vulnerability-detection | Topic | Ecosyste.ms: Repos

Topic: "vulnerability-detection"

aquasecurity/trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Language: Go - Size: 861 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 26,158 - Forks: 2,532

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

Language: Go - Size: 38.7 MB - Last synced at: 6 days ago - Pushed at: 7 days ago - Stars: 23,171 - Forks: 2,698

CISOfy/lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Language: Shell - Size: 8.37 MB - Last synced at: 5 days ago - Pushed at: about 1 month ago - Stars: 14,147 - Forks: 1,522

wazuh/wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Language: C++ - Size: 431 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 12,337 - Forks: 1,825

future-architect/vuls

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Language: Go - Size: 29 MB - Last synced at: 5 days ago - Pushed at: 6 days ago - Stars: 11,498 - Forks: 1,186

kubescape/kubescape

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

Language: Go - Size: 111 MB - Last synced at: 6 days ago - Pushed at: 9 days ago - Stars: 10,732 - Forks: 861

projectdiscovery/nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Language: JavaScript - Size: 184 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 10,086 - Forks: 2,813

dependency-check/DependencyCheck

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

Language: Java - Size: 281 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 6,901 - Forks: 1,342

GhostTroops/scan4all

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

Language: Go - Size: 82.7 MB - Last synced at: 6 months ago - Pushed at: 10 months ago - Stars: 5,503 - Forks: 660

deepfence/ThreatMapper

Open Source Cloud Native Application Protection Platform (CNAPP)

Language: TypeScript - Size: 215 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 4,990 - Forks: 608

Arachni/arachni

Web Application Security Scanner Framework

Language: Ruby - Size: 33.8 MB - Last synced at: about 1 month ago - Pushed at: almost 2 years ago - Stars: 3,873 - Forks: 770

greenbone/openvas-scanner

This repository contains the scanner component for Greenbone Community Edition.

Language: Rust - Size: 14.7 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 3,788 - Forks: 667

scipag/vulscan

Advanced vulnerability scanning with Nmap NSE

Language: Lua - Size: 13.4 MB - Last synced at: about 1 month ago - Pushed at: 8 months ago - Stars: 3,587 - Forks: 679

ysrc/xunfeng

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Language: Python - Size: 33.6 MB - Last synced at: 22 days ago - Pushed at: about 1 year ago - Stars: 3,569 - Forks: 1,327

DependencyTrack/dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Language: Java - Size: 103 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 3,010 - Forks: 618

cve-search/cve-search

cve-search - a tool to perform local searches for known vulnerabilities

Language: Python - Size: 15.3 MB - Last synced at: 20 days ago - Pushed at: about 1 month ago - Stars: 2,433 - Forks: 604

Checkmarx/kics

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

Language: Open Policy Agent - Size: 806 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 2,283 - Forks: 324

anouarbensaad/vulnx

vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.

Language: Python - Size: 575 KB - Last synced at: 28 days ago - Pushed at: almost 2 years ago - Stars: 1,928 - Forks: 343

skavngr/rapidscan

:new: The Multi-Tool Web Vulnerability Scanner.

Language: Python - Size: 3.27 MB - Last synced at: 27 days ago - Pushed at: over 1 year ago - Stars: 1,839 - Forks: 413

pyupio/safety

Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.

Language: Python - Size: 3.03 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 1,838 - Forks: 159

0xInfection/TIDoS-Framework

The Offensive Manual Web Application Penetration Testing Framework.

Language: Python - Size: 22.7 MB - Last synced at: 5 days ago - Pushed at: about 2 years ago - Stars: 1,814 - Forks: 390

protectai/vulnhuntr

Zero shot vulnerability discovery using LLMs

Language: Python - Size: 119 KB - Last synced at: 5 days ago - Pushed at: 3 months ago - Stars: 1,763 - Forks: 187

lutfumertceylan/top25-parameter

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Size: 355 KB - Last synced at: about 2 months ago - Pushed at: 11 months ago - Stars: 1,742 - Forks: 272

murphysecurity/murphysec

An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全，具备专业的软件成分分析（SCA）、漏洞检测、专业漏洞库。

Language: Go - Size: 4.98 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 1,729 - Forks: 178

wagiro/BurpBounty

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

Language: Java - Size: 3.36 MB - Last synced at: about 1 month ago - Pushed at: about 1 year ago - Stars: 1,715 - Forks: 342

metlo-labs/metlo

Metlo is an open-source API security platform.

