#Vulnerability-scanners

Showing 60 of 173 repositories tagged #vulnerability-scanners, ranked by stars

aquasecurity
aquasecurity
trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Score
100
★ 36.8k ⑂ 530 +58/day
Go
promptfoo
promptfoo
promptfoo

Test your prompts, agents, and RAGs. Red teaming/pentesting/vulnerability scanning for AI. Compare performance of GPT, Claude, Gemini, DeepSeek, and more. Simple declarative configs with command line and CI/CD integration. Used by OpenAI and Anthropic.

Score
100
★ 23.1k ⑂ 2.1k +112/day
TypeScript
CISOfy
CISOfy
lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Score
100
★ 15.9k ⑂ 1.6k +28/day
Shell
future-architect
future-architect
vuls

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Score
88
★ 12.2k ⑂ 1.2k +1/day
Go
We5ter
We5ter
Scanners-Box

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

Score
100
★ 9.0k ⑂ 2.4k +6/day
aquasecurity
aquasecurity
tfsec

Tfsec is now part of Trivy

Score
75
★ 7.0k ⑂ 555 +1/day
Go
infobyte
infobyte
faraday

Open Source Vulnerability Management Platform

Score
100
★ 6.6k ⑂ 1.1k +5/day
Python
GhostTroops
GhostTroops
scan4all

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

Score
25
★ 6.1k ⑂ 716
Go
deepfence
deepfence
ThreatMapper

Open Source Cloud Native Application Protection Platform (CNAPP)

Score
88
★ 5.3k ⑂ 636 +1/day
TypeScript
OWASP
OWASP
Nettacker

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

Score
92
★ 5.3k ⑂ 1.1k +8/day
Python
charles2gan
charles2gan
GDA-android-reversing-Tool

the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc.

Score
99
★ 4.8k ⑂ 568 +1/day
Python
greenbone
greenbone
openvas-scanner

This repository contains the scanner component for Greenbone Community Edition.

Score
100
★ 4.7k ⑂ 783 +5/day
Rust
scipag
scipag
vulscan

Advanced vulnerability scanning with Nmap NSE

Score
97
★ 3.8k ⑂ 696 +2/day
Lua
ysrc
ysrc
xunfeng

巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。

Score
85
★ 3.6k ⑂ 1.3k +1/day
Python
e-m-b-a
e-m-b-a
emba

EMBA - The firmware security analyzer

Score
98
★ 3.5k ⑂ 312 +4/day
Shell
deepfence
deepfence
SecretScanner

:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:

Score
50
★ 3.4k ⑂ 347
Go
google
google
osv.dev

Open source vulnerability DB and triage service.

Score
98
★ 2.8k ⑂ 338 +1/day
Go
Checkmarx
Checkmarx
kics

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

Score
62
★ 2.7k ⑂ 373 +2/day
Open Policy Agent
skavngr
skavngr
rapidscan

:new: The Multi-Tool Web Vulnerability Scanner.

Score
80
★ 2.1k ⑂ 433 +26/day
Python
pyupio
pyupio
safety

Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.

Score
96
★ 2.0k ⑂ 193 +2/day
Python
aquasecurity
aquasecurity
trivy-operator

Kubernetes-native security toolkit

Score
38
★ 1.9k ⑂ 276
Go
lirantal
lirantal
npq

safely install npm packages by auditing them pre-install stage

Score
94
★ 1.8k ⑂ 41
JavaScript
arch3rPro
arch3rPro
PentestTools

Awesome Pentest Tools Collection

Score
94
★ 1.7k ⑂ 354 +8/day
AlisamTechnology
AlisamTechnology
ATSCAN

Advanced dork Search & Mass Exploit Scanner

Score
77
★ 1.6k ⑂ 357 +2/day
Perl
v3n0m-Scanner
v3n0m-Scanner
V3n0M-Scanner

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Score
58
★ 1.6k ⑂ 415
Python
Autumn-27
Autumn-27
ScopeSentry

ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes

Score
95
★ 1.5k ⑂ 214 +5/day
Go
jweny
jweny
pocassist

傻瓜式漏洞PoC测试框架

Score
76
★ 1.4k ⑂ 246
Go
Gowtham-Darkseid
Gowtham-Darkseid
AutoPentestX

AutoPentestX – Automated Pentesting & Vulnerability Reporting Tool

Score
89
★ 1.4k ⑂ 254 +52/day
Python
freelabz
freelabz
secator

secator - the pentester's swiss knife

Score
93
★ 1.3k ⑂ 133
Python
dwisiswant0
dwisiswant0
go-dork

The fastest dork scanner written in Go.

