#Vulnerability-scanners
Showing 60 of 173 repositories tagged #vulnerability-scanners, ranked by stars
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Test your prompts, agents, and RAGs. Red teaming/pentesting/vulnerability scanning for AI. Compare performance of GPT, Claude, Gemini, DeepSeek, and more. Simple declarative configs with command line and CI/CD integration. Used by OpenAI and Anthropic.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Tfsec is now part of Trivy
Open Source Vulnerability Management Platform
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
Open Source Cloud Native Application Protection Platform (CNAPP)
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc.
This repository contains the scanner component for Greenbone Community Edition.
Advanced vulnerability scanning with Nmap NSE
巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
EMBA - The firmware security analyzer
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
Open source vulnerability DB and triage service.
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
:new: The Multi-Tool Web Vulnerability Scanner.
Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.
Kubernetes-native security toolkit
safely install npm packages by auditing them pre-install stage
Awesome Pentest Tools Collection
Advanced dork Search & Mass Exploit Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes
傻瓜式漏洞PoC测试框架
AutoPentestX – Automated Pentesting & Vulnerability Reporting Tool
secator - the pentester's swiss knife
The fastest dork scanner written in Go.
hack tools
An IIS short filename enumeration tool
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
🎯 Fast CORS misconfiguration vulnerabilities scanner
AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.
Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
AI-powered penetration testing assistant for automating recon, note-taking, and vulnerability analysis.
Advanced reconnaissance utility
Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
Lonkero - Wraps around your attack surface. Professional-grade scanner for real penetration testing. Fast. Modular. Rust.
The Correlated CVE Vulnerability And Threat Intelligence Database API
Open-Source Security Architecture | 开源安全架构
一个开源的、开箱即用的漏洞批量验证框架
Docker containers vulnerability scan
🍉一款基于Python-Django的多功能Web安全渗透测试工具,包含漏洞扫描,端口扫描,指纹识别,目录扫描,旁站扫描,域名扫描等功能。
Robber is open source tool for finding executables prone to DLL hijacking
Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Antenna是58同城安全团队打造的一款辅助安全从业人员验证网络中多种漏洞是否存在以及可利用性的工具。其基于带外应用安全测试(OAST)通过任务的形式,将不同漏洞场景检测能力通过插件的形式进行集合,通过与目标进行out-bind的数据通信方式进行辅助检测。
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain
iblessing is an iOS security exploiting toolkit, it mainly includes application information gathering, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.
the blazing-fast pentesting suite.
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Scans Software Bill of Materials (SBOMs) for security vulnerabilities
分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
Hacker, ready for more of our story ! 🚀
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.