142 Open source projects that are alternatives of or similar to AutoVAS

Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).

finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

Yet Another Vulnerability Database

Tool for breaking into web applications.

A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation

Serverless plugin for securing your dependencies with Snyk

A Java library for calculating CVSSv2 and CVSSv3 scores and vectors

mirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/

dr.rer.oec.gadget IDAPython plugin for the Interactive Disassembler <ABANDONED PROJECT>

Zero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities

Vulnerability (CVE) scanner for Nix/NixOS.

CyberQueens lesson materials - learning resources and exercises for aspiring reverse engineers, exploit developers, and hackers 👩‍💻👨‍💻

Vulnerability database and package search for sources such as OSV, NVD, GitHub and npm.

Hourly updated database of exploit and exploitation reports

It's a Docker Environment for pentesting which having all the required tool for VAPT.

A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected

Intentionally vulnerable Android application.

This tool scans for a number of common, vulnerable components (openssl, libpng, libxml2, expat and a few others) to let you know if your system includes common libraries with known vulnerabilities.

An iOS Security assessment app for jailbroken iOS Devices.

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Anchore container analysis and scan provided as a GitHub Action

A quick methodology on testing / hacking SAP Applications for n00bz and bug bounty hunters

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images

Find security vulnerabilities in open source npm packages while you code

Multi source CVE/exploit parser.

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

Vulnogram is a tool for creating and editing CVE information in CVE JSON format

A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs

Pretty vulnerable flask app..

RuCTFE 2019. Developed with ♥ by HackerDom team

Test and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.

This is a repo is to upload files done during my research.

A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

scanner detecting the use of JavaScript libraries with known vulnerabilities

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

This repo has been migrated to https://github.com/github/security-lab/tree/master/SecurityExploits

Bugcrowd’s baseline priority ratings for common security vulnerabilities

EasyBuggy clone built on Django

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

Making CoreOS' Clair easily work in CI/CD pipelines

Too buggy web application

essential templates for kenzer

Search Exploitable Software on Linux

Red Hat Dependency Analytics extension

The Decentralized Application Security Project

Script to test open Akamai ARL vulnerability.

Added Laravel functionality to Enlightn Security Checker. Adds a command to check for, and optionally emails you, vulnerabilities when they affect you.

Kubernetes Native, Runtime Container Image Scanning

Repository for information about 0-days exploited in-the-wild.

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

SD-WAN security and insecurity

OpenType font file format fuzzer for Windows

Centralize Vulnerability Assessment and Management for DevSecOps Team

Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...

异步漏洞利用框架

Выпускная квалификационная работа (ВКР) магистра в LaTeX, оформленная в соответствии с нормоконтролем Севастопольского государственного университета в 2017 г.

A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan

Agent scanner for vulners.com