Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with vulnerability-scanner

A curated list of projects in awesome lists tagged with vulnerability-scanner .

https://github.com/projectdiscovery/nuclei

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

attack-surface cve-scanner dast hacktoberfest nuclei-engine security security-scanner subdomain-takeover vulnerability-assessment vulnerability-detection vulnerability-scanner

Last synced: 28 Jan 2026

https://github.com/chaitin/xray

一款长亭自研的完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

passive-vulnerability-scanner poc security sqlinjection vulnerability vulnerability-scanner xss

Last synced: 28 Jan 2026

https://github.com/google/osv-scanner

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

scanner security-audit security-tools vulnerability-scanner

Last synced: 02 Apr 2026

https://github.com/zan8in/afrog

A Security Tool for Bug Bounty, Pentest and Red Teaming.

afrog bug-bounty penetration-testing pentest poc red-teaming vulnerability-scanner vulnerability-scanning-tools

Last synced: 13 May 2025

https://github.com/almandin/fuxploider

File upload vulnerability scanner and exploitation tool.

detection exploitation pentesting python3 takeover vulnerability-scanner

Last synced: 15 May 2025

https://github.com/tr0uble-maker/poc-bomber

利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点

cve exp getshell poc poc-bomber rce redteam vulnerability-scanner

Last synced: 08 Oct 2025

https://github.com/tr0uble-mAker/POC-bomber

利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点

cve exp getshell poc poc-bomber rce redteam vulnerability-scanner

Last synced: 12 Jul 2025

https://github.com/megamansec/ssh-snake

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

bash cybersecurity exploitation exploitation-tool hacking hacking-tools pentesting post-exploitation redteam scanner security security-tools shell ssh ssh-hacking vulnerability-scanner worm

Last synced: 15 May 2025

https://github.com/xyntax/poc-t

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

exploitation pentesting vulnerability-scanner

Last synced: 15 May 2025

https://github.com/Xyntax/POC-T

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

exploitation pentesting vulnerability-scanner

Last synced: 30 Mar 2025

https://github.com/wagiro/burpbounty

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

bug-bounty bugbounty burp-extensions burpsuite vulnerability-detection vulnerability-scanner

Last synced: 02 Apr 2025

https://github.com/wagiro/BurpBounty

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

bug-bounty bugbounty burp-extensions burpsuite vulnerability-detection vulnerability-scanner

Last synced: 30 Mar 2025

https://github.com/dwisiswant0/crlfuzz

A fast tool to scan CRLF vulnerability written in Go

crlf-injection go golang vulnerability-scanner vulnerability-scanning

Last synced: 14 May 2025

https://github.com/shuvonsec/claude-bug-bounty

AI-powered bug bounty hunting from your terminal - recon, 20 vuln classes, autonomous hunting, and report generation. All inside Claude Code.

ai-security bug-bounty bugcrowd claude-ai claude-code ethical-hacking hackerone penetration-testing recon vulnerability-scanner

Last synced: 02 Apr 2026

https://github.com/MegaManSec/SSH-Snake

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

bash cybersecurity exploitation exploitation-tool hacking hacking-tools pentesting post-exploitation redteam scanner security security-tools shell ssh ssh-hacking vulnerability-scanner worm

Last synced: 11 Apr 2025

https://github.com/rub-nds/terrapin-scanner

This repository contains a simple vulnerability scanner for the Terrapin attack present in the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".

attack cryptography ssh vulnerability vulnerability-scanner

Last synced: 16 May 2025

https://github.com/R0X4R/Garud

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

assetfinder bash-script bugbounty bugbounty-tool bugbountytips garud gf-patterns golang penetration-testing penetration-testing-tools reconnaissance subdomain-takeover vulnerability vulnerability-scanner

Last synced: 07 Apr 2025

https://github.com/r0x4r/garud

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

assetfinder bash-script bugbounty bugbounty-tool bugbountytips garud gf-patterns golang penetration-testing penetration-testing-tools reconnaissance subdomain-takeover vulnerability vulnerability-scanner

Last synced: 12 Apr 2025

https://github.com/yhy0/chying

承影,愿你在光影之间,找到属于自己的锋芒。开源的类 BurpSuite 应用 ChYing — may you find your own edge between light and shadow. An open-source, BurpSuite-like application.

bbscan burpsuite dirsearch golang jwt swagger vulnerability-scanner wails web-vulnerability-scanners

Last synced: 28 Feb 2026

https://github.com/mergebase/log4j-detector

A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC

cve-2021-44228 cve-2021-45046 cve-2021-45105 cybersecurity detector log4j log4shell pentest sca scanner vulnerability-scanner

Last synced: 10 Jul 2025

https://github.com/CERT-Polska/Artemis

A modular vulnerability scanner with automatic report generation capabilities.

artemis pentesting security security-scanner security-tools vulnerability-detection vulnerability-scanner web-scanner

Last synced: 28 Sep 2025

https://github.com/fuzzinglabs/mcp-security-hub

A growing collection of MCP servers bringing offensive security tools to AI assistants. Nmap, Ghidra, Nuclei, SQLMap, Hashcat and more.

