332 Open source projects that are alternatives of or similar to Vuln Web Apps

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

🆕 The Multi-Tool Web Vulnerability Scanner.

Open-Source Security Architecture | 开源安全架构

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Tool for breaking into web applications.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Agent scanner for vulners.com

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

hacker, ready for more of our story ! 🚀

Advanced vulnerability scanning with Nmap NSE

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Hourly updated database of exploit and exploitation reports

Kubernetes Native, Runtime Container Image Scanning

🔎 Python framework to automatically discover and enumerate hosts from different back-end systems (Shodan, Censys)

SD-WAN security and insecurity

Discover Your Attack Surface!

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

Secure, Unified, Powerful and Extensible Rust Android Analyzer

A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan

WPScan rewritten in Python + some WPSeku ideas

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Python2编写的struts2漏洞全版本检测和利用工具

golang version for nmap service and application version detection (without nmap installation)

🔐💥 KeyNuker - nuke AWS keys accidentally leaked to Github

Python3编写的CMS漏洞检测框架

Damn Vulnerable Web Application Docker container

GDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…

🐞 Primitive Erlang Security Tool

Vulnerable Web applications Generator

A service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification

Documentation and Tools for Cisco's PSIRT openVuln API

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

A PHP dependency vulnerabilities scanner based on the Security Advisories Database.

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

A collection of electronic hacker magazines carefully curated over the years from multiple sources

All-in-one tool for managing vulnerability reports from AppSec pipelines

S2E: A platform for multi-path program analysis with selective symbolic execution.

Application and Service Fingerprinting

Distributed filesystem scanner

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

The OWASP ZAP core project

Offensive vulnerability scanner for ethereum, and symbolic execution tool for the Ethereum Virtual Machine

Kubernetes object analysis with recommendations for improved reliability and security

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

PHP malware detector

Nailgun attack on ARM devices.

HackSys Extreme Vulnerable Windows Driver

The Swiss Army knife for automated Web Application Testing

Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

Security tool to trace URL's jumps across the rel links to obtain the last URL

IVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.