Language: TypeScript - Size: 8.85 MB - Last synced at: 22 minutes ago - Pushed at: 12 months ago - Stars: 1,642 - Forks: 91

wireghoul/graudit

grep rough audit - source code auditing tool

Language: Shell - Size: 408 KB - Last synced at: 22 days ago - Pushed at: 22 days ago - Stars: 1,602 - Forks: 248

Moham3dRiahi/XAttacker

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Language: Perl - Size: 209 KB - Last synced at: 2 months ago - Pushed at: over 1 year ago - Stars: 1,602 - Forks: 471

aquasecurity/trivy-operator

Kubernetes-native security toolkit

Language: Go - Size: 40.3 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 1,496 - Forks: 229

0xricksanchez/paper_collection

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

Language: Python - Size: 331 KB - Last synced at: 28 days ago - Pushed at: 3 months ago - Stars: 1,295 - Forks: 126

Lucifer1993/SatanSword

红队综合渗透框架

Language: Python - Size: 84.6 MB - Last synced at: about 1 month ago - Pushed at: about 2 years ago - Stars: 1,171 - Forks: 211

mikeroyal/Open-Source-Security-Guide

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

Language: Go - Size: 655 KB - Last synced at: 29 days ago - Pushed at: over 1 year ago - Stars: 958 - Forks: 86

toolswatch/vFeed 📦

The Correlated CVE Vulnerability And Threat Intelligence Database API

Language: Python - Size: 542 KB - Last synced at: about 1 month ago - Pushed at: almost 4 years ago - Stars: 941 - Forks: 243

wazuh/wazuh-docker

Wazuh - Docker containers

Language: Shell - Size: 308 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 814 - Forks: 441

bitquark/shortscan

An IIS short filename enumeration tool

Language: Go - Size: 3.7 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 806 - Forks: 76

seccubus/seccubus

Easy automated vulnerability scanning, reporting and analysis

Language: JavaScript - Size: 123 MB - Last synced at: about 2 months ago - Pushed at: over 5 years ago - Stars: 702 - Forks: 159

bahaabdelwahed/killshot

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

Language: Ruby - Size: 42 KB - Last synced at: about 2 months ago - Pushed at: over 1 year ago - Stars: 697 - Forks: 152

CERT-Polska/Artemis

A modular vulnerability scanner with automatic report generation capabilities.

Language: Python - Size: 6.93 MB - Last synced at: 7 days ago - Pushed at: 13 days ago - Stars: 651 - Forks: 67

Patrowl/PatrowlManager

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Language: HTML - Size: 2.6 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 632 - Forks: 113

aboutcode-org/vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

Language: Python - Size: 28.5 MB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 576 - Forks: 230

mikeroyal/eBPF-Guide

eBPF (extended Berkeley Packet Filter) Guide. Learn all about the eBPF Tools and Libraries for Security, Monitoring , and Networking.

Language: Go - Size: 181 KB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 576 - Forks: 55

m0nad/HellRaiser

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Language: Ruby - Size: 435 KB - Last synced at: about 1 month ago - Pushed at: about 2 years ago - Stars: 562 - Forks: 143

SkyLined/BugId

Detect, analyze and uniquely identify crashes in Windows applications

Language: Python - Size: 4.69 MB - Last synced at: about 1 month ago - Pushed at: 3 months ago - Stars: 503 - Forks: 89

yhy0/Jie

Jie stands out as a comprehensive security assessment and exploitation tool meticulously crafted for web applications. Its robust suite of features encompasses vulnerability scanning, information gathering, and exploitation, elevating it to an indispensable toolkit for both security professionals and penetration testers.(expectations)

Language: Go - Size: 5.96 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 470 - Forks: 42

