Open Source Vulnerability Scanners - Page 2

The Nessus vulnerability scanner does a great job finding vulnerabilities but not such a great job reporting. This project loads the scan results in a database in order to facilitate the reporting.

An open source vulnerability scanning engine complete with gpl signatures

PAVS scans the PHP based web application source code and identifies the potential security problems in that application. PAVS also identifies the loop holes in PHP configuration file settings. Attacks addressed by PAVS are Cross-site Scripting SQL Injection File Manipulation File Inclusion Command Execution Code Evaluation

github: https://github.com/samedog/phpmvs

RABBIT is a black-box vulnerability scanner framework. Designed to make it easy to program your own plugins in order to satisfy your scanning needs.

Scavenger: A Real-Time Vulnerability Scanner and Management Application

SecuBat is a generic and modular web vulnerability scanner that, similar to a port scanner, automatically analyzes web sites with the aim of finding exploitable SQL injection and XSS vulnerabilities.

Integrated vulnerability scanner and penetration testing software Windows written in C# SQL Server 2000/2005 Binary search blind and time-based extraction Request headers Post parameters URL parameters fgdump advanced pivot technology.

The Simple Ubuntu Vulnerability Scanner lets you check an Ubuntu system for vulnerabilities.

O Uniscan é um scanner de vulnerabilidade para aplicações Web, escrito em Perl para o ambiente Linux. Ele foi desenvolvido como trabalho de conclusão do curso de ciência da computação da Universidade Federal do Pampa e está licenciado sob a GNU General Public License 3.0 (GPL 3) .

An open-source Windows vulnerability scanner, comparable to nessus or SAINT on *nix environments

This program converts reports from the OpenVAS vulnerability scanner in the Asset Reporting Format (ARF) and generates a .vna file containing assets and risks generated from the ARF report. This file can be imported into the Verinice risk assessment system.

garak checks if an LLM can be made to fail in a way we don't want. garak probes for hallucination, data leakage, prompt injection, misinformation, toxicity generation, jailbreaks, and many other weaknesses. garak's a free tool, we love developing it and are always interested in adding functionality to support applications. garak is a command-line tool, it's developed in Linux and OSX. Just grab it from PyPI and you should be good to go. The standard pip version of garak is updated periodically. garak has its own dependencies, you can to install garak in its own Conda environment. garak needs to know what model to scan, and by default, it'll try all the probes it knows on that model, using the vulnerability detectors recommended by each probe. For each probe loaