Search Results for "vulnerability management"
Sort By:
Showing 42 open source projects for "vulnerability management"
View related business solutions-
Ship Agents FasterGemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
-
$300 Free Credits to Build on Google CloudStart your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query petabytes in BigQuery, or build agents with Gemini Enterprise Agent Platform. Once your credits are used, keep building with 20+ always-free tier products including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. No commitment required—just sign up and start building.
-
1
OpenVAS Scanner
This repository contains the scanner component for Greenbone Community
OpenVAS Scanner is the scanner component of Greenbone Community Edition and serves as a full-featured vulnerability scanning engine. It executes a continuously updated feed of Vulnerability Tests to identify security weaknesses across systems and services. The scanner is also used within Greenbone Enterprise appliances, which reflects its role in broader vulnerability management workflows. It can be built and installed from source, integrated with other GVM modules, or deployed through Greenbone’s container-based options. ... -
2
Kubernetes DNS
Kubernetes DNS service
This is the repository for Kubernetes DNS(kube-dns and nodelocaldns). Vulnerability patches are mainly for debian-base or debian-iptables images. They can be updated to the latest by modifying rules.mk and dnsmasq Makefile. -
3
DefectDojo
DefectDojo is a DevSecOps and vulnerability management tool
DefectDojo is a security orchestration and vulnerability management platform. DefectDojo allows you to manage your application security program, maintain product and application information, triage vulnerabilities and push findings to systems like JIRA and Slack. DefectDojo enriches and refines vulnerability data using a number of heuristic algorithms that improve with the more you use the platform. -
4
Harbor
An open source trusted cloud native registry project that stores
Harbor is an open-source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open-source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build-and-run environment can improve the image transfer efficiency. Harbor supports replication of images between registries, and also offers advanced security features such as user management, access control... -
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
5
CyberStrikeAI
CyberStrikeAI is an AI-native security testing platform built in Go
...It supports role-based testing, letting teams define security roles with tailored tool access and prompts, and includes a skills system that encapsulates specialized testing strategies that the AI can incorporate into its planning. Through comprehensive lifecycle management, results are tracked, aggregated, and visualized, with support for versioned persistence, search, and risk severity scoring. -
6
Trivy Operator
Kubernetes-native security toolkit
The Trivy Operator leverages Trivy to continuously scan your Kubernetes cluster for security issues. The scans are summarised in security reports as Kubernetes Custom Resource Definitions, which become accessible through the Kubernetes API. The Operator does this by watching Kubernetes for state changes and automatically triggering security scans in response. For example, a vulnerability scan is initiated when a new Pod is created. This way, users can find and view the risks that relate to... -
7
A.I.G
Full-stack AI Red Teaming platform
...The tool provides both a visual interface and a comprehensive API, making integration with internal security systems or CI/CD pipelines practical for ongoing risk management. -
8
KubeClarity
KubeClarity is a tool for detection and management of vulnerabilities
KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply chain security. Effective vulnerability scanning requires an accurate Software Bill Of Materials (SBOM) detection. KubeClarity includes a CLI that can be run locally and especially useful for CI/CD pipelines. -
9
GitLab
Please open new issues in our issue tracker on GitLab
GitLab is a single-application DevOps platform that brings source control, CI/CD, package registries, security scanning, and deployment pipelines under one roof to accelerate software delivery. Built around Git repositories and merge-request workflows, it tightly integrates continuous integration, automated testing, code review, and release orchestration so teams can move from idea to production within a unified UI and policy model. GitLab’s features extend into the operational... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
Monkey Code
Enterprise-grade AI programming assistant designed for R&D collab
Monkey Code is an enterprise-grade AI programming assistant designed to transform how development teams collaborate, build, and manage code across complex environments. It goes beyond traditional AI coding tools by combining intelligent code generation, conversational programming, and automated DevOps-style workflows into a unified platform that integrates directly with Git-based repositories. One of its defining characteristics is its support for private deployment and fully offline... -
11
Laundry Management System
Small Laundry and Dry Cleaning Business Application
Laundry Management System is a better solutions for Small Laundry and Dry Cleaning business vendors with increased security from SQL injection, vulnerability and hackers. Its user friendly Laundry POS Screen Application. We are team of talented designers and developers making user friendly software to grow your small laundry and dry cleaning business digitally without spending a lot of money. -
