Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with vulnerability-detection

A curated list of projects in awesome lists tagged with vulnerability-detection .

https://github.com/aquasecurity/trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

containers devsecops docker go golang hacktoberfest iac infrastructure-as-code kubernetes misconfiguration security security-tools vulnerability vulnerability-detection vulnerability-scanners

Last synced: 12 May 2025

https://github.com/projectdiscovery/nuclei

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

attack-surface cve-scanner dast hacktoberfest nuclei-engine security security-scanner subdomain-takeover vulnerability-assessment vulnerability-detection vulnerability-scanner

Last synced: 01 Jul 2025

https://github.com/CISOfy/Lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

auditing compliance devops devops-tools gdpr hardening hipaa linux pci-dss security-audit security-hardening security-scanner security-tools security-vulnerability shell system-hardening unix vulnerability-assessment vulnerability-detection vulnerability-scanners

Last synced: 11 May 2025

https://github.com/cisofy/lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

auditing compliance devops devops-tools gdpr hardening hipaa linux pci-dss security-audit security-hardening security-scanner security-tools security-vulnerability shell system-hardening unix vulnerability-assessment vulnerability-detection vulnerability-scanners

Last synced: 14 May 2025

https://github.com/CISOfy/lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

auditing compliance devops devops-tools gdpr hardening hipaa linux pci-dss security-audit security-hardening security-scanner security-tools security-vulnerability shell system-hardening unix vulnerability-assessment vulnerability-detection vulnerability-scanners

Last synced: 26 Mar 2025

https://github.com/kubescape/kubescape

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

best-practice devops kubernetes mitre-attack nsa security vulnerability-detection

Last synced: 12 May 2025

https://github.com/projectdiscovery/nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

bugbounty exploit-development exploits fingerprint hacktoberfest nuclei nuclei-checks nuclei-templates security vulnerability-detection

Last synced: 14 May 2025

https://github.com/jeremylong/dependencycheck

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

ant-task build-tool gradle-plugin jenkins-plugin maven-plugin security security-audit software-composition-analysis vulnerability-detection

Last synced: 02 Nov 2025

https://github.com/ghosttroops/scan4all

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

0day attack auto brute-force bugbounty bugbounty-tools golang hacker hacktools nmap nuclei pentest-tool recon security-scanner security-tools ssh tools vulnerabilities-scan vulnerability-detection vulnerability-scanners

Last synced: 14 May 2025

https://github.com/GhostTroops/scan4all

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

0day attack auto brute-force bugbounty bugbounty-tools golang hacker hacktools nmap nuclei pentest-tool recon security-scanner security-tools ssh tools vulnerabilities-scan vulnerability-detection vulnerability-scanners

Last synced: 28 Mar 2025

https://github.com/ysrc/xunfeng

巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。

exploits infosec pentesting scanner security security-audit vulnerability-assessment vulnerability-detection vulnerability-scanners

Last synced: 14 May 2025

https://github.com/dependencytrack/dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

appsec bill-of-materials bom component-analysis cyclonedx devsecops hacktoberfest nvd ossindex owasp package-url purl sbom sca security security-automation software-composition-analysis software-security vulnerabilities vulnerability-detection

Last synced: 13 May 2025

https://github.com/DependencyTrack/dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

appsec bill-of-materials bom component-analysis cyclonedx devsecops hacktoberfest nvd ossindex owasp package-url purl sbom sca security security-automation software-composition-analysis software-security vulnerabilities vulnerability-detection

Last synced: 30 Mar 2025

https://github.com/anouarbensaad/vulnx

vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.

auto-exploiter bot cloudflare-detection cms-detector crawler detects-vulnerabilities dorks exploits hacking information-gathering pentest security-tools shell-injection subdomains-gathering vulnerability vulnerability-assessment vulnerability-detection vulnerability-exploit website-vulnerability-scanner wp-scanner

Last synced: 15 May 2025

https://github.com/pyupio/safety

Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.

cicd dependency-management devsecops open-source-security package-management python security security-vulnerability travis vulnerability-detection vulnerability-scanners

Last synced: 12 Nov 2025

https://github.com/checkmarx/kics

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

appsec cloudnative devsecops golang hacktoberfest iac infrastructure-as-code open-policy-agent security security-tools vulnerability-detection vulnerability-scanners

Last synced: 12 Mar 2025

https://github.com/Checkmarx/kics

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

appsec cloudnative devsecops golang hacktoberfest iac infrastructure-as-code open-policy-agent security security-tools vulnerability-detection vulnerability-scanners

Last synced: 14 Mar 2025

https://github.com/protectai/vulnhuntr

Zero shot vulnerability discovery using LLMs

ai llm security static-analysis vulnerability-detection

Last synced: 14 May 2025

https://github.com/lutfumertceylan/top25-parameter

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

bugbounty bugbountytips infosec pentest-tool pentesting security vulnerability-detection vulnerability-research xss-detection

Last synced: 17 Oct 2025

https://github.com/wagiro/burpbounty

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

bug-bounty bugbounty burp-extensions burpsuite vulnerability-detection vulnerability-scanner

Last synced: 02 Apr 2025

https://github.com/wagiro/BurpBounty

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

bug-bounty bugbounty burp-extensions burpsuite vulnerability-detection vulnerability-scanner

Last synced: 30 Mar 2025

https://github.com/murphysecurity/murphysec

An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。

codescan dependency sca scanner security software-composition-analysis software-supply-chain vulnerability-detection

Last synced: 14 May 2025

https://github.com/wireghoul/graudit

grep rough audit - source code auditing tool

security security-audit security-tools shell source-code vulnerability-detection

Last synced: 14 May 2025

https://github.com/0xricksanchez/paper_collection

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

directed-fuzzing embedded exploitation fuzzing fuzzing-binaries guided-fuzzing hybrid-fuzzing iot kernel linux linux-kernel mitigations paper rca root-cause sanitizer vulnerability-detection

Last synced: 13 Apr 2025

https://github.com/yhy0/Jie

Jie stands out as a comprehensive security assessment and exploitation tool meticulously crafted for web applications. Its robust suite of features encompasses vulnerability scanning, information gathering, and exploitation, elevating it to an indispensable toolkit for both security professionals and penetration testers. 挖洞辅助工具(漏洞扫描、信息收集)

apollo-exp bugcrowd crawler hackerone jie scan scanner security-copilot shiro-exp src vul vulnerability vulnerability-detection vulnerability-exploitation vulnerability-scanners

Last synced: 07 Sep 2025

https://github.com/CERT-Polska/Artemis

A modular vulnerability scanner with automatic report generation capabilities.

artemis pentesting security security-scanner security-tools vulnerability-detection vulnerability-scanner web-scanner

Last synced: 28 Sep 2025

https://github.com/aboutcode-org/vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

cpe cve cvss nvd ossindex osv package-url purl security security-tools snyk vulndb vulnerability vulnerability-database vulnerability-databases vulnerability-detection vulnerability-identification vulnerability-scanners

Last synced: 14 May 2025

https://github.com/yhy0/jie

Jie stands out as a comprehensive security assessment and exploitation tool meticulously crafted for web applications. Its robust suite of features encompasses vulnerability scanning, information gathering, and exploitation, elevating it to an indispensable toolkit for both security professionals and penetration testers.(expectations)

apollo-exp crawler jie scan scanner security-copilot shiro-exp vul vulnerability vulnerability-detection vulnerability-exploitation vulnerability-scanners

Last synced: 05 Apr 2025

https://github.com/zhaoweiho/SecurityManageFramwork

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

exploits infosec pentesting scanner security security-audit vulnerability-assessment vulnerability-detection vulnerability-scanners

Last synced: 02 May 2025

https://github.com/we1h0/SecurityManageFramwork

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

exploits infosec pentesting scanner security security-audit vulnerability-assessment vulnerability-detection vulnerability-scanners

Last synced: 02 Apr 2025

https://github.com/gradejs/gradejs

GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.

bugbounty bundle bundling javascript npm package-management security-tools vulnerability vulnerability-detection webpack website-security

Last synced: 26 Mar 2025

https://github.com/ucsb-seclab/bootstomp

BootStomp: a bootloader vulnerability finder

android binary-analysis bootloader cve decompilation vulnerability-detection

Last synced: 02 Apr 2025

https://github.com/ucsb-seclab/difuze

Fuzzer for Linux Kernel Drivers

android fuzzing kernel vulnerability-detection

Last synced: 02 Apr 2025

https://github.com/cs-au-dk/jelly

JavaScript/TypeScript static analyzer for call graph construction, library usage pattern matching, and vulnerability exposure analysis

call-graph-analysis javascript library-usage typescript vulnerability-detection

Last synced: 13 May 2025

https://github.com/escape-technologies/graphql-wordlist

The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.

graphql graphql-schema vulnerability-detection wordlist wordlists

Last synced: 06 Apr 2025

https://github.com/MindPointGroup/cloudfrunt

A tool for identifying misconfigured CloudFront domains

aws cloudfront security security-tools vulnerability-detection

Last synced: 23 Apr 2025

https://github.com/ucsb-seclab/dr_checker

DR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers

kernel kernel-driver llvm vulnerability-detection vulnerability-scanners

Last synced: 15 Mar 2025

https://github.com/Escape-Technologies/graphql-wordlist

The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.

graphql graphql-schema vulnerability-detection wordlist wordlists

Last synced: 08 May 2025

https://github.com/ameenmaali/qsfuzz

qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.

bugbounty fuzz infosec security vulnerability-detection

Last synced: 02 Apr 2025

https://github.com/rm-hull/nvd-clojure

National Vulnerability Database dependency checker for Clojure projects

clojure cve-scanning lein-plugin vulnerability-detection

Last synced: 12 Dec 2025

https://github.com/edoardottt/missing-cve-nuclei-templates

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

automation bug-bounty bug-hunting bugbounty bugbounty-tool bugbountytips cve cve-scanning hacking nuclei nuclei-engine nuclei-templates penetration-testing pentesting projectdiscovery security security-tools vulnerability-detection vulnerability-scanners

Last synced: 09 Apr 2025

https://github.com/OSTEsayed/OSTE-Meta-Scan

The OSTE meta scanner is a comprehensive web vulnerability scanner that combines multiple DAST scanners, including Nikto Scanner, ZAP, Nuclei, SkipFish, and Wapiti.

cybersecurity os-command-injection sql-injection tool vulnerability-detection web-vulnerability-scanner xss-detection

Last synced: 30 Aug 2025

https://github.com/ATpiu/asset-scan

asset-scan是一款适用甲方企业的外网资产周期性扫描监控系统

golang network-discovery nmap port-scanner security service-discovery vulnerability-detection

Last synced: 11 Jul 2025

https://github.com/docker-archive-public/docker.scan-cli-plugin

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images

docker docker-container docker-image dockerfile vulnerabilities vulnerability vulnerability-detection vulnerability-scanners

Last synced: 09 Aug 2025

https://github.com/ky0tofu/mirror-flowers

基于 AI 的代码安全审计工具,支持多种编程语言的代码分析,可以帮助开发者快速发现代码中的潜在安全漏洞。支持DeepSeek-R1,ChatGPT-4o等多种大模型。

ai ai-code-audit chatgpt code-audit cybersecurity deepseek mirror-flowers multilingual-support openai openai-api security security-analysis vulnerability-detection

Last synced: 07 Apr 2025

https://github.com/rpranshu/EternalView

EternalView is an all in one basic information gathering and vulnerability assessment tool

autopwn bash bash-script dos-attack information-gathering ip-locator nmap shell shell-script traceroute vulnerability-detection whois-information

Last synced: 08 Apr 2025

https://github.com/ethicalhackingplayground/erebus

Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.

erebus-engine parameter-testing vulnerability-assessment vulnerability-detection vulnerability-scanner

Last synced: 15 Apr 2025

https://github.com/DistriNet/timeless-timing-attacks

A Python implementation that facilitates finding timeless timing attack vulnerabilities.

attack timing vulnerability-detection

Last synced: 12 Jul 2025

https://github.com/4ra1n/poc-runner

Small & Fast Vulnerability Scanner Engine based on XRAY YAML Rule | 基于 XRAY YAML 规则的超轻量快速漏洞扫描引擎 | 可执行文件体积仅 2 MB

poc security vulnerability vulnerability-detection vulnerability-scanner web-security web-vulnerability-scanner

Last synced: 21 Jul 2025

https://github.com/AppThreat/vulnerability-db

Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers.

advisories cli cve database nvd purl sca vers vulnerability-database vulnerability-detection

Last synced: 07 May 2025