#Vulnerability-detection

Showing 60 of 127 repositories tagged #vulnerability-detection, ranked by stars

aquasecurity
aquasecurity
trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Score
100
★ 36.8k ⑂ 530 +58/day
Go
projectdiscovery
projectdiscovery
nuclei

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

Score
83
★ 29.6k ⑂ 3.5k +47/day
Go
wazuh
wazuh
wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Score
100
★ 16.1k ⑂ 2.4k +4/day
C++
CISOfy
CISOfy
lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Score
100
★ 15.9k ⑂ 1.6k +28/day
Shell
projectdiscovery
projectdiscovery
nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Score
99
★ 12.6k ⑂ 3.6k +13/day
JavaScript
future-architect
future-architect
vuls

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Score
67
★ 12.2k ⑂ 1.2k +1/day
Go
kubescape
kubescape
kubescape

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

Score
50
★ 11.5k ⑂ 953 +4/day
Go
dependency-check
dependency-check
DependencyCheck

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

Score
98
★ 7.6k ⑂ 1.4k +9/day
Java
GhostTroops
GhostTroops
scan4all

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

Score
0
★ 6.1k ⑂ 716
Go
deepfence
deepfence
ThreatMapper

Open Source Cloud Native Application Protection Platform (CNAPP)

Score
67
★ 5.3k ⑂ 636 +1/day
TypeScript
greenbone
greenbone
openvas-scanner

This repository contains the scanner component for Greenbone Community Edition.

Score
0
★ 4.7k ⑂ 783 +5/day
Rust
Arachni
Arachni
arachni

Web Application Security Scanner Framework

Score
95
★ 4.0k ⑂ 785 +2/day
Ruby
DependencyTrack
DependencyTrack
dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Score
97
★ 4.0k ⑂ 775 +6/day
Java
scipag
scipag
vulscan

Advanced vulnerability scanning with Nmap NSE

Score
94
★ 3.8k ⑂ 696 +2/day
Lua
ysrc
ysrc
xunfeng

巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。

Score
80
★ 3.6k ⑂ 1.3k +1/day
Python
protectai
protectai
vulnhuntr

Zero shot vulnerability discovery using LLMs

Score
77
★ 2.7k ⑂ 314 +5/day
Python
Checkmarx
Checkmarx
kics

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

Score
33
★ 2.7k ⑂ 373 +2/day
Open Policy Agent
anouarbensaad
anouarbensaad
vulnx

vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.

Score
74
★ 2.1k ⑂ 365 +1/day
Python
skavngr
skavngr
rapidscan

:new: The Multi-Tool Web Vulnerability Scanner.

Score
75
★ 2.1k ⑂ 433 +26/day
Python
pyupio
pyupio
safety

Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.

Score
93
★ 2.0k ⑂ 193 +2/day
Python
aquasecurity
aquasecurity
trivy-operator

Kubernetes-native security toolkit

Score
17
★ 1.9k ⑂ 276
Go
lutfumertceylan
lutfumertceylan
top25-parameter

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Score
70
★ 1.8k ⑂ 280
metlo-labs
metlo-labs
metlo

Metlo is an open-source API security platform.

Score
69
★ 1.8k ⑂ 105
TypeScript
murphysecurity
murphysecurity
murphysec

An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。

Score
91
★ 1.7k ⑂ 179 +1/day
Go
Moham3dRiahi
Moham3dRiahi
XAttacker

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Score
73
★ 1.7k ⑂ 473 +1/day
Perl
wireghoul
wireghoul
graudit

grep rough audit - source code auditing tool

Score
84
★ 1.7k ⑂ 255
Shell
bitquark
bitquark
shortscan

An IIS short filename enumeration tool

Score
66
★ 1.2k ⑂ 115 +2/day
Go
CERT-Polska
CERT-Polska
Artemis

A modular vulnerability scanner with automatic report generation capabilities.

Score
90
★ 1.2k ⑂ 140
Python
wazuh
wazuh
wazuh-docker

Wazuh - Docker containers

Score
92
★ 1.1k ⑂ 564 +2/day
Shell
huhusmang
huhusmang
Awesome-LLMs-for-Vulnerability-Detection

The community's most comprehensive, continuously-updated index of research on Large Language Models for software vulnerability detection — papers across function-level, repository-level, agentic, and smart-contract detection, plus datasets, benchmarks, and surveys.

Score
88
★ 1.1k ⑂ 103 +2/day
Python
larlarua
larlarua
AutoCVE

Agent-driven automated CVE discovery platform for source code auditing, vulnerability verification, and report generation.

Score
100
★ 1.1k ⑂ 70 +160/day
Python
toolswatch
toolswatch
vFeed

The Correlated CVE Vulnerability And Threat Intelligence Database API

Score
0
★ 949 ⑂ 240
Python
seccubus
seccubus
seccubus

Easy automated vulnerability scanning, reporting and analysis

Score
64
★ 712 ⑂ 153
JavaScript
aboutcode-org
aboutcode-org
vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

Score
89
★ 691 ⑂ 311
Python
vmfunc
vmfunc
sif

the blazing-fast pentesting suite.

Score
82
★ 667 ⑂ 29
Go
Patrowl
Patrowl
PatrowlManager

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Score
100
★ 637 ⑂ 112
HTML
tianchong-zerotemp
tianchong-zerotemp
dianxing

DianXing - AI-Driven End-to-End Code Security Auditing

Score
81
★ 610 ⑂ 57 +165/day
WuliRuler
WuliRuler
AutorizePro

🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.

Score
0
★ 608 ⑂ 33
Python
m0nad
m0nad
HellRaiser

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Score
60
★ 581 ⑂ 142 +1/day
Ruby
wazuh
wazuh
wazuh-ruleset

Wazuh - Ruleset

Score
62
★ 523 ⑂ 232
Python
SkyLined
SkyLined
BugId

Detect, analyze and uniquely identify crashes in Windows applications

Score
57
★ 523 ⑂ 86
Python
wazuh
wazuh
wazuh-dashboard-plugins

Plugins for Wazuh Dashboard

Score
85
★ 516 ⑂ 236
TypeScript
PaytmLabs
PaytmLabs
nerve

NERVE Continuous Vulnerability Scanner

Score
53
★ 456 ⑂ 115
Python
edoardottt
edoardottt
missing-cve-nuclei-templates

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

Score
78
★ 439 ⑂ 50
Shell
we1h0
we1h0
SecurityManageFramwork

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Score
58
★ 430 ⑂ 154
Python
wazuh
wazuh
wazuh-ansible

Wazuh - Ansible playbook

Score
83
★ 415 ⑂ 232 +1/day
Shell
MindPointGroup
MindPointGroup
cloudfrunt

A tool for identifying misconfigured CloudFront domains

Score
50
★ 363 ⑂ 69
Python
OSTEsayed
OSTEsayed
OSTE-Meta-Scan

The OSTE meta scanner is a comprehensive web vulnerability scanner that combines multiple DAST scanners, including Nikto Scanner, ZAP, Nuclei, SkipFish, and Wapiti.

Score
52
★ 306 ⑂ 43
Python
dragonked2
dragonked2
Egyscan

Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:

Score
76
★ 301 ⑂ 60
Python
wazuh
wazuh
wazuh-documentation

Wazuh - Project documentation

Score
86
★ 265 ⑂ 394
JavaScript
greenbone
greenbone
gsa

Greenbone Security Assistant - The web frontend for the Greenbone Community Edition

Score
0
★ 263 ⑂ 115
TypeScript
Patrowl
Patrowl
PatrowlEngines

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Score
50
★ 244 ⑂ 68
Python
scmanjarrez
scmanjarrez
CVEScannerV2

Nmap script that scans for probable vulnerabilities based on services discovered in open ports.

Score
40
★ 227 ⑂ 30
Lua
VainlyStrain
VainlyStrain
Vailyn

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Score
38
★ 200 ⑂ 24
Python
rxerium
rxerium
rxerium-templates

Nuclei scripts created by @rxerium for zero days / actively exploited vulnerabilities.

Score
72
★ 190 ⑂ 33
Python
OWASP
OWASP
ASST

OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.

Score
39
★ 189 ⑂ 40
JavaScript
aipengjie
aipengjie
sensitivefilescan
Score
43
★ 183 ⑂ 69
Python
Malwareman007
Malwareman007
Scanner-and-Patcher

A Web Vulnerability Scanner and Patcher

Score
67
★ 172 ⑂ 52
HTML
Patrowl
Patrowl
PatrowlHears

PatrowlHears - Vulnerability Intelligence Center / Exploits

Score
68
★ 167 ⑂ 53
Python
Messi-Q
Messi-Q
GNNSCVulDetector

Smart Contract Vulnerability Detection Using Graph Neural Networks (IJCAI-20 Accepted)

Score
87
★ 151 ⑂ 31
Solidity
Related Topics
#security#vulnerability-scanners#security-tools#vulnerability-assessment#security-audit#security-scanner#vulnerability#scanner#pentesting#security-hardening#penetration-testing

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly