146 Open source projects that are alternatives of or similar to Nuclei

Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.

🆕 The Multi-Tool Web Vulnerability Scanner.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Advanced and easy to use penetration testing framework 💣🔎

A python tool to check subdomain takeover vulnerability

A high performance offensive security tool for reconnaissance and vulnerability scanning

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

System Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

cve-search - a tool to perform local searches for known vulnerabilities

OWASP Zed Attack Proxy project landing page.

NERVE Continuous Vulnerability Scanner

Libellux: Up & Running provides documentation on how-to install open-source software from source. The focus is Zero Trust Network to enhance the security for existing applications or install tools to detect and prevent threats.

Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

Advanced vulnerability scanning with Nmap NSE

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

Central Processing Unit Information Gathering Tool

Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

Smart Contract Vulnerability Detection Using Graph Neural Networks (IJCAI-20 Accepted)

FUNDED is a novel learning framework for building vulnerability detection models.

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

AWVS12 最新版本12.0.190902105_x64

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

Port of "DR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers" to Clang/LLVM 10 and Linux Kernel

Wazuh - Amazon AWS Cloudformation

Fuzzer for Linux Kernel Drivers

🔐 Vulnerability remediation scoring system

A typical search engine dork scanner scrapes search engines with dorks that you provide in order to find vulnerable URLs.

《白帽子讲Web扫描》书籍参考代码

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images

Host Header Injection Scanner

Grunt plugin for retire.

A collection of my quick and dirty scripts for vulnerability POC and detections

Wazuh - Ansible playbook

SQL Injection Payload List

Vulnerability database and package search for sources such as OSV, NVD, GitHub and npm.

OneForAll是一款功能强大的子域收集工具

Wazuh - Ruleset

A tool for identifying misconfigured CloudFront domains

Wazuh - Tools for packages creation

Advanced file format fuzzer based-on deep neural language models.

T-XPLOITER is a Perl program for detect and (even) exploit website(s). Why the name is T-XPLOITER ? T means Triple, XPLOITER means Exploiter. This program has 3 features and functions to detect and (even) exploit website(s), just check it out :).

The knife of the Admin & Security auditor

Kubescape is a K8s open-source tool providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer and image vulnerabilities scanning.

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

🔐 Shim to easily install OWASP dependency-check-cli into Python projects

Mixeway Scanner is Spring Boot application which aggregate integration with number of OpenSource Vulnerability scanners - both SAST and DAST types

Check CPAN modules for known security vulnerabilities

Enables scanning of docker builds in Jenkins for OS package vulnerabilities.