Score
72
★ 1.3k ⑂ 140 +1/day
Go
hacktoolspack
hacktoolspack
hack-tools

hack tools

Score
77
★ 1.2k ⑂ 498
Python
bitquark
bitquark
shortscan

An IIS short filename enumeration tool

Score
70
★ 1.2k ⑂ 115 +2/day
Go
Hackmanit
Hackmanit
Web-Cache-Vulnerability-Scanner

Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).

Score
88
★ 1.2k ⑂ 161 +2/day
Go
chenjj
chenjj
CORScanner

🎯 Fast CORS misconfiguration vulnerabilities scanner

Score
42
★ 1.2k ⑂ 184
Python
GamehunterKaan
GamehunterKaan
AutoPWN-Suite

AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.

Score
83
★ 1.1k ⑂ 137
Python
koutto
koutto
jok3r

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Score
73
★ 1.1k ⑂ 251
HTML
WyAtu
WyAtu
Perun

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

Score
71
★ 1.1k ⑂ 244
Python
berylliumsec
berylliumsec
nebula

AI-powered penetration testing assistant for automating recon, note-taking, and vulnerability analysis.

Score
90
★ 1.0k ⑂ 160 +21/day
Python
Ekultek
Ekultek
Zeus-Scanner

Advanced reconnaissance utility

Score
50
★ 992 ⑂ 247
Python
mitchellkrogza
mitchellkrogza
apache-ultimate-bad-bot-blocker

Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders

Score
91
★ 971 ⑂ 199
C
bountyyfi
bountyyfi
lonkero

Lonkero - Wraps around your attack surface. Professional-grade scanner for real penetration testing. Fast. Modular. Rust.

Score
67
★ 965 ⑂ 80 +4/day
Rust
toolswatch
toolswatch
vFeed

The Correlated CVE Vulnerability And Threat Intelligence Database API

Score
33
★ 949 ⑂ 240
Python
bloodzer0
bloodzer0
ossa

Open-Source Security Architecture | 开源安全架构

Score
69
★ 942 ⑂ 217
bigblackhat
bigblackhat
oFx

一个开源的、开箱即用的漏洞批量验证框架

Score
67
★ 912 ⑂ 162 +912/day
Python
arminc
arminc
clair-scanner

Docker containers vulnerability scan

Score
0
★ 861 ⑂ 155
Go
jwt1399
jwt1399
Sec-Tools

🍉一款基于Python-Django的多功能Web安全渗透测试工具,包含漏洞扫描,端口扫描,指纹识别,目录扫描,旁站扫描,域名扫描等功能。

Score
25
★ 852 ⑂ 158
Python
MojtabaTajik
MojtabaTajik
Robber

Robber is open source tool for finding executables prone to DLL hijacking

Score
90
★ 797 ⑂ 153
Pascal
olacabs
olacabs
jackhammer

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Score
66
★ 741 ⑂ 164
Java
wuba
wuba
Antenna

Antenna是58同城安全团队打造的一款辅助安全从业人员验证网络中多种漏洞是否存在以及可利用性的工具。其基于带外应用安全测试(OAST)通过任务的形式,将不同漏洞场景检测能力通过插件的形式进行集合,通过与目标进行out-bind的数据通信方式进行辅助检测。

Score
64
★ 720 ⑂ 71
JavaScript
aboutcode-org
aboutcode-org
vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

Score
92
★ 691 ⑂ 311
Python
ossillate-inc
ossillate-inc
packj

Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain

Score
85
★ 686 ⑂ 37
Python
Soulghost
Soulghost
iblessing

iblessing is an iOS security exploiting toolkit, it mainly includes application information gathering, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

Score
50
★ 684 ⑂ 95
C++
vmfunc
vmfunc
sif

the blazing-fast pentesting suite.

Score
87
★ 667 ⑂ 29
Go
dwisiswant0
dwisiswant0
ppfuzz

A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

Score
33
★ 667 ⑂ 72
Rust
Patrowl
Patrowl
PatrowlManager

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Score
100
★ 637 ⑂ 112
HTML
devops-kung-fu
devops-kung-fu
bomber

Scans Software Bill of Materials (SBOMs) for security vulnerabilities

Score
12
★ 622 ⑂ 55 +2/day
Go
smallcham
smallcham
sec-admin

分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)

Score
62
★ 621 ⑂ 117
Python
LockGit
LockGit
Hacking

Hacker, ready for more of our story ! 🚀

Score
65
★ 587 ⑂ 172 +1/day
Python
m0nad
m0nad
HellRaiser

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Score
63
★ 581 ⑂ 142 +1/day
Ruby
signorrayan
signorrayan
RedTeam_toolkit

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

Score
75
★ 571 ⑂ 121
Python
Related Topics
#security#security-tools#vulnerability-detection#scanner#security-audit#vulnerability#pentesting#penetration-testing#python#devsecops#security-scanner#vulnerability-assessment

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly