#Vulnerability-detection
Showing 60 of 127 repositories tagged #vulnerability-detection, ranked by stars
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
Open Source Cloud Native Application Protection Platform (CNAPP)
This repository contains the scanner component for Greenbone Community Edition.
Web Application Security Scanner Framework
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Advanced vulnerability scanning with Nmap NSE
巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Zero shot vulnerability discovery using LLMs
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
:new: The Multi-Tool Web Vulnerability Scanner.
Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.
Kubernetes-native security toolkit
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Metlo is an open-source API security platform.
An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
grep rough audit - source code auditing tool
An IIS short filename enumeration tool
A modular vulnerability scanner with automatic report generation capabilities.
Wazuh - Docker containers
The community's most comprehensive, continuously-updated index of research on Large Language Models for software vulnerability detection — papers across function-level, repository-level, agentic, and smart-contract detection, plus datasets, benchmarks, and surveys.
Agent-driven automated CVE discovery platform for source code auditing, vulnerability verification, and report generation.
The Correlated CVE Vulnerability And Threat Intelligence Database API
Easy automated vulnerability scanning, reporting and analysis
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
the blazing-fast pentesting suite.
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
DianXing - AI-Driven End-to-End Code Security Auditing
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Wazuh - Ruleset
Detect, analyze and uniquely identify crashes in Windows applications
Plugins for Wazuh Dashboard
NERVE Continuous Vulnerability Scanner
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Wazuh - Ansible playbook
A tool for identifying misconfigured CloudFront domains
The OSTE meta scanner is a comprehensive web vulnerability scanner that combines multiple DAST scanners, including Nikto Scanner, ZAP, Nuclei, SkipFish, and Wapiti.
Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
Wazuh - Project documentation
Greenbone Security Assistant - The web frontend for the Greenbone Community Edition
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Nmap script that scans for probable vulnerabilities based on services discovered in open ports.
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Nuclei scripts created by @rxerium for zero days / actively exploited vulnerabilities.
OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.
A Web Vulnerability Scanner and Patcher
PatrowlHears - Vulnerability Intelligence Center / Exploits
Smart Contract Vulnerability Detection Using Graph Neural Networks (IJCAI-20 Accepted)