#Vulnerability-assessment

Showing 60 of 88 repositories tagged #vulnerability-assessment, ranked by stars

projectdiscovery
projectdiscovery
nuclei

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

Score
100
β˜… 29.6k β‘‚ 3.5k +47/day
Go
The-Art-of-Hacking
The-Art-of-Hacking
h4cker

This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security, vulnerability research, exploit development, reverse engineering, and more. πŸ”₯ Also check: https://hackertraining.org

Score
100
β˜… 28.3k β‘‚ 5.3k +135/day
Jupyter Notebook
CISOfy
CISOfy
lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Score
100
β˜… 15.9k β‘‚ 1.6k +28/day
Shell
future-architect
future-architect
vuls

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Score
0
β˜… 12.2k β‘‚ 1.2k +1/day
Go
NVIDIA
NVIDIA
garak

the LLM vulnerability scanner

Score
100
β˜… 8.4k β‘‚ 1.1k +120/day
Python
infinition
infinition
Bjorn

Bjorn is a powerful network scanning and offensive security tool for the Raspberry Pi with a 2.13-inch e-Paper HAT. It discovers network targets, identifies open ports, exposed services, and potential vulnerabilities. Bjorn can perform brute force attacks, file stealing, host zombification, and supports custom attack scripts.

Score
75
β˜… 6.1k β‘‚ 358 +11/day
Python
greenbone
greenbone
openvas-scanner

This repository contains the scanner component for Greenbone Community Edition.

Score
100
β˜… 4.7k β‘‚ 783 +5/day
Rust
scipag
scipag
vulscan

Advanced vulnerability scanning with Nmap NSE

Score
97
β˜… 3.8k β‘‚ 696 +2/day
Lua
evyatarmeged
evyatarmeged
Raccoon

A high performance offensive security tool for reconnaissance and vulnerability scanning

Score
99
β˜… 3.8k β‘‚ 473 +28/day
Python
ysrc
ysrc
xunfeng

ε·‘ι£Žζ˜―δΈ€ζ¬Ύι€‚η”¨δΊŽδΌδΈšε†…η½‘ηš„ζΌζ΄žεΏ«ι€ŸεΊ”ζ€₯,巑θˆͺζ‰«ζη³»η»Ÿγ€‚

Score
95
β˜… 3.6k β‘‚ 1.3k +1/day
Python
archerysec
archerysec
archerysec

ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.

Score
0
β˜… 2.5k β‘‚ 523 +3/day
JavaScript
anouarbensaad
anouarbensaad
vulnx

vulnx πŸ•·οΈ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.

Score
88
β˜… 2.1k β‘‚ 365 +1/day
Python
skavngr
skavngr
rapidscan

:new: The Multi-Tool Web Vulnerability Scanner.

Score
89
β˜… 2.1k β‘‚ 433 +26/day
Python
Moham3dRiahi
Moham3dRiahi
XAttacker

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Score
86
β˜… 1.7k β‘‚ 473 +1/day
Perl
felixgr
felixgr
secure-ios-app-dev

Collection of the most common vulnerabilities found in iOS applications

Score
0
β˜… 1.4k β‘‚ 105 β€”
berylliumsec
berylliumsec
nebula

AI-powered penetration testing assistant for automating recon, note-taking, and vulnerability analysis.

Score
96
β˜… 1.0k β‘‚ 160 +21/day
Python
dedsec1121fk
dedsec1121fk
DedSec

Official DedSec Project GitHub Repository

Score
50
β˜… 973 β‘‚ 493 +1/day
Python
bountyyfi
bountyyfi
lonkero

Lonkero - Wraps around your attack surface. Professional-grade scanner for real penetration testing. Fast. Modular. Rust.

Score
0
β˜… 965 β‘‚ 80 +4/day
Rust
olacabs
olacabs
jackhammer

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Score
81
β˜… 741 β‘‚ 164 β€”
Java
m0nad
m0nad
HellRaiser

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Score
78
β˜… 581 β‘‚ 142 +1/day
Ruby
SkyLined
SkyLined
BugId

Detect, analyze and uniquely identify crashes in Windows applications

Score
70
β˜… 523 β‘‚ 86 β€”
Python
frizb
frizb
Vanquish

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

Score
73
β˜… 516 β‘‚ 132 +3/day
Python
johnnyxmas
johnnyxmas
ScanCannon

A script for credentials-based attack surface enumeration and general reconnaissance of massive networks

Score
93
β˜… 478 β‘‚ 76 +2/day
Shell
Hrishikesh7665
Hrishikesh7665
Android-Pentesting-Checklist

Delve into a comprehensive checklist, your ultimate companion for Android app penetration testing. Identify vulnerabilities in network, data, storage, and permissions effortlessly. Boost security skills with essential tools and user-friendly guides. Elevate Android security seamlessly!

Score
68
β˜… 461 β‘‚ 100 +14/day
PaytmLabs
PaytmLabs
nerve

NERVE Continuous Vulnerability Scanner

Score
69
β˜… 456 β‘‚ 115 β€”
Python
InfoSecWarrior
InfoSecWarrior
Offensive-Payloads

List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.

Score
91
β˜… 445 β‘‚ 150 β€”
PHP
we1h0
we1h0
SecurityManageFramwork

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Score
72
β˜… 430 β‘‚ 154 β€”
Python
flipkart-incubator
flipkart-incubator
watchdog

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

Score
66
β˜… 430 β‘‚ 102 β€”
Python
ARCANGEL0
ARCANGEL0
EVA

EVA is an AI-assisted penetration testing agent that enhances offensive security workflows by providing structured attack guidance, contextual analysis, and multi-backend AI integration.

Score
25
β˜… 425 β‘‚ 80 +7/day
Python
Vasco0x4
Vasco0x4
AIDA

Turn any LLM into an autonomous pentester. You define the scope, the agent does the work, you review the findings.

Score
92
β˜… 421 β‘‚ 71 β€”
JavaScript
greenbone
greenbone
gsa

Greenbone Security Assistant - The web frontend for the Greenbone Community Edition

Score
0
β˜… 263 β‘‚ 115 β€”
TypeScript
Mr-Infect
Mr-Infect
AI-penetration-testing

AI/ML/LLM Penetration Testing Toolkit by Mr-Infect β€” the #1 GitHub resource for AI security, red teaming, and adversarial ML techniques. This repository is dedicated to offensive and defensive security for cutting-edge AI, Machine Learning (ML), and Large Language Models (LLMs) like ChatGPT, Claude, and LLaMA.

Score
84
β˜… 259 β‘‚ 52 +2/day
VainlyStrain
VainlyStrain
Vailyn

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Score
51
β˜… 200 β‘‚ 24 β€”
Python
OWASP
OWASP
ASST

OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.

Score
53
β˜… 189 β‘‚ 40 β€”
JavaScript
lucideus-repo
lucideus-repo
UnSAFE_Bank

Vulnerable Banking Suite

Score
77
β˜… 173 β‘‚ 108 +1/day
PHP
l3montree-dev
l3montree-dev
devguard

DevGuard Backend - Secure your Software Supply Chain - Attestation-based compliance as Code, manage your CVEs seamlessly, Integrate your Vulnerability Scanners, Security Framework Documentation made easy - OWASP Incubating Project

Score
85
β˜… 145 β‘‚ 32 +1/day
Go
elysium-suite
elysium-suite
aeacus

πŸ” Vulnerability remediation scoring system

Score
46
β˜… 133 β‘‚ 31 β€”
Go
scipag
scipag
httprecon-nse

Advanced web server fingerprinting for Nmap

Score
45
β˜… 131 β‘‚ 30 β€”
Lua
user1342
user1342
Awesome-LLM-Red-Teaming

A curated list of awesome LLM Red Teaming training, resources, and tools.

Score
54
β˜… 117 β‘‚ 21 +5/day
rishuranjanofficial
rishuranjanofficial
JWTweak

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

Score
0
β˜… 100 β‘‚ 19 β€”
Python
effortlessdevsec
effortlessdevsec
ninjasworkout

Vulnerable NodeJS Web Application

Score
39
β˜… 96 β‘‚ 25 β€”
Pug
ra1nb0rn
ra1nb0rn
search_vulns

A modular tool to search for known vulnerabilities, exploits and more across various data sources

Score
82
β˜… 90 β‘‚ 15 β€”
Python
whiterabb17
whiterabb17
sifter

Sifter - All purpose penetration testing op-center

Score
36
β˜… 82 β‘‚ 16 β€”
Shell
Esther7171
Esther7171
TryHackMe-Walkthroughs

137+ TryHackMe walkthroughs covering web exploitation, privilege escalation, CVE analysis, container escapes, and AI/LLM security. Beginner to intermediate.

Score
80
β˜… 70 β‘‚ 16 β€”
Python
BenjaminIheukumere
BenjaminIheukumere
secrets_find0r

Secrets Find0r is a multithreaded SMB share crawler that hunts for exposed credentials and secrets across Windows networks. It enumerates shares, recursively scans files with regex/keyword rules, highlights matched tokens on screen, and exports clean ASCII tables. Supports DOCX/PDF/legacy Office and depth limits.

Score
74
β˜… 70 β‘‚ 13 β€”
Python
libellux
libellux
Libellux-Up-and-Running

Install open-source software from source to focus on Zero Trust Network principles, enhancing security for existing applications, and deploying tools for threat detection and prevention.

Score
65
β˜… 69 β‘‚ 28 β€”
Myohannn
Myohannn
CIS-Auditor-Windows

A Windows CIS benchmark policy compliance auditor

Score
31
β˜… 66 β‘‚ 14 β€”
PowerShell
takito1812
takito1812
FireStorePwn

fsp - Firestore Database Vulnerability Scanner Using APKs

Score
28
β˜… 64 β‘‚ 10 β€”
Shell
x-glacier
x-glacier
kali-pentest

Kali Linux penetration testing skill for AI agents (Claude Code, OpenClaw, Hermes Agent). 200+ CLI tools, 15 scenario playbooks. Autonomously plans attack paths, selects tools, and integrates results across phases to adapt the penetration strategy β€” with human approval gates for high-risk actions.

Score
76
β˜… 63 β‘‚ 10 +6/day
mattrotlevi
mattrotlevi
lava

Microsoft Azure Exploitation Framework

Score
32
β˜… 59 β‘‚ 21 β€”
Python
R3K1NG
R3K1NG
XAttacker

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Score
34
β˜… 57 β‘‚ 22 β€”
Perl
yoanbernabeu
yoanbernabeu
supabase-pentest-skills

24 AI Agent Skills for professional security auditing of Supabase applications. Detection, key extraction, RLS testing, storage audit, IDOR detection, and comprehensive reporting. Works with Claude Code, Cursor, Windsurf, and 30+ AI agents.

Score
59
β˜… 56 β‘‚ 3 +2/day
alby77689-design
alby77689-design
Wuzen-Framework---Advanced-Mobile-Security-Research-Platform

Advanced mobile security research platform for authorized testing and educational purposes

Score
49
β˜… 48 β‘‚ 23 β€”
Tsujimar
Tsujimar
tsuki-sploit

A USB-based script for Ethical hacking with multiple attacks

Score
19
β˜… 47 β‘‚ 6 β€”
C
cyb3rint3l-labs
cyb3rint3l-labs
ServerSecurityAudit

PowerShell-based Windows Server Security Audit Engine by Cyb3rint3l Labs. Measures alignment with the NIS2 directive and maps findings to MITRE ATT&CK tactics & CIS Controls v8 practices. Generates interactive HTML dashboards & structured JSON datasets.

Score
58
β˜… 46 β‘‚ 8 β€”
PowerShell
DeepBitsTechnology
DeepBitsTechnology
claude-plugins

This project equips Claude Code with advanced binary analysis capabilities for tasks such as incident response, malware investigation, and vulnerability assessment

Score
62
β˜… 44 β‘‚ 4 β€”
AnonKryptiQuz
AnonKryptiQuz
TimeVault

TimeVault is a specialized automated tool designed to detect potential information disclosure vulnerabilities in web applications by leveraging archived URLs from the Wayback Machine.

Score
23
β˜… 42 β‘‚ 11 β€”
Python
sec0ps
sec0ps
va-pt

The VAPT Toolkit provides a streamlined way to install, configure, and maintain a complete penetration testing environment with 50+ security tools and custom automation frameworks organized across multiple categories.

Score
64
β˜… 37 β‘‚ 9 β€”
Python
Largo-m
Largo-m
SecuSploitX

Sploit -- All-in-one, AI-powered cybersecurity toolkit for web, network, and phishing tests. Modular, cross-platform, Docker-ready, with GUI & CLI. Open source by AUX-441 Team.

Score
27
β˜… 35 β‘‚ 7 β€”
HTML
pentesttoolscom
pentesttoolscom
pentesttools-github-action

Scan your web apps for vulnerabilities, misconfigurations, and other security issues with the Pentest-Tools.com command-line program.

Score
47
β˜… 35 β‘‚ 1 β€”
Dockerfile
Related Topics
#penetration-testing#security#vulnerability-detection#cybersecurity#vulnerability-scanners#security-tools#pentesting#security-scanner#ethical-hacking#hacking#security-audit#python

Β© 2026 GitRepoTrend Β· GitHub repositories by topic Β· Updated weekly