313 Open source projects that are alternatives of or similar to Advisory Db

Open-Source Security Architecture | 开源安全架构

A static analysis security vulnerability scanner for Ruby on Rails applications

🎖safely* install packages with npm or yarn by auditing them as part of your install process

Secure, Unified, Powerful and Extensible Rust Android Analyzer

Pentest Report Generator

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Making CoreOS' Clair easily work in CI/CD pipelines

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

SSL and TLS protocol test suite and fuzzer

PHP Security Check List [ EN ] 🌋 ☣️

An small overview of known Android vulnerabilities

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

ATT&CK实操

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Hunt for security weaknesses in Kubernetes clusters

Integrates Dependency-Check reports into SonarQube

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

一键提取安卓应用中可能存在的敏感信息。

Web application vulnerability scanner

Technical details that a programmer of a web application should consider before making the site public.

The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud review in case the security researcher compromised AWS Account Credentials.

ClusterFuzzLite - Simple continuous fuzzing that runs in CI.

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

QCTF School 2018. Developed with ♥ by Hackerdom team

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Snyk's public vulnerability database

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

Web Application Security Scanner Framework

ssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation

OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

This repository is a collection of resources to prepare for the Certified Kubernetes Security Specialist (CKSS) exam.

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

WEB SERVICE SECURITY ASSESSMENT TOOL

Certified Smart Contract Audits (Ethereum, Hyperledger, xDAI, Huobi ECO Chain, Binance Smart Chain, Fantom, EOS, Tezos) by Chainsulting

A list of web application security

Helps you continuously monitor and fix common security vulnerabilities in your Django application.

CVE Alerting Platform

ConPan: Analyze your Docker container in peace

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

A toolbox to enforce firewall rules across multiple GCP projects.

Tracking CVEs for the linux Kernel

Web-based Source Code Vulnerability Scanner

KInspector is an application for analyzing health, performance and security of your Kentico solution.

Enables and use of the concept of security in your Delphi applications

List of every possible vulnerabilities in computer security.

Advisories, proof of concept files and exploits that have been made public by @pedrib.

Kubei is a flexible Kubernetes runtime scanner, scanning images of worker and Kubernetes nodes providing accurate vulnerabilities assessment, for more information checkout:

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

PHDays Online CTF 2017. Developed with ♥ by Hackerdom team

Cybersecurity Evaluation Tool

Simple and scalable Linux tools for verifying TPM-based remote attestations 🔬⚖️🔐⛓📏📜

🔐 Shim to easily install OWASP dependency-check-cli into Python projects

network reconnaissance toolkit

快速搭建各种漏洞环境(Various vulnerability environment)