KillshotA Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner
CommixAutomated All-in-One OS Command Injection Exploitation Tool.
HexraystoolboxHexrays Toolbox - Find code patterns within the Hexrays AST
Biu FrameworkBiu-framework🚀 Security Scan Framework For Enterprise Intranet Based Services(企业内网基础服务安全扫描框架)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
FuxploiderFile upload vulnerability scanner and exploitation tool.
Wpscan V3THIS REPOSITORY HAS BEEN MOVED TO https://github.com/wpscanteam/wpscan USE THAT!!!
Poc T渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
M3m0M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter
Gopoc用cel-go重现了长亭xray的poc检测功能的轮子
Security CheckerA PHP dependency vulnerabilities scanner based on the Security Advisories Database.
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
CrawlergoA powerful dynamic crawler for web vulnerability scanners
BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
MarsnakeSystem Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
CorsyCORS Misconfiguration Scanner
SilverMass scan IPs for vulnerable services
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
SifterSifter aims to be a fully loaded Op Centre for Pentesters
SqlmapAutomatic SQL injection and database takeover tool
Cwe checkercwe_checker finds vulnerable patterns in binary executables
CrlfuzzA fast tool to scan CRLF vulnerability written in Go
Sqli HunterSQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
NucleiFast and customizable vulnerability scanner based on simple YAML based DSL.
BadmodCMS auto detect and exploit.
sub404A python tool to check subdomain takeover vulnerability
avainA Modular Framework for the Automated Vulnerability Analysis in IP-based Networks
Libellux-Up-and-RunningLibellux: Up & Running provides documentation on how-to install open-source software from source. The focus is Zero Trust Network to enhance the security for existing applications or install tools to detect and prevent threats.
erebusErebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.
log4j-detectorLog4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!
dorkScannerA typical search engine dork scanner scrapes search engines with dorks that you provide in order to find vulnerable URLs.
safelog4jSafelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
cdCloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.