team in Cybersecurity.

  blueblue-teamcybersecurityvulnerabilitiesvulnerability-scannersvulnerability-identificationvulnerability-researchvulnerability-managementvulnerability-scanningcyber-threat-intelligencecybernetics
  47

• ra1nb0rn / search_vulns

  Search for known vulnerabilities in software using software titles or a CPE 2.3 string

  cvenvdsecuritysecurity-researchexploit-searchexploitdbpentestpentest-toolssecurity-toolsvulnerabilityvulnerability-searchvulnerability-assessmentvulnerability-scanning
  Language:Python 44

• paulveillard / cybersecurity-security-harderning

  A collection of awesome security hardening software, libraries, learning tutorials & documents, e-books, best practices, checklists, benchmarks about hardening in Cybersecurity

  securitysecurity-auditsecurity-hardeningsecurity-hacksos-hardeninglinux-hardeningwindows-hardeningubuntu-hardeningubuntu-sec-toolsamivulnerabilityvulnerability-detectionvulnerability-identificationvulnerability-assessmentvulnerability-scanning
  Language:Shell 37

• anchore / ci-tools

  Contains scripts for running anchore engine in CI pipelines

  anchore-enginedockeranchorevulnerability-scanningimage-scanningcontainer-securityci-tools
  Language:Shell 34

• justakazh / coli

  COLI (Command Orchestration & Logic Interface) – A visual orchestration layer for EWE, built for bug bounty automation. Create and run CLI workflows visually, manage scopes, monitor scans in real-time, and chain tools like subfinder → httpx → nuclei in a single streamlined interface.

  bug-bountybug-bounty-automationbug-bounty-toolsbugbountytipscli-automationpentest-toolsrecon-automationreconnaissancevisual-workflowvulnerability-scanningworkflow-automation
  Language:JavaScript 34

• darvid / nessusbeat

  A Beat that monitors a local Nessus reports directory and outputs scan results to Elasticsearch or Logstash.

  beatbeatselasticbeatselasticsearchlogstashnessusvulnerability-assessmentvulnerability-scannervulnerability-scanning
  Language:Go 31

• Ar0xA / nessus2es

  Send your nessus compliance and vulnerability scan data to ElasticSearch

  elasticsearchnessusnessus-api-pythonelk-stackvulnerabilitycompliancecompliance-testingvulnerability-scanningelk
  Language:Python 28
• actions-exposure

  SecureStackCo / actions-exposure

  A GitHub Action that scans your public web applications after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.

  github-actionssecurityactionsdeploymentdeployment-automationdeployment-pipelinevulnerability-scanningvulnerability-detectionweb-applicationsecrets-detectiondynamic-analysissoftware-composition-analysisweb-vulnerability-scannerweb-vulnerabilitycloud-securitycloud-security-posture-management
  27

• S1N6H / Barcha

  Barcha is your Swiss‑Army knife for SQL Injection reconnaissance 🔍. Written in Go, it automates: Shodan enumeration of SSL hosts 🕵️‍♂️ Liveness & redirect checks (ignores bad certs) 🔄 Automated Ghauri tests for each host 🛡️ SQLite logging of every scan 🔖

  bugbountybugbounty-platformbugbounty-toolbugbounty-toolsbugbountyautomationbugbountyhuntingbugbountytipsbugbountytoolsbugbountytrickspenetration-testingpenetration-testing-frameworkpenetration-testing-toolpenetration-testing-toolsvulnerabilityvulnerability-assessmentvulnerability-detectionvulnerability-managementvulnerability-scannersvulnerability-scanning
  Language:Go 26

• 4xyy / AI-Vuln-Scanner

  An AI-powered web application vulnerability scanner that automates the detection of common security flaws and provides AI-driven insights for impact assessment and remediation suggestions.

  aiautomationcybersecuritypenetration-testingpythonvulnerability-scanningweb-securitycsrfmachine-learningsecurity-toolssql-injectionssrfxss
  Language:Python 25

• ReverseTEN / NucProbe

  Automate Nuclei scans and streamline bug hunting workflows

  bugbountybugbounty-toolsnucleinuclei-templatesvulnerability-scanningautomate-nucleiautomated-scanningnucprobebugbountytipsbugbountytricks
  Language:Shell 21