Top 123 vulnerability-scanners open source projects

Fast CORS misconfiguration vulnerabilities scanner🍻

Burp被动扫描流量转发插件

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

hack tools

红队综合渗透框架

The best and easiest way to decode and repack AWVS scripts. AWVS 最好、最简单、最新的解码/再打包方法，仅15行代码！

vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...

WPScan rewritten in Python + some WPSeku ideas

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders

hacker, ready for more of our story ! 🚀

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.

iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.

Web-based Source Code Vulnerability Scanner

The fastest dork scanner written in Go.

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

NERVE Continuous Vulnerability Scanner

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

Apache Shiro 反序列化漏洞检测与利用工具

Security scanner for your Terraform code

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

Advanced Vulnerability Scanner Tool

(Deprecated) Submit all images in your Kubernetes cluster to Anchore for a vulnerability check and check your configuration with kubeaudit

Remote command execution vulnerability scanner for Log4j.

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

SQL Injection Payload List

Web Recon & Exploitation Tool.

Designed to scan and exploit vulnerabilities within Tor hidden services. TORhunter allows most tools to work as normal while resolving .onion

图形化漏洞利用集成工具

Advanced Web Browser Fingerprinting

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

👓 Yet another binary vulnerbilities checker. An automated vulnerability scanner for ELF based on symbolic execution.

Kubernetes Native, Runtime Container Image Scanning

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan

SEC分布式资产扫描系统

Port of "DR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers" to Clang/LLVM 10 and Linux Kernel

《白帽子讲Web扫描》书籍参考代码

OSPd is a framework for vulnerability scanners which share the same communication protocol: OSP (Open Scanner Protocol)

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images

Agent scanner for vulners.com

Tools for inspecting disk images

A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs

A simple program written in bash that contains basic Linux network tools, information gathering tools and scanning tools.

Mixeway Scanner is Spring Boot application which aggregate integration with number of OpenSource Vulnerability scanners - both SAST and DAST types

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

Fast and customizable vulnerability scanner For JIRA written in Python

A static binary vulnerability scanner

Scout - a Contactless Active Reconnaissance Tool

Static and dynamic Android application security analysis

Harbor in Kubernetes

Backend logic implementation for Vulnerability Management System

Trivy based vulnerability management service