Search Results for "vulnerability management"

Showing 37 open source projects for "vulnerability management"

View related business solutions
  • Ship Agents Faster Icon
    Ship Agents Faster

    Transform your applications and workflows into powerful agentic systems at global scale.

    Gemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
    Get Started Free
  • $300 Free Credits for Your Google Cloud Projects Icon
    $300 Free Credits for Your Google Cloud Projects

    Start building on Google Cloud with $300 in free credits. No commitment, no credit card required until you're ready to scale.

    Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
    Start Free Trial
  • 1
    OpenVAS Scanner

    OpenVAS Scanner

    This repository contains the scanner component for Greenbone Community

    OpenVAS Scanner is the scanner component of Greenbone Community Edition and serves as a full-featured vulnerability scanning engine. It executes a continuously updated feed of Vulnerability Tests to identify security weaknesses across systems and services. The scanner is also used within Greenbone Enterprise appliances, which reflects its role in broader vulnerability management workflows. It can be built and installed from source, integrated with other GVM modules, or deployed through Greenbone’s container-based options. ...
    Downloads: 14 This Week
    Last Update:
    See Project
  • 2
    Kubernetes DNS

    Kubernetes DNS

    Kubernetes DNS service

    This is the repository for Kubernetes DNS(kube-dns and nodelocaldns). Vulnerability patches are mainly for debian-base or debian-iptables images. They can be updated to the latest by modifying rules.mk and dnsmasq Makefile.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 3
    DefectDojo

    DefectDojo

    DefectDojo is a DevSecOps and vulnerability management tool

    DefectDojo is a security orchestration and vulnerability management platform. DefectDojo allows you to manage your application security program, maintain product and application information, triage vulnerabilities and push findings to systems like JIRA and Slack. DefectDojo enriches and refines vulnerability data using a number of heuristic algorithms that improve with the more you use the platform.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 4
    Harbor

    Harbor

    An open source trusted cloud native registry project that stores

    Harbor is an open-source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open-source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build-and-run environment can improve the image transfer efficiency. Harbor supports replication of images between registries, and also offers advanced security features such as user management, access control...
    Downloads: 24 This Week
    Last Update:
    See Project
  • Secure File Transfer for Windows with Cerberus by Redwood Icon
    Secure File Transfer for Windows with Cerberus by Redwood

    Protect and share files over FTP/S, SFTP, HTTPS and SCP with the #1 rated Windows file transfer server.

    Cerberus supports unlimited users and connections on a single IP, with built-in encryption, 2FA, and a browser-based web client — all deployable in under 15 minutes with a 25-day free trial.
    Try for Free
  • 5
    CyberStrikeAI

    CyberStrikeAI

    CyberStrikeAI is an AI-native security testing platform built in Go

    ...It supports role-based testing, letting teams define security roles with tailored tool access and prompts, and includes a skills system that encapsulates specialized testing strategies that the AI can incorporate into its planning. Through comprehensive lifecycle management, results are tracked, aggregated, and visualized, with support for versioned persistence, search, and risk severity scoring.
    Downloads: 14 This Week
    Last Update:
    See Project
  • 6
    Trivy Operator

    Trivy Operator

    Kubernetes-native security toolkit

    The Trivy Operator leverages Trivy to continuously scan your Kubernetes cluster for security issues. The scans are summarised in security reports as Kubernetes Custom Resource Definitions, which become accessible through the Kubernetes API. The Operator does this by watching Kubernetes for state changes and automatically triggering security scans in response. For example, a vulnerability scan is initiated when a new Pod is created. This way, users can find and view the risks that relate to...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 7
    A.I.G

    A.I.G

    Full-stack AI Red Teaming platform

    ...The tool provides both a visual interface and a comprehensive API, making integration with internal security systems or CI/CD pipelines practical for ongoing risk management.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 8
    KubeClarity

    KubeClarity

    KubeClarity is a tool for detection and management of vulnerabilities

    KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply chain security. Effective vulnerability scanning requires an accurate Software Bill Of Materials (SBOM) detection. KubeClarity includes a CLI that can be run locally and especially useful for CI/CD pipelines.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 9
    GitLab

    GitLab

    Please open new issues in our issue tracker on GitLab

    GitLab is a single-application DevOps platform that brings source control, CI/CD, package registries, security scanning, and deployment pipelines under one roof to accelerate software delivery. Built around Git repositories and merge-request workflows, it tightly integrates continuous integration, automated testing, code review, and release orchestration so teams can move from idea to production within a unified UI and policy model. GitLab’s features extend into the operational...
    Downloads: 18 This Week
    Last Update:
    See Project
  • Error to trace to log to deploy. One click. No SSH. Icon
    Error to trace to log to deploy. One click. No SSH.

    Catch the cause before the pager goes off.

    AppSignal links every error to the trace, the trace to the log, the log to the deploy that shipped it.
    Free 30 days.
  • 10
    Monkey Code

    Monkey Code

    Enterprise-grade AI programming assistant designed for R&D collab

    Monkey Code is an enterprise-grade AI programming assistant designed to transform how development teams collaborate, build, and manage code across complex environments. It goes beyond traditional AI coding tools by combining intelligent code generation, conversational programming, and automated DevOps-style workflows into a unified platform that integrates directly with Git-based repositories. One of its defining characteristics is its support for private deployment and fully offline...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 11
    Laundry Management System

    Laundry Management System

    Small Laundry and Dry Cleaning Business Application

    Laundry Management System is a better solutions for Small Laundry and Dry Cleaning business vendors with increased security from SQL injection, vulnerability and hackers. Its user friendly Laundry POS Screen Application. We are team of talented designers and developers making user friendly software to grow your small laundry and dry cleaning business digitally without spending a lot of money.
    Downloads: 11 This Week
    Last Update:
    See Project
  • 12
    TRAK Viewpoints