ai claude cybersecurity docker ghidra mcp mcp-server nmap nuclei offensive-security osint pentesting security vulnerability-scanner

Last synced: 21 May 2026

https://github.com/chushuai/wscan

Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.

cel-go chromedp crawler headless martian passive-vulnerability-scanner poc sql-injection subdomains testwaf vulnerability-scanner waf webscan wscan xss

Last synced: 11 Jul 2025

https://github.com/zt2/sqli-hunter

SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

detection exploitation pentesting ruby sql-injection sqlmap vulnerability-scanner

Last synced: 17 Jan 2026

https://github.com/yhy0/ChYing

承影 - 一款安全工具箱,集成了目录扫描、JWT、Swagger 测试、编/解码、轻量级 BurpSuite、杀软辅助功能

bbscan burpsuite dirsearch golang jwt swagger vulnerability-scanner wails web-vulnerability-scanners

Last synced: 07 Sep 2025

https://github.com/M4DM0e/BadMod

CMS auto detect and exploit.

cms-detection exploitation hacking vulnerability-scanner

Last synced: 26 Mar 2025

https://github.com/trailofbits/it-depends

A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.

dependency-analysis dependency-graph hacktoberfest hacktoberfest2021 sbom sbom-generator vulnerability-scanner

Last synced: 15 May 2025

https://github.com/SHAdd0WTAka/Zen-Ai-Pentest

🛡⚔️AI-Powered Penetration Testing Framework with automated vulnerability scanning, multi-agent system, and compliance reporting🛡⚔️

ai automation compliance cybersecurity ethical-hacking framework penetration-testing pentesting python security security-tools vulnerability-scanner

Last synced: 04 May 2026

https://github.com/enlightn/security-checker

A PHP dependency vulnerabilities scanner based on the Security Advisories Database.

php security security-scanner vulnerability-scanner vulnerability-scanning

Last synced: 15 May 2025

https://github.com/jjf012/gopoc

用cel-go重现了长亭xray的poc检测功能的轮子

poc proof-of-concept security-testing vulnerability-scanner

Last synced: 18 Feb 2026

https://github.com/0sec-labs/foxguard

A security scanner as fast as a linter, written in Rust. Batteries included, TUI for triage, secrets, post-quantum audits, diff-aware scans and more 𓃥

cli code-security linter opengrep pre-commit rust sarif sast security semgrep static-analysis tree-sitter vulnerability-scanner

Last synced: 02 Jun 2026

https://github.com/PwnKit-Labs/foxguard

A security scanner as fast as a linter, written in Rust. Live in the terminal? It also comes with a TUI triage for secrets, post-quantum audits, diff-scans and more 🦊

cli code-security linter opengrep pre-commit rust sarif sast security semgrep static-analysis tree-sitter vulnerability-scanner

Last synced: 06 May 2026

https://github.com/madhavmehndiratta/dorkScanner

A typical search engine dork scanner scrapes search engines with dorks that you provide in order to find vulnerable URLs.

bing-dorking dork-scanner ethical-hacking google-dorking google-dorks hacking-tools kali-linux search-engines security vulnerability-scanner

Last synced: 11 Jul 2025

https://github.com/safe3/cvs

CVS is a powerful comprehensive attack surface management platform. 森罗万象-强大的网络空间测绘、资产管理、漏洞扫描等全生命漏洞周期的综合攻击面管理平台,化繁为简,以一御百。

cosmos-vulnerability-scanner cvs nessus nuclei vdsl vulnerability-assessment vulnerability-scanner

Last synced: 31 Jan 2026

https://github.com/aquasecurity/harbor-scanner-trivy

Use Trivy as a plug-in vulnerability scanner in the Harbor registry

harbor harbor-pluggable-scanners harbor-registry scanner-adapter trivy vulnerability-scanner

Last synced: 08 Jul 2025

https://github.com/FuzzingLabs/mcp-security-hub

A growing collection of MCP servers bringing offensive security tools to AI assistants. Nmap, Ghidra, Nuclei, SQLMap, Hashcat and more.

ai claude cybersecurity docker ghidra mcp mcp-server nmap nuclei offensive-security osint pentesting security vulnerability-scanner

Last synced: 08 Feb 2026

https://github.com/wordfence/wordfence-cli

Wordfence malware and vulnerability scanner command line utility.

malware malware-scanner python vulnerabilities vulnerability-scanner

Last synced: 07 Mar 2026

https://github.com/ethicalhackingplayground/erebus

Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.

erebus-engine parameter-testing vulnerability-assessment vulnerability-detection vulnerability-scanner

Last synced: 15 Apr 2025

https://github.com/4ra1n/poc-runner

Small & Fast Vulnerability Scanner Engine based on XRAY YAML Rule | 基于 XRAY YAML 规则的超轻量快速漏洞扫描引擎 | 可执行文件体积仅 2 MB

poc security vulnerability vulnerability-detection vulnerability-scanner web-security web-vulnerability-scanner

Last synced: 21 Jul 2025

https://github.com/tigthor/neural-network-hacking

Hacking the Singularity. Deep learning hacking. Weaponizing AI in Offensive security

ai automation bug-hunting bugbounty hacking machine-learning neural-network neural-networks vulnerability-scanner

Last synced: 15 Apr 2025

https://github.com/OWASP/www-project-zap

OWASP Zed Attack Proxy project landing page.

appsec appsec-testing owasp vulnerability-assessment vulnerability-scanner zap

Last synced: 15 Apr 2025

https://github.com/libellux/libellux-up-and-running

Install open-source software from source to focus on Zero Trust Network principles, enhancing security for existing applications, and deploying tools for threat detection and prevention.

access-control antivirus hids intrusion-detection intrusion-prevention logging monitoring security two-factor-authentication virtual-private-network vulnerability-assessment vulnerability-scanner zero-trust-network

Last synced: 12 Feb 2026

https://github.com/sinewaveai/agent-security-scanner-mcp

Security scanner MCP server for AI coding agents. Prompt injection firewall, package hallucination detection (4.3M+ packages), 1000+ vulnerability rules with AST & taint analysis, auto-fix.

agent-security ai-security auto-fix claude-code cline codex cursor hallucination-detection llm-security mcp mcp-server openai-codex openclaw owasp prompt-injection sast security supply-chain-security vulnerability-scanner windsurf

Last synced: 06 Mar 2026

https://github.com/Contrast-Security-OSS/safelog4j

Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading

iast java log4j log4shell rasp security security-testing vulnerability vulnerability-scanner

Last synced: 11 Jul 2025

https://github.com/taythebot/archer

Distributed network and vulnerability scanner

bug-bounty hacking httpx infosec masscan nuclei scanner security-tools vulnerability-scanner

Last synced: 11 Jul 2025

https://github.com/enlightn/laravel-security-checker

Scan your Laravel app dependencies for known security vulnerabilities.

laravel security vulnerability-scanner

Last synced: 26 Oct 2025

https://github.com/contrast-security-oss/safelog4j

Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading

iast java log4j log4shell rasp security security-testing vulnerability vulnerability-scanner

Last synced: 11 Sep 2025

https://github.com/madebyaris/chaca-scanner

Native desktop web security scanner for developers. OWASP Top 10, API exposure, CMS detection, target intelligence. Built with Tauri 2 + React 19 + Rust.

api-security cms-detection owasp react rust security-scanner tauri vulnerability-scanner web-security

Last synced: 04 Apr 2026

https://github.com/filipi86/drogonsec

High-performance open-source security scanner combining SAST, SCA, Secret Detection, and IaC analysis, built for developers and CI/CD pipelines.

application-security cicd-security cloud-security code-scanning dependency-scanning devsecops iac-security open-source-security sast sca secret-detection security-scanner shift-left-security static-analysis vulnerability-scanner

Last synced: 17 Apr 2026

https://github.com/aquasecurity/harbor-scanner-aqua

Aqua Enterprise scanner as a plug-in vulnerability scanner in the Harbor registry

aqua-csp-scanner aqua-scanner harbor harbor-registry vulnerability-scanner

Last synced: 13 Oct 2025

https://github.com/anchore/harbor-scanner-adapter

Harbor Scanner Adapter for Anchore Engine and Enterprise

docker harbor vulnerabilities vulnerability-scanner

Last synced: 23 Apr 2025

https://github.com/darvid/nessusbeat

A Beat that monitors a local Nessus reports directory and outputs scan results to Elasticsearch or Logstash.

beat beats elasticbeats elasticsearch logstash nessus vulnerability-assessment vulnerability-scanner vulnerability-scanning

Last synced: 07 May 2025

https://github.com/krishpranav/vuln-scanner-flask

A flask web app made for scanning vulnerabilites on a website, network exploitation, reconnaissance

flask network network-exploitation python python3 reconnaissance reconnaissance-framework vulnerability vulnerability-scanner vulnerability-scanners

Last synced: 15 Apr 2025

https://github.com/alcideio/pipeline

Alcide Kubernetes Advisor ... Cluster Hygiene & Security Scanner - Pipeline Integration

aks argo argocd azure circleci eks github-action gitlab-ci gke google-cloud-build jenkins kubernetes security security-audit travis travis-ci vulnerability-scanner

Last synced: 16 Apr 2025

https://github.com/AvalZ/RevOK

An HTTP Response fuzzer to find Vulnerabilities in Security Scanners

exploitation-framework vulnerability-scanner web-security-research

Last synced: 27 Sep 2025

https://github.com/sergio11/eclipserecon

🌑 EclipseRecon is a personal project developed during my cybersecurity learning journey 🛡️. It helps practice web reconnaissance 🌐 by identifying subdomains 🧩, site structures 🧭, and vulnerabilities 🐞 in a controlled environment 🧪.

blue-team bug-bounty cybersecurity ethical-hacking information-gathering owasp penetration-testing reconnaissance red-team scan-tools security security-analysis security-reporting security-tools subdomain-scanner vulnerability vulnerability-scanner web-application-security web-crawler web-security

Last synced: 06 Sep 2025