PaytmLabs/nerve

NERVE Continuous Vulnerability Scanner

Language: Python - Size: 10.8 MB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 458 - Forks: 116

wazuh/wazuh-dashboard-plugins

Plugins for Wazuh Dashboard

Language: TypeScript - Size: 57.4 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 457 - Forks: 198

wazuh/wazuh-ruleset

Wazuh - Ruleset

Language: Python - Size: 33.1 MB - Last synced at: about 1 month ago - Pushed at: 8 months ago - Stars: 440 - Forks: 215

we1h0/SecurityManageFramwork

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Language: Python - Size: 11.6 MB - Last synced at: about 5 hours ago - Pushed at: over 3 years ago - Stars: 429 - Forks: 156

mageni/mageni

Open-source vulnerability scanner

Language: NASL - Size: 119 MB - Last synced at: about 1 month ago - Pushed at: 6 months ago - Stars: 418 - Forks: 47

gradejs/gradejs 📦

GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.

Language: TypeScript - Size: 2.93 MB - Last synced at: about 2 months ago - Pushed at: over 2 years ago - Stars: 412 - Forks: 11

ucsb-seclab/BootStomp

BootStomp: a bootloader vulnerability finder

Language: Python - Size: 3.58 MB - Last synced at: about 1 month ago - Pushed at: over 3 years ago - Stars: 396 - Forks: 67

saucer-man/saucerframe

python3批量poc检测工具

Language: Python - Size: 914 KB - Last synced at: 6 months ago - Pushed at: over 1 year ago - Stars: 392 - Forks: 101

ucsb-seclab/difuze

Fuzzer for Linux Kernel Drivers

Language: C++ - Size: 2.53 MB - Last synced at: about 1 month ago - Pushed at: about 3 years ago - Stars: 377 - Forks: 84

edoardottt/missing-cve-nuclei-templates

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

Language: Shell - Size: 8.16 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 374 - Forks: 41

cs-au-dk/jelly

JavaScript/TypeScript static analyzer for call graph construction, library usage pattern matching, and vulnerability exposure analysis

Language: TypeScript - Size: 1.35 MB - Last synced at: 19 days ago - Pushed at: about 1 month ago - Stars: 363 - Forks: 29

vulnersCom/api

Vulners Python API wrapper

Language: Python - Size: 186 KB - Last synced at: 3 days ago - Pushed at: 3 months ago - Stars: 361 - Forks: 59

Escape-Technologies/graphql-wordlist

The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.

Language: TypeScript - Size: 38.7 MB - Last synced at: 3 days ago - Pushed at: over 1 year ago - Stars: 359 - Forks: 38

MindPointGroup/cloudfrunt

A tool for identifying misconfigured CloudFront domains

Language: Python - Size: 48.8 KB - Last synced at: 19 days ago - Pushed at: almost 5 years ago - Stars: 354 - Forks: 69

ucsb-seclab/dr_checker

DR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers

Language: C++ - Size: 1000 KB - Last synced at: 9 months ago - Pushed at: about 3 years ago - Stars: 331 - Forks: 71

wazuh/wazuh-ansible

Wazuh - Ansible playbook

Language: Jinja - Size: 6.88 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 330 - Forks: 206

ameenmaali/qsfuzz

qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.

Language: Go - Size: 82 KB - Last synced at: about 1 month ago - Pushed at: about 2 years ago - Stars: 300 - Forks: 37

rm-hull/nvd-clojure

National Vulnerability Database dependency checker for Clojure projects

Language: Clojure - Size: 458 MB - Last synced at: 7 days ago - Pushed at: 18 days ago - Stars: 280 - Forks: 40

OSTEsayed/OSTE-Meta-Scan

The OSTE meta scanner is a comprehensive web vulnerability scanner that combines multiple DAST scanners, including Nikto Scanner, ZAP, Nuclei, SkipFish, and Wapiti.

Language: Python - Size: 4.55 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 275 - Forks: 34

SecuProject/DLLHijackingScanner

This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification.

