Trending repositories for topic vulnerabilities

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

A vulnerability scanner for container images and filesystems

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Awesome Node.js Security resources

Gather and update all available and newest CVEs with their PoC.

OSS-Fuzz - continuous fuzzing for open source software.

Vulnerability Static Analysis for Containers

An step by step fuzzing tutorial. A GitHub Security Lab initiative

📦 Make security testing of K8s, Docker, and Containerd easier.

🧹 Cleaning up images from Kubernetes nodes

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the ...

Vulnerabilities of Goby supported with exploitation.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

A list of web application security

ChatGPT加持的，多人在线协同信息安全报告编写平台。目前支持的报告类型：渗透测试报告，APP隐私合规报告。

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or...

Metlo is an open-source API security platform.

:new: The Multi-Tool Web Vulnerability Scanner.

ChatGPT加持的，多人在线协同信息安全报告编写平台。目前支持的报告类型：渗透测试报告，APP隐私合规报告。

Wordfence malware and vulnerability scanner command line utility.

🧹 Cleaning up images from Kubernetes nodes

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Hourly updated database of exploit and exploitation reports

Vulnerabilities of Goby supported with exploitation.

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the ...

Awesome Node.js Security resources

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

A vulnerability scanner for container images and filesystems

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

An step by step fuzzing tutorial. A GitHub Security Lab initiative

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or...

📦 Make security testing of K8s, Docker, and Containerd easier.

Gather and update all available and newest CVEs with their PoC.

Metlo is an open-source API security platform.

:new: The Multi-Tool Web Vulnerability Scanner.

Pentest Report Generator

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

A vulnerability scanner for container images and filesystems

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

Gather and update all available and newest CVEs with their PoC.

OSS-Fuzz - continuous fuzzing for open source software.

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Awesome Node.js Security resources

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

📦 Make security testing of K8s, Docker, and Containerd easier.

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or...

An step by step fuzzing tutorial. A GitHub Security Lab initiative

Vulnerability Static Analysis for Containers

A list of web application security

🧹 Cleaning up images from Kubernetes nodes

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

:new: The Multi-Tool Web Vulnerability Scanner.

Pentest Report Generator

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

Wordfence malware and vulnerability scanner command line utility.

Crypto Deep Tools a set of scripts for detailed cryptanalysis of the Blockchain network in cryptocurrency Bitcoin

ChatGPT加持的，多人在线协同信息安全报告编写平台。目前支持的报告类型：渗透测试报告，APP隐私合规报告。

🧹 Cleaning up images from Kubernetes nodes

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or...

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Awesome Node.js Security resources

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

An step by step fuzzing tutorial. A GitHub Security Lab initiative

Hourly updated database of exploit and exploitation reports

A vulnerability scanner for container images and filesystems

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

Vulnerabilities of Goby supported with exploitation.

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

:new: The Multi-Tool Web Vulnerability Scanner.

Gather and update all available and newest CVEs with their PoC.

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the ...

📦 Make security testing of K8s, Docker, and Containerd easier.

A vulnerability scanner for container images and filesystems

OSS-Fuzz - continuous fuzzing for open source software.

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

Gather and update all available and newest CVEs with their PoC.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

📦 Make security testing of K8s, Docker, and Containerd easier.

Vulnerability Static Analysis for Containers

An step by step fuzzing tutorial. A GitHub Security Lab initiative

Awesome Node.js Security resources

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

A list of web application security

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or...

CVE Alerting Platform

🎖safely* install packages with npm or yarn by auditing them as part of your install process

Pentest Report Generator

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the ...

Snyk CLI scans and monitors your projects for security vulnerabilities.

本项目通过大模型联动爬虫，检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目，并自动识别项目的目录结构、Readme信息后进行总结分析并分类，所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。

No description

Crypto Deep Tools a set of scripts for detailed cryptanalysis of the Blockchain network in cryptocurrency Bitcoin

Wordfence malware and vulnerability scanner command line utility.

ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabas...

🛡 Public database of Elixir security advisories pulled from GitHub Advisory Database

A collection of Server-Side Prototype Pollution gadgets and exploits

A vulnerability scanner for container images and filesystems

🧹 Cleaning up images from Kubernetes nodes

Some Vulnerability in the some protocol are collected.

VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities

🎖safely* install packages with npm or yarn by auditing them as part of your install process

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or...

Roadmap to get up to speed with CosmWasm smart contract audits and security vulnerabilities

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Pentest Report Generator

Vulnerability (CVE) scanner for Nix/NixOS.

Internet of Vehicles Penetration testing OS.车联网渗透测试系统，开箱即用的测试环境，包含上百个常见用于车联网渗透测试的工具集。覆盖逆向、CAN、车载以太网、WiFi、蓝牙、云平台等安全测试

魔改版内网扫描工具

Gradle plugin that scans the dependencies of a Gradle project using Sonatype platforms: OSS Index and Nexus IQ Server.

🍋 An open dataset containing smart contract audit issues from various sources.

Internet of Vehicles Penetration testing OS.车联网渗透测试系统，开箱即用的测试环境，包含上百个常见用于车联网渗透测试的工具集。覆盖逆向、CAN、车载以太网、WiFi、蓝牙、云平台等安全测试

Wordfence malware and vulnerability scanner command line utility.

Improper Authorization Vulnerability in Confluence Data Center and Server + bonus 🔥

本项目通过大模型联动爬虫，检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目，并自动识别项目的目录结构、Readme信息后进行总结分析并分类，所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。

Check the health of your project's requirements and get a score for each dependency.

Build a CVE library with aggregated CISA, EPSS and CVSS data

A vulnerability scanner for container images and filesystems

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

OSS-Fuzz - continuous fuzzing for open source software.

Gather and update all available and newest CVEs with their PoC.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

📦 Make security testing of K8s, Docker, and Containerd easier.

A list of web application security

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Vulnerability Static Analysis for Containers

Pentest Report Generator

An step by step fuzzing tutorial. A GitHub Security Lab initiative

Awesome Node.js Security resources

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or...

Hunt for security weaknesses in Kubernetes clusters

Snyk CLI scans and monitors your projects for security vulnerabilities.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems

HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux

🍋 An open dataset containing smart contract audit issues from various sources.

A collection of Server-Side Prototype Pollution gadgets and exploits

Wordfence malware and vulnerability scanner command line utility.

ChatGPT加持的，多人在线协同信息安全报告编写平台。目前支持的报告类型：渗透测试报告，APP隐私合规报告。

w4af: web advanced application attack and audit framework, the open source web vulnerability scanner.

Build a CVE library with aggregated CISA, EPSS and CVSS data

No description

Internet of Vehicles Penetration testing OS.车联网渗透测试系统，开箱即用的测试环境，包含上百个常见用于车联网渗透测试的工具集。覆盖逆向、CAN、车载以太网、WiFi、蓝牙、云平台等安全测试

Pentest Report Generator

Roadmap to get up to speed with CosmWasm smart contract audits and security vulnerabilities

A Web Vulnerability Scanner and Patcher

Command line interface for the Phylum API

python dependency vulnerability scanner, written in Rust.

VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities

🧹 Cleaning up images from Kubernetes nodes

Crypto Deep Tools a set of scripts for detailed cryptanalysis of the Blockchain network in cryptocurrency Bitcoin

:beetle: Repository of CVE found by OCD people

🛡 Public database of Elixir security advisories pulled from GitHub Advisory Database

Nmap script to detect a Microsoft Exchange instance version with OWA enabled.

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.