Trending repositories for topic vulnerability-detection
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the int...
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Community curated list of templates for the nuclei engine to find security vulnerabilities.
This repository contains the scanner component for Greenbone Community Edition.
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it si...
Articles and tools related to research in the Apple environment (mainly macOS).
vMass Bot :hook: Vulnerability Scanner & Auto Exploiter Tool Written in Perl.
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Open Source Cloud Native Application Protection Platform (CNAPP)
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
FUNDED is a novel learning framework for building vulnerability detection models.
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
Articles and tools related to research in the Apple environment (mainly macOS).
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it si...
vMass Bot :hook: Vulnerability Scanner & Auto Exploiter Tool Written in Perl.
FUNDED is a novel learning framework for building vulnerability detection models.
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the int...
This repository contains the scanner component for Greenbone Community Edition.
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Community curated list of templates for the nuclei engine to find security vulnerabilities.
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the int...
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Community curated list of templates for the nuclei engine to find security vulnerabilities.
This repository contains the scanner component for Greenbone Community Edition.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it si...
cve-search - a tool to perform local searches for known vulnerabilities
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
基于 AI 的代码安全审计工具,支持多种编程语言的代码分析,可以帮助开发者快速发现代码中的潜在安全漏洞。支持DeepSeek-R1,ChatGPT-4o等多种大模型。
vMass Bot :hook: Vulnerability Scanner & Auto Exploiter Tool Written in Perl.
Open Source Cloud Native Application Protection Platform (CNAPP)
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it si...
基于 AI 的代码安全审计工具,支持多种编程语言的代码分析,可以帮助开发者快速发现代码中的潜在安全漏洞。支持DeepSeek-R1,ChatGPT-4o等多种大模型。
vMass Bot :hook: Vulnerability Scanner & Auto Exploiter Tool Written in Perl.
Labsecurity is a tool that bundles ethical hacking python scripts into a single tool with cli interface.
Scaling best-practice AFLPlusPlus fuzzing campaigns made easy and more
Articles and tools related to research in the Apple environment (mainly macOS).
FUNDED is a novel learning framework for building vulnerability detection models.
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
This repository contains the scanner component for Greenbone Community Edition.
Jie stands out as a comprehensive security assessment and exploitation tool meticulously crafted for web applications. Its robust suite of features encompasses vulnerability scanning, information gath...
cve-search - a tool to perform local searches for known vulnerabilities
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the int...
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the int...
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it si...
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes ...
This repository contains the scanner component for Greenbone Community Edition.
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
基于 AI 的代码安全审计工具,支持多种编程语言的代码分析,可以帮助开发者快速发现代码中的潜在安全漏洞。支持DeepSeek-R1,ChatGPT-4o等多种大模型。
cve-search - a tool to perform local searches for known vulnerabilities
Open Source Cloud Native Application Protection Platform (CNAPP)
Articles and tools related to research in the Apple environment (mainly macOS).
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it si...
Zerodayf is an advanced code analysis platform that leverages artificial intelligence & SAST to identify vulnerabilities within source code.
A curated collection of free or freemium web-based penetration testing and vulnerability analysis tools. These tools assist security professionals and enthusiasts in discovering, assessing, and managi...
基于 AI 的代码安全审计工具,支持多种编程语言的代码分析,可以帮助开发者快速发现代码中的潜在安全漏洞。支持DeepSeek-R1,ChatGPT-4o等多种大模型。
TunnelX is a lightweight ingress tunneling tool designed to create a secure SOCKS5 proxy server for routing network traffic.
Labsecurity is a tool that bundles ethical hacking python scripts into a single tool with cli interface.
A scalable server implementation of the OSS Review Toolkit.
Articles and tools related to research in the Apple environment (mainly macOS).
Repository containing source code of MixewayFlow service that is Swiss army knife for DevSecOps Teams
Scaling best-practice AFLPlusPlus fuzzing campaigns made easy and more
CONCOCTION is an automated machine learning-based vulnerability detection framework that combines static source code information and dynamic program execution traces.
Scout is an extensible open-source tool intended to assist smart contract developers and auditors detect common security issues and deviations from best practices. Scout audit is the core development ...
Smart Contract Vulnerability Detection From Pure Neural Network to Interpretable Graph Feature and Expert Pattern Fusion (IJCAI-21 Accepted)
Large Language Model-Powered Smart Contract Vulnerability Detection: New Perspectives (TPS23)
vMass Bot :hook: Vulnerability Scanner & Auto Exploiter Tool Written in Perl.
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
Gixposed is a powerful command-line tool designed to search the commit history of Git repositories for sensitive information, such as API keys and access tokens. Its purpose is to help developers and ...
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it si...
基于 AI 的代码安全审计工具,支持多种编程语言的代码分析,可以帮助开发者快速发现代码中的潜在安全漏洞。支持DeepSeek-R1,ChatGPT-4o等多种大模型。
Small & Fast Vulnerability Scanner Engine based on XRAY YAML Rule | 基于 XRAY YAML 规则的超轻量快速漏洞扫描引擎 | 基于 ANTLR 实现语法分析和完整的 XRAY YAML 规则实现 | 简单的启动参数 | 包含多种反连可用 | 可执行文件体积仅 2 MB
Delveline is a Code Vulnerability Analyzer for Java and Kotlin that supports best practices in security and risk management.
Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attempts
Exposor is a tool using internet search engines to detect exposed technologies with a unified syntax.
Repository containing source code of MixewayFlow service that is Swiss army knife for DevSecOps Teams
Gixposed is a powerful command-line tool designed to search the commit history of Git repositories for sensitive information, such as API keys and access tokens. Its purpose is to help developers and ...
TunnelX is a lightweight ingress tunneling tool designed to create a secure SOCKS5 proxy server for routing network traffic.
FastVulnVerify is an advanced Python tool developed to quickly identify common vulnerabilities encountered during penetration testing and vulnerability verification processes.
Alternative vulnhuntr + Rust implementation + tree-sitter multilingual support
A curated collection of free or freemium web-based penetration testing and vulnerability analysis tools. These tools assist security professionals and enthusiasts in discovering, assessing, and managi...
Zerodayf is an advanced code analysis platform that leverages artificial intelligence & SAST to identify vulnerabilities within source code.
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the int...
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes ...
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
This repository contains the scanner component for Greenbone Community Edition.
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Open Source Cloud Native Application Protection Platform (CNAPP)
cve-search - a tool to perform local searches for known vulnerabilities
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it si...
Exposor is a tool using internet search engines to detect exposed technologies with a unified syntax.
A Content Discovery and Development Platform. Empowering Cybersecurity, AI, Marketing, and Finance professionals and researchers to discover, analyze, and interact with the web in all its dimensions.
Scout is an extensible open-source tool intended to assist Stellar Soroban smart contract developers and auditors detect common security issues and deviations from best practices.
Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attempts
Articles and tools related to research in the Apple environment (mainly macOS).
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Scaling best-practice AFLPlusPlus fuzzing campaigns made easy and more
CONCOCTION is an automated machine learning-based vulnerability detection framework that combines static source code information and dynamic program execution traces.
A scalable server implementation of the OSS Review Toolkit.
Nmap script that scans for probable vulnerabilities based on services discovered in open ports.
Cross-Site Scripting (XSS) injects malicious scripts into trusted websites via user input. Attacker-sent scripts run in users' browsers, accessing sensitive data, cookies, and even altering HTML conte...
Large Language Model-Powered Smart Contract Vulnerability Detection: New Perspectives (TPS23)
FastVulnVerify is an advanced Python tool developed to quickly identify common vulnerabilities encountered during penetration testing and vulnerability verification processes.
Labsecurity is a tool that bundles ethical hacking python scripts into a single tool with cli interface.
Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers.