Search Results for "vulnerability"
Sort By:
Showing 265 open source projects for "vulnerability"
View related business solutions-
Build Securely on AWS with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
1
Nikto
Web server vulnerability scanner for security assessments
Nikto is an open-source web server scanner that performs comprehensive tests to detect potentially dangerous files, outdated server software, and configuration issues. It’s widely used by penetration testers and security professionals for auditing web applications and infrastructure. Nikto supports multiple output formats and can integrate with other tools for automated scanning workflows. -
2
WPScan
WPScan WordPress security scanner
WPScan is a black-box WordPress vulnerability scanner written in Ruby. It analyzes WordPress sites to identify outdated core, plugins, themes, exposed APIs, and known vulnerabilities using a large built-in vulnerability database. It is a popular security auditing tool for pentesters and site administrators. -
3
syft
CLI tool and library for generating a Software Bill of Materials
CLI tool and library for generating a Software Bill of Materials from container images and filesystems. syft is a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for vulnerability detection when used with a scanner like Grype. Generates SBOMs for container images, filesystems, archives, and more to discover packages and libraries. Supports OCI, Docker and Singularity image formats. Linux distribution identification. Works seamlessly with Grype (a fast, modern vulnerability scanner). Able to create signed SBOM attestations using the in-toto specification. ... -
4
grype
A vulnerability scanner for container images and filesystems
A vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Works with Syft, the powerful SBOM (software bill of materials) tool for container images and filesystems. Scan the contents of a container image or filesystem to find known vulnerabilities. Find vulnerabilities for major operating system packages. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
nuclei
Fast and customizable vulnerability scanner based on simple YAML
...Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks. We have a dedicated repository that houses various type of vulnerability templates contributed by more than 300 security researchers and engineers. Nuclei has built-in support for automatic template download/update as default since version v2.5.2. Nuclei-Templates project provides a community-contributed list of ready-to-use templates that is constantly updated. You may still use the update-templates flag to update the nuclei templates at any time; You can write your own checks for your individual workflow and needs following Nuclei's templating guide. -
6
Flan Scan
A pretty sweet vulnerability scanner
Flan Scan is a lightweight open-source network vulnerability scanner designed to make it easy to detect exposed services, open ports, and associated vulnerabilities across IP ranges or network segments as part of security audit and compliance workflows. It is essentially a thin wrapper around the widely-used Nmap scanner, augmenting it with scripts and tooling that transform raw Nmap output into vulnerability-focused reports that map detected services to known CVEs, making results more actionable for administrators and auditors. ... -
7
Vuls
Agentless vulnerability scanner for Linux/FreeBSD
Vuls is open-source, agent-less vulnerability scanner based on information from NVD, OVAL, etc. Vuls uses multiple vulnerability databases NVD, JVN, OVAL, RHSA/ALAS/ELSA/FreeBSD-SA and Changelog. Vuls v0.5.0 now possible to detect vulnerabilities that patches have not been published from distributors. Remote scan mode is required to only setup one machine that is connected to other scan target servers via SSH. -
8
OSV.dev
Open source vulnerability DB and triage service
osv.dev (Open Source Vulnerabilities) is Google’s open source platform and API for aggregating, managing, and analyzing vulnerability data across multiple ecosystems. It powers the osv.dev website, providing a unified, queryable database of vulnerabilities that map directly to open source packages and versions. The system hosts vulnerability data for ecosystems such as PyPI, npm, Go, Maven, and Debian, among others. The platform includes a web UI, API, and a Go-based dependency scanner that checks software dependencies, container images, SBOMs (SPDX, CycloneDX), and Git repositories for known vulnerabilities. ... -
9
Kubernetes DNS
Kubernetes DNS service
This is the repository for Kubernetes DNS(kube-dns and nodelocaldns). Vulnerability patches are mainly for debian-base or debian-iptables images. They can be updated to the latest by modifying rules.mk and dnsmasq Makefile. -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
10
garak
The LLM vulnerability scanner
...The standard pip version of garak is updated periodically. garak has its own dependencies, you can to install garak in its own Conda environment. garak needs to know what model to scan, and by default, it'll try all the probes it knows on that model, using the vulnerability detectors recommended by each probe. For each probe loaded, garak will print a progress bar as it generates. Once the generation is complete, a row evaluating the probe's results on each detector is given. -
11
Scope Sentry
Cyberspace asset mapping and vulnerability scanning platform
...It helps security researchers and penetration testers discover, monitor, and analyze internet-facing assets belonging to a target scope. ScopeSentry combines multiple reconnaissance and vulnerability assessment capabilities such as subdomain enumeration, port scanning, directory scanning, and sensitive information detection. ScopeSentry can automatically identify assets and services, extract URLs, and crawl websites to collect useful security data for further analysis. It also includes vulnerability scanning and subdomain takeover detection to help identify common security weaknesses across web infrastructure. ... -
12
Fapro
Fake Protocol Server
Fapro is an open-source asset discovery and vulnerability scanning tool developed by Fofa Pro. It assists in identifying and managing network assets, detecting potential vulnerabilities, and enhancing overall security posture -
13
DefectDojo
DefectDojo is a DevSecOps and vulnerability management tool
DefectDojo is a security orchestration and vulnerability management platform. DefectDojo allows you to manage your application security program, maintain product and application information, triage vulnerabilities and push findings to systems like JIRA and Slack. DefectDojo enriches and refines vulnerability data using a number of heuristic algorithms that improve with the more you use the platform. -
14
Is Website Vulnerable
Finds publicly known security vulnerabilities in a website's frontend