Language: C - Size: 895 KB - Last synced at: over 1 year ago - Pushed at: almost 4 years ago - Stars: 262 - Forks: 52

dragonked2/Egyscan

Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:

Language: Python - Size: 212 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 250 - Forks: 46

Patrowl/PatrowlEngines

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Language: Python - Size: 2.22 MB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 248 - Forks: 71

WuliRuler/AutorizePro

🧿 AutorizePro是一款强大越权检测 Burp 插件，通过增加 AI 辅助分析 && 进一步优化检测逻辑，大幅降低误报率，提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.

Language: Python - Size: 3.75 MB - Last synced at: 27 days ago - Pushed at: 27 days ago - Stars: 247 - Forks: 11

ATpiu/asset-scan

asset-scan是一款适用甲方企业的外网资产周期性扫描监控系统

Language: Go - Size: 3.95 MB - Last synced at: 4 months ago - Pushed at: about 5 years ago - Stars: 239 - Forks: 52

vmfunc/sif

the blazing-fast pentesting suite.

Language: Go - Size: 1.91 MB - Last synced at: 7 days ago - Pushed at: 23 days ago - Stars: 237 - Forks: 14

greenbone/gsa

Greenbone Security Assistant - The web frontend for the Greenbone Community Edition

Language: JavaScript - Size: 75.1 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 235 - Forks: 100

wazuh/wazuh-documentation

Wazuh - Project documentation

Language: JavaScript - Size: 759 MB - Last synced at: 4 days ago - Pushed at: 5 days ago - Stars: 216 - Forks: 371

VainlyStrain/Vailyn

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Language: Python - Size: 994 KB - Last synced at: 6 months ago - Pushed at: over 3 years ago - Stars: 198 - Forks: 25

aziz0x48/vMass

vMass Bot :hook: Vulnerability Scanner & Auto Exploiter Tool Written in Perl.

Language: Perl - Size: 77.1 KB - Last synced at: about 1 month ago - Pushed at: almost 2 years ago - Stars: 194 - Forks: 43

scmanjarrez/CVEScannerV2

Nmap script that scans for probable vulnerabilities based on services discovered in open ports.

Language: Lua - Size: 12.5 MB - Last synced at: 7 days ago - Pushed at: about 2 months ago - Stars: 191 - Forks: 25

aipengjie/sensitivefilescan

Language: Python - Size: 96.7 KB - Last synced at: over 1 year ago - Pushed at: almost 2 years ago - Stars: 182 - Forks: 75

Ky0toFu/Mirror-Flowers

基于 AI 的代码安全审计工具，支持多种编程语言的代码分析，可以帮助开发者快速发现代码中的潜在安全漏洞。支持DeepSeek-R1，ChatGPT-4o等多种大模型。

Language: Python - Size: 2.59 MB - Last synced at: about 1 month ago - Pushed at: 3 months ago - Stars: 178 - Forks: 32

docker/scan-cli-plugin 📦

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images

Language: Go - Size: 551 KB - Last synced at: about 1 year ago - Pushed at: almost 2 years ago - Stars: 177 - Forks: 47

Malwareman007/Scanner-and-Patcher

A Web Vulnerability Scanner and Patcher

Language: HTML - Size: 30.1 MB - Last synced at: 15 days ago - Pushed at: 16 days ago - Stars: 172 - Forks: 55

OWASP/ASST

OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.

Language: JavaScript - Size: 7.7 MB - Last synced at: about 1 month ago - Pushed at: 4 months ago - Stars: 167 - Forks: 36

Patrowl/PatrowlHears

PatrowlHears - Vulnerability Intelligence Center / Exploits

Language: Python - Size: 473 MB - Last synced at: about 3 hours ago - Pushed at: about 4 hours ago - Stars: 163 - Forks: 54

psc4re/NSE-scripts

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Language: Lua - Size: 21.5 KB - Last synced at: over 1 year ago - Pushed at: over 3 years ago - Stars: 159 - Forks: 29

4ra1n/poc-runner 📦

Language: Go - Size: 3.59 MB - Last synced at: 2 months ago - Pushed at: 8 months ago - Stars: 154 - Forks: 17