#Vulnerabilities

Showing 60 of 156 repositories tagged #vulnerabilities, ranked by stars

anchore
anchore
grype

A vulnerability scanner for container images and filesystems

Score
83
โ˜… 12.5k โ‘‚ 823 โ€”
Go
google
google
oss-fuzz

OSS-Fuzz - continuous fuzzing for open source software.

Score
100
โ˜… 12.4k โ‘‚ 2.8k +8/day
Shell
future-architect
future-architect
vuls

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Score
100
โ˜… 12.2k โ‘‚ 1.2k +1/day
Go
quay
quay
clair

Vulnerability Static Analysis for Containers

Score
67
โ˜… 11.0k โ‘‚ 1.2k +2/day
Go
edoardottt
edoardottt
awesome-hacker-search-engines

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

Score
99
โ˜… 10.9k โ‘‚ 1.0k +16/day
Shell
trickest
trickest
cve

Gather and update all available and newest CVEs with their PoC.

Score
97
โ˜… 7.9k โ‘‚ 976 +7/day
HTML
six2dez
six2dez
reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Score
98
โ˜… 7.8k โ‘‚ 1.2k +60/day
Shell
presidentbeef
presidentbeef
brakeman

A static analysis security vulnerability scanner for Ruby on Rails applications

Score
96
โ˜… 7.3k โ‘‚ 772 +1/day
Ruby
infoslack
infoslack
awesome-web-hacking

A list of web application security

Score
96
โ˜… 7.0k โ‘‚ 1.3k +6/day
snyk
snyk
cli

Snyk CLI scans and monitors your projects for security vulnerabilities.

Score
95
โ˜… 5.6k โ‘‚ 687 โ€”
TypeScript
google
google
clusterfuzz

Scalable fuzzing infrastructure.

Score
100
โ˜… 5.6k โ‘‚ 620 +3/day
Python
cdk-team
cdk-team
CDK

๐Ÿ“ฆ Make security testing of K8s, Docker, and Containerd easier.

Score
50
โ˜… 4.7k โ‘‚ 604 +3/day
Go
RetireJS
RetireJS
retire.js

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

Score
93
โ˜… 4.2k โ‘‚ 439 +2/day
JavaScript
DependencyTrack
DependencyTrack
dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Score
94
โ˜… 4.0k โ‘‚ 775 +6/day
Java
antonio-morales
antonio-morales
Fuzzing101

An step by step fuzzing tutorial. A GitHub Security Lab initiative

Score
92
โ˜… 3.8k โ‘‚ 422 +3/day
Medicean
Medicean
VulApps

ๅฟซ้€Ÿๆญๅปบๅ„็งๆผๆดž็Žฏๅขƒ(Various vulnerability environment)

Score
80
โ˜… 3.8k โ‘‚ 979 โ€”
Shell
zhzyker
zhzyker
vulmap

Vulmap ๆ˜ฏไธ€ๆฌพ web ๆผๆดžๆ‰ซๆๅ’Œ้ชŒ่ฏๅทฅๅ…ท, ๅฏๅฏน webapps ่ฟ›่กŒๆผๆดžๆ‰ซๆ, ๅนถไธ”ๅ…ทๅค‡ๆผๆดž้ชŒ่ฏๅŠŸ่ƒฝ

Score
76
โ˜… 3.5k โ‘‚ 573 โ€”
Python
lirantal
lirantal
awesome-nodejs-security

Awesome Node.js Security resources

Score
90
โ˜… 3.0k โ‘‚ 294 +1/day
pwndoc
pwndoc
pwndoc

Pentest Report Generator

Score
91
โ˜… 2.9k โ‘‚ 511 +4/day
JavaScript
opencve
opencve
opencve

Vulnerability Intelligence Platform

Score
89
โ˜… 2.8k โ‘‚ 331 +6/day
Python
Bearer
Bearer
bearer

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Score
88
โ˜… 2.7k โ‘‚ 141 +2/day
Go
archerysec
archerysec
archerysec

ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.

Score
70
โ˜… 2.5k โ‘‚ 523 +3/day
JavaScript
jaeles-project
jaeles-project
jaeles

The Swiss Army knife for automated Web Application Testing

Score
33
โ˜… 2.4k โ‘‚ 334 +1/day
Go
crytic
crytic
not-so-smart-contracts

Examples of Solidity security issues

Score
86
โ˜… 2.2k โ‘‚ 360 โ€”
Solidity
skavngr
skavngr
rapidscan

:new: The Multi-Tool Web Vulnerability Scanner.

Score
72
โ˜… 2.1k โ‘‚ 433 +26/day
Python
OWASP
OWASP
NodeGoat

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

Score
100
โ˜… 2.1k โ‘‚ 2.7k โ€”
HTML
lirantal
lirantal
is-website-vulnerable

finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

Score
87
โ˜… 2.0k โ‘‚ 127 โ€”
JavaScript
metlo-labs
metlo-labs
metlo

Metlo is an open-source API security platform.

Score
66
โ˜… 1.8k โ‘‚ 105 โ€”
TypeScript
lirantal
lirantal
npq

safely install npm packages by auditing them pre-install stage

Score
84
โ˜… 1.8k โ‘‚ 41 โ€”
JavaScript
ossf
ossf
cve-bin-tool

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

Score
89
โ˜… 1.7k โ‘‚ 637 +2/day
Python
project-copacetic
project-copacetic
copacetic

๐Ÿงต CLI tool for directly patching container images!

Score
85
โ˜… 1.7k โ‘‚ 121 +14/day
Go
anchore
anchore
anchore-engine

A service that analyzes docker images and scans for vulnerabilities

Score
68
โ˜… 1.6k โ‘‚ 269 โ€”
Python
openclarity
openclarity
openclarity

OpenClarity is an open source platform built to enhance security and observability of cloud native applications and infrastructure

Score
82
โ˜… 1.5k โ‘‚ 173 โ€”
Go
Metarget
Metarget
metarget

Metarget is a framework providing automatic constructions of vulnerable infrastructures.

Score
50
โ˜… 1.4k โ‘‚ 202 +1/day
Python
kaiiyer
kaiiyer
awesome-vulnerable

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

Score
83
โ˜… 1.4k โ‘‚ 221 +10/day
ZupIT
ZupIT
horusec

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

Score
100
โ˜… 1.3k โ‘‚ 217 โ€”
Go
eliasgranderubio
eliasgranderubio
dagda

a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities

Score
61
โ˜… 1.2k โ‘‚ 178 +1/day
Python
lirantal
lirantal
npm-security-best-practices

Collection of npm package manager Security Best Practices

Score
80
โ˜… 1.2k โ‘‚ 43 +2/day
ycdxsb
ycdxsb
PocOrExp_in_Github

Automatically Collect POC or EXP from GitHub by CVE ID.

Score
50
โ˜… 1.2k โ‘‚ 236 โ€”
Python
rustsec
rustsec
advisory-db

Security advisory database for Rust crates published through crates.io

Score
86
โ˜… 1.1k โ‘‚ 498 +1/day
bkerler
bkerler
exploit_me

Very vulnerable ARM/AARCH64 application (CTF style exploitation tutorial with 29 vulnerability techniques)

Score
81
โ˜… 1.1k โ‘‚ 154 โ€”
C++
bloodzer0
bloodzer0
ossa

Open-Source Security Architecture | ๅผ€ๆบๅฎ‰ๅ…จๆžถๆž„

Score
59
โ˜… 942 โ‘‚ 217 โ€”
OWASP
OWASP
railsgoat

A vulnerable version of Rails that follows the OWASP Top 10

Score
82
โ˜… 922 โ‘‚ 820 โ€”
HTML
pedrib
pedrib
PoC

Advisories, proof of concept files and exploits that have been made public by @pedrib.

Score
58
โ˜… 859 โ‘‚ 170 โ€”
Ruby
snyk
snyk
zip-slip-vulnerability

Zip Slip Vulnerability (Arbitrary file write through archive extraction)

Score
60
โ˜… 844 โ‘‚ 130 โ€”
nix-community
nix-community
vulnix

Vulnerability (CVE) scanner for Nix/NixOS [maintainer=@henrirosten]

Score
79
โ˜… 800 โ‘‚ 46 +5/day
Python
FuzzingLabs
FuzzingLabs
secpipe

MCP server for AI-driven security pipelines

Score
77
โ˜… 798 โ‘‚ 95 โ€”
Python
B3nac
B3nac
InjuredAndroid

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

Score
0
โ˜… 755 โ‘‚ 163 โ€”
Kotlin
thesp0nge
thesp0nge
dawnscanner

Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.

Score
51
โ˜… 749 โ‘‚ 84 โ€”
Ruby
kabachook
kabachook
k8s-security

Kubernetes security notes and best practices

Score
50
โ˜… 731 โ‘‚ 76 โ€”
Shell
hardik05
hardik05
Damn_Vulnerable_C_Program

An example C program which contains vulnerable code for common types of vulnerabilities. It can be used to show fuzzing concepts.

Score
100
โ˜… 724 โ‘‚ 188 โ€”
Rust
spencerdodd
spencerdodd
kernelpop

kernel privilege escalation enumeration and exploitation framework

Score
53
โ˜… 706 โ‘‚ 132 โ€”
Python
dependency-check
dependency-check
dependency-check-sonar-plugin

Integrates Dependency-Check reports into SonarQube

Score
71
โ˜… 693 โ‘‚ 146 โ€”
Java
Patrowl
Patrowl
PatrowlManager

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Score
100
โ˜… 637 โ‘‚ 112 โ€”
HTML
sec-bit
sec-bit
awesome-buggy-erc20-tokens

A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected

Score
49
โ˜… 629 โ‘‚ 102 โ€”
Python
eraser-dev
eraser-dev
eraser

๐Ÿงน Cleaning up images from Kubernetes nodes

Score
90
โ˜… 611 โ‘‚ 71 +1/day
Go
globocom
globocom
huskyCI

Performing security tests inside your CI

Score
0
โ˜… 595 โ‘‚ 136 โ€”
Go
LockGit
LockGit
Hacking

Hacker, ready for more of our story ! ๐Ÿš€

Score
52
โ˜… 587 โ‘‚ 172 +1/day
Python
kac89
kac89
vulnrepo

VULNRฮžPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE,CVE,MITRE ATT&CK,PCI DSS, import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/DOCX, attachments, automatic changelog, stats, vulnerability management, bugbounty, local ai/llm, super fast pentest reporting!

Score
78
โ˜… 564 โ‘‚ 118 +1/day
TypeScript
BeetleChunks
BeetleChunks
SpoolSploit

A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.

Score
30
โ˜… 551 โ‘‚ 91 โ€”
Python
Related Topics
#security#security-tools#scanner#docker#vulnerability#hacking#static-analysis#security-audit#cve#pentesting#appsec

ยฉ 2026 GitRepoTrend ยท GitHub repositories by topic ยท Updated weekly