    TRAK Viewpoints

    Specifications for TRAK architecture views

    The architecture viewpoints (specifications for architecture views iaw ISO 42010) for TRAK. TRAK is a general systems-thinkers'/system engineering enterprise architecture framework. It is simple, user-friendly, pragmatic and not limited to IT. 100% triple-centric and semantically-sound. Defines a total of 24 viewpoints. The ones needed are selected by taking the task sponsor's concerns and matching them to the typical concerns that each TRAK viewpoint addresses. The triples that address...
    Downloads: 3 This Week
    Last Update:
    See Project
  • 13
    Sn1per

    Sn1per

    Attack Surface Management Platform | Sn1perSecurity LLC

    Sn1per Professional is an all-in-one offensive security platform that provides a comprehensive view of your internal and external attack surface and offers an asset risk scoring system to prioritize, reduce, and manage risk. With Sn1per Professional, you can discover the attack surface and continuously monitor it for changes. It integrates with the leading open source and commercial security testing tools for a unified view of your data.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 14
    Log4jScanner

    Log4jScanner

    A log4j vulnerability filesystem scanner and Go package

    log4jscanner is a filesystem scanner and Go package that helps organizations quickly identify vulnerable Log4j components inside JARs and shaded dependencies. Instead of probing networks, it walks directories and archives, including nested JARs, to find version fingerprints and risky classes associated with the Log4Shell family of issues. The focus on static analysis makes it suitable for container images, build artifacts, and offline systems where active scanning isn’t feasible. Clear,...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 15
    Kubesploit

    Kubesploit

    Kubesploit is a cross-platform post-exploitation HTTP/2 Command

    Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is...
    Downloads: 2 This Week
    Last Update:
    See Project
  • 16
    RED HAWK

    RED HAWK

    All-in-one reconnaissance and vulnerability scanning toolkit for sites

    RED HAWK is an open source command-line security tool designed for information gathering, vulnerability scanning, and web reconnaissance tasks. It combines multiple scanning and analysis capabilities into a single toolkit to help security researchers and penetration testers quickly analyze a target website. It can collect a wide range of information about domains, servers, and web applications, including network details, hosting configuration, and content management system detection. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 17
    Sagacity

    Sagacity

    Security Assessment Data Management and Analysis Tool

    We have migrated development of Sagacity to GitHub at https://github.com/cyberperspectives/sagacity Sagacity is a vulnerability assessment and STIG compliance data management tool designed to make security testing more efficient, effective and complete. Security assessments, especially those done for DoD and Federal organizations, produce tremendous amounts of scan and compliance data that security engineers must sort through and deconflict, identify untested requirements, and somehow analyze to communicate risk to their employers. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 18
    SG ERP

    SG ERP

    Purchase and Sale Management System

    The relevance of the development of the project addressed is justified difficulties in managing the business processes in search of of an organizational improvement. Taking advantage of the ease of doing research on information. Being able in a second step to make a study in the data collected to observe patterns, probabilities, generate graphs. In addition to the benefits already mentioned, we also access of business data, the end of redundancies, facilitate the creation of...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 19
    AlienVault OSSIM

    AlienVault OSSIM

    Open Source SIEM

    OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich...
    Leader badge
    Downloads: 53 This Week
    Last Update:
    See Project
  • 20
    Lynis

    Lynis

    System/security auditing tool for hardening and securing Linux/Unix

    ...Beside security related information it will also scan for general system information, installed packages and possible configuration errors. This software aims in assisting automated auditing, hardening, software patch management, vulnerability and malware scanning of Unix/Linux based systems. It can be run without prior installation, so inclusion on read only storage is possible (USB stick, cd/dvd). Lynis assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOx (Sarbanes-Oxley) compliance audits, by automation of control testing. Extended support for companies is available
    Downloads: 0 This Week
    Last Update:
    See Project
  • 21
    watobo
    WATOBO is intended to enable security professionals to perform highly efficient (semi-automated ) web application security audits.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 22
    SIGVI
    SIGVI is a vulnerability manager for enterprise environments. Uses vulnerability sources like NVD, auto-updates its repository and looks for vulnerable products installed on your servers, creating alerts and notifying their administrators.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 23

    bWAPP

    an extremely buggy web app !

    bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific...
    Leader badge
    Downloads: 899 This Week
    Last Update:
    See Project
  • 24
    ESSPEE - Penetration Testing & Forensics

    ESSPEE - Penetration Testing & Forensics

    (Android Forensics & Malware Analysis Included)

    ESSPEE - Extreme Security Scanning Penetration testing & Exploitation Environment Ubuntu 12.04 LTS (Precise Pangolin) is purposefully selected as the base Operating System to obtain supports from Ubuntu for a long duration (till Apr 2017). It is packed with featured security tools with very less resource consumption and higher degree of stability. Thanks to Back Track, Blackbuntu, CAINE and DEFT and many others for inspiration. Being a sole developer to this distro, I wish it...
    Leader badge
    Downloads: 1 This Week
    Last Update:
    See Project
  • 25

    Security Management System

    A management system for sensitive system and security information

    A management system for sensitive system and security information. This system is designed to aid IT/Security professionals in maintaining a repository of sensitive information for their systems, to include: sensitive system information (architecture, assets and inventory, vulnerability data, remediation strategies, assessments) and so on.
    Downloads: 0 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • Next
Auth0 Logo