A command-line tool that scans websites for known security vulnerabilities in their frontend dependencies by checking against the Snyk vulnerability database. -
15
Docker Scout CLI
Docker Scout CLI
...Docker Scout enhances your development process with detailed image analysis and proactive remediation tools. It integrates seamlessly with Docker Desktop and Docker Hub to improve your security and efficiency. Docker Scout’s local vulnerability analysis scans your images for potential security issues before they reach production. By detecting vulnerabilities early, it helps you ensure safer deployments and reduce the risk of security breaches in your applications. -
16
Raccoon
High-performance reconnaissance and vulnerability scanning tool
Raccoon is a high-performance offensive security tool designed to assist with reconnaissance and vulnerability scanning during penetration testing and security assessments. It automates several common reconnaissance tasks, allowing security professionals to quickly gather information about a target system or web application. The tool combines multiple scanning techniques into a single workflow, helping users identify potential weaknesses, exposed services, and accessible resources on a target host. ... -
17
Brakeman
A static analysis security vulnerability scanner for Ruby on Rails app
Brakeman is a free vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development. Brakeman now uses the parallel gem to read and parse files in parallel. By default, parallel will split the reading/parsing into a number of separate processes based on number of CPUs. -
18
Mantis
Automated framework for asset discovery and vulnerability scanning
Mantis is an open source security framework designed to automate the workflow of asset discovery, reconnaissance, and vulnerability scanning for organizations and security teams. Mantis operates through a command line interface and accepts targets such as top level domains, IP addresses, or network ranges as input. From these inputs, it automatically discovers associated digital assets including subdomains and SSL certificates, allowing users to map the attack surface of a system. ... -
19
Agentic Security
Agentic LLM Vulnerability Scanner / AI red teaming kit
The open-source Agentic LLM Vulnerability Scanner. -
20
reconFTW
Automated framework for domain reconnaissance and vulnerability scans.
...The tool streamlines the reconnaissance phase of security assessments by orchestrating numerous specialized tools to gather intelligence about a target domain. It performs multiple discovery and analysis tasks such as subdomain enumeration, OSINT collection, and vulnerability scanning in an automated workflow. The framework integrates many external security utilities and coordinates them to produce comprehensive reconnaissance results efficiently. Its modular design allows users to customize the process, enabling or disabling modules and adjusting settings according to their needs. reconFTW also provides configuration options for API keys, execution preferences, and tool paths through a dedicated configuration file. ... -
21
PentAGI
Perform penetration testing tasks
PentAGI is a fully autonomous AI agent system designed to perform complex penetration testing tasks by orchestrating multiple intelligent components into a coordinated offensive security workflow. The platform aims to automate significant portions of the penetration testing lifecycle, including reconnaissance, vulnerability discovery, and exploitation planning, reducing the amount of manual effort required from security professionals. It leverages agent-based architecture and AI reasoning to chain together tools and strategies in a way that mimics experienced human testers. The project is built to be modular and extensible so researchers and red teams can customize behavior or integrate additional tools as needed. ... -
22
AICGSecEval
A.S.E (AICGSecEval) is a repository-level AI-generated code security
...The project was developed to address concerns that AI-assisted programming tools may produce insecure code containing vulnerabilities such as injection flaws or unsafe logic. The framework constructs evaluation tasks based on real-world software repositories and known vulnerability cases derived from CVE records. By simulating realistic development scenarios, the benchmark assesses how well AI code generation systems handle security-sensitive programming tasks. AICGSecEval combines static and dynamic evaluation techniques to analyze generated code for vulnerabilities and functional correctness. The framework includes datasets, test cases, and evaluation metrics that measure how AI programming tools perform across multiple programming languages and vulnerability categories. -
23
Trail of Bits Skills Marketplace
Trail of Bits Claude Code skills for security research, vulnerability
Trail of Bits Skills Marketplace is a specialized Claude Code skills marketplace built by the security research firm Trail of Bits that focuses on enhancing AI-assisted workflows for vulnerability discovery, testing, and secure development. The repository groups a set of plug-in skills tailored toward static analysis, code auditing, secure defaults detection, and other practices that matter in software security. Users can easily add the marketplace to a Claude Code environment, browse available plugins, and install specific skills for tasks like automatic Semgrep rule creation, entry-point analysis in smart contracts, or insecure defaults detection. ... -
24
Kubescape
Kubescape is an open-source Kubernetes security platform for your IDE
...Kubescape is an open-source Kubernetes security platform, built for use in your day-to-day workflow, by fitting into your clusters, CI/CD pipelines and IDE. It serves as a one-stop-shop for Kubernetes security and includes vulnerability and misconfiguration scanning. You can run scans via the CLI, or add the Kubescape Helm chart, which gives an in-depth view of what is going on in the cluster. Kubescape includes misconfiguration and vulnerability scanning as well as risk analysis and security compliance indicators. All results are presented in context and users get many cues on what to do based on scan results. ... -
25
Strix
Open-source AI hackers to find and fix your app’s vulnerabilities
...The system is designed to mimic the behavior of real attackers by executing dynamic testing and verifying findings through proof-of-concept exploitation. Unlike traditional vulnerability scanners that rely heavily on static analysis, Strix agents actively run code, probe systems, and attempt exploitation to confirm whether vulnerabilities are genuinely exploitable. The platform is intended for developers and security teams that need rapid security assessments without the overhead of manual penetration testing engagements. ...