12
C99 Shell
Powerful and classic PHP web shell
Download the latest version of C99 Shell – a powerful and classic PHP web shell used for penetration testing, server file management, and vulnerability analysis. C99 Shell offers a full-featured interface to browse files, execute commands, manage MySQL databases, and explore server configurations remotely. This tool is widely used by security professionals to understand how unauthorized scripts operate and to strengthen server defenses. Use C99 Shell responsibly in a secure environment for testing or forensic analysis only. -
13
TRAK Viewpoints
Specifications for TRAK architecture views
The architecture viewpoints (specifications for architecture views iaw ISO 42010) for TRAK. TRAK is a general systems-thinkers'/system engineering enterprise architecture framework. It is simple, user-friendly, pragmatic and not limited to IT. 100% triple-centric and semantically-sound. Defines a total of 24 viewpoints. The ones needed are selected by taking the task sponsor's concerns and matching them to the typical concerns that each TRAK viewpoint addresses. The triples that address... -
14
Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
Sn1per Professional is an all-in-one offensive security platform that provides a comprehensive view of your internal and external attack surface and offers an asset risk scoring system to prioritize, reduce, and manage risk. With Sn1per Professional, you can discover the attack surface and continuously monitor it for changes. It integrates with the leading open source and commercial security testing tools for a unified view of your data. -
15
Log4jScanner
A log4j vulnerability filesystem scanner and Go package
log4jscanner is a filesystem scanner and Go package that helps organizations quickly identify vulnerable Log4j components inside JARs and shaded dependencies. Instead of probing networks, it walks directories and archives, including nested JARs, to find version fingerprints and risky classes associated with the Log4Shell family of issues. The focus on static analysis makes it suitable for container images, build artifacts, and offline systems where active scanning isn’t feasible. Clear,... -
16
Kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is... -
17
RED HAWK
All-in-one reconnaissance and vulnerability scanning toolkit for sites
RED HAWK is an open source command-line security tool designed for information gathering, vulnerability scanning, and web reconnaissance tasks. It combines multiple scanning and analysis capabilities into a single toolkit to help security researchers and penetration testers quickly analyze a target website. It can collect a wide range of information about domains, servers, and web applications, including network details, hosting configuration, and content management system detection. ... -
18
VulnX
Intelligent Bot, Shell can achieve automatic injection
vulnx, an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities in CMS systems. It can perform a quick CMS security detection, information collection (including sub-domain name, IP address, country information, organizational information and time zone, etc.), and vulnerability scanning. Vulnx is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms, fast cms detection, information gathering, and... -
19
Sagacity
Security Assessment Data Management and Analysis Tool
We have migrated development of Sagacity to GitHub at https://github.com/cyberperspectives/sagacity Sagacity is a vulnerability assessment and STIG compliance data management tool designed to make security testing more efficient, effective and complete. Security assessments, especially those done for DoD and Federal organizations, produce tremendous amounts of scan and compliance data that security engineers must sort through and deconflict, identify untested requirements, and somehow analyze to communicate risk to their employers. ... -
20
SG ERP
Purchase and Sale Management System
The relevance of the development of the project addressed is justified difficulties in managing the business processes in search of of an organizational improvement. Taking advantage of the ease of doing research on information. Being able in a second step to make a study in the data collected to observe patterns, probabilities, generate graphs. In addition to the benefits already mentioned, we also access of business data, the end of redundancies, facilitate the creation of... -
21
AlienVault OSSIM
Open Source SIEM
OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich... -
22
Lynis
System/security auditing tool for hardening and securing Linux/Unix
...Beside security related information it will also scan for general system information, installed packages and possible configuration errors. This software aims in assisting automated auditing, hardening, software patch management, vulnerability and malware scanning of Unix/Linux based systems. It can be run without prior installation, so inclusion on read only storage is possible (USB stick, cd/dvd). Lynis assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOx (Sarbanes-Oxley) compliance audits, by automation of control testing. Extended support for companies is available -
23
WATOBO is intended to enable security professionals to perform highly efficient (semi-automated ) web application security audits.
-
24
SIGVI is a vulnerability manager for enterprise environments. Uses vulnerability sources like NVD, auto-updates its repository and looks for vulnerable products installed on your servers, creating alerts and notifying their administrators.
-
25
bWAPP
an extremely buggy web app !
bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific...
