Search Results for "vulnerability management"
Sort By:
Showing 21 open source projects for "vulnerability management"
View related business solutions-
Ship Agents FasterGemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
-
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
1
Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
Sn1per Professional is an all-in-one offensive security platform that provides a comprehensive view of your internal and external attack surface and offers an asset risk scoring system to prioritize, reduce, and manage risk. With Sn1per Professional, you can discover the attack surface and continuously monitor it for changes. It integrates with the leading open source and commercial security testing tools for a unified view of your data. -
2
Kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is... -
3
VulnX
Intelligent Bot, Shell can achieve automatic injection
vulnx, an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities in CMS systems. It can perform a quick CMS security detection, information collection (including sub-domain name, IP address, country information, organizational information and time zone, etc.), and vulnerability scanning. Vulnx is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms, fast cms detection, information gathering, and... -
4
Sagacity
Security Assessment Data Management and Analysis Tool
We have migrated development of Sagacity to GitHub at https://github.com/cyberperspectives/sagacity Sagacity is a vulnerability assessment and STIG compliance data management tool designed to make security testing more efficient, effective and complete. Security assessments, especially those done for DoD and Federal organizations, produce tremendous amounts of scan and compliance data that security engineers must sort through and deconflict, identify untested requirements, and somehow analyze to communicate risk to their employers. ... -
Stop vibe-debugging.AppSignal's MCP server hands Claude, Cursor, or Zed your real errors, traces, and the deploy that shipped them. AI writes the fix; you review the diff.
-
5
AlienVault OSSIM
Open Source SIEM
OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich... -
6
Lynis
System/security auditing tool for hardening and securing Linux/Unix
...Beside security related information it will also scan for general system information, installed packages and possible configuration errors. This software aims in assisting automated auditing, hardening, software patch management, vulnerability and malware scanning of Unix/Linux based systems. It can be run without prior installation, so inclusion on read only storage is possible (USB stick, cd/dvd). Lynis assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOx (Sarbanes-Oxley) compliance audits, by automation of control testing. Extended support for companies is available -
7
SIGVI is a vulnerability manager for enterprise environments. Uses vulnerability sources like NVD, auto-updates its repository and looks for vulnerable products installed on your servers, creating alerts and notifying their administrators.
-
8
bWAPP
an extremely buggy web app !
bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific... -
9
ESSPEE - Penetration Testing & Forensics
(Android Forensics & Malware Analysis Included)
ESSPEE - Extreme Security Scanning Penetration testing & Exploitation Environment Ubuntu 12.04 LTS (Precise Pangolin) is purposefully selected as the base Operating System to obtain supports from Ubuntu for a long duration (till Apr 2017). It is packed with featured security tools with very less resource consumption and higher degree of stability. Thanks to Back Track, Blackbuntu, CAINE and DEFT and many others for inspiration. Being a sole developer to this distro, I wish it... -
Compliant and Reliable File Transfers Backed by Top Security CertificationsStop relying on non-certified, legacy file transfer tools that creak under the weight of modern security demands. Get full audit trails, advanced access controls and more supported by an award-winning team of experts. Start your free 25-day trial today.
-
10
Security Management System
A management system for sensitive system and security information
A management system for sensitive system and security information. This system is designed to aid IT/Security professionals in maintaining a repository of sensitive information for their systems, to include: sensitive system information (architecture, assets and inventory, vulnerability data, remediation strategies, assessments) and so on. -
11
Vsam (Vulnerabillity, Scanning, Analysis and Management) is a project dedicated to the release of a virtual appliance for the management and analysis of vulnerability scan data. The main goals are ease of use and stability of the application.
-
12
The Epic Web Honeypot Project aims to lure attackers using various types of web vulnerability scanners by tricking them into believing that they have found a vulnerability on a host.
-
13
Nessconnect is a GUI, CLI and API client for Nessus and Nessus compatible servers. With an improved user interface, it provides local session management, scan templates, report generation through XSLT, charts and graphs, and vulnerability trending.
-
14
An OVAL vulnerability assessment and compliance management tool, written in Python. Depends on paramiko and elementtree.
-
15
Software repository of the hack://src project. Includes security related software for crypto, vulnerability/patch notification & management, and ultra low level system access for stealth forensics & intrusion detection or malware removal.
-
16
QuIDScor is a daemon software integrating Intrusion Detection Systems (IDS) and vulnerability assesment and management platforms. Today QuIDScor correlates and verifies Snort alerts against QualysGuard vulnerability assessment data.
-
17
grIDS is a management system for Security Engineers. grIDS integrates snort as the IDS, nessus as the vulnerability scanner, a port reference, a host information database, and canned reports into a web-based management system.
-
18
-
19
Cyver Core - Pentest Reporting Resources
Cyver Core - Pentest Management Platform
From pentest management to scheduling, pentest-as-a-service delivery, and tools to automate manual work for pentest report generation and vulnerability finding data, Cyver Core streamlines pentest operations to save time and add value. -
20
-
21
CMS identifier (cmsident) attempts to identify the content management system used to generate a given web site (and its version). Future versions will automatically look up found versions in vulnerability databases to alert if updates are necessary.
- Previous
- You're on page 1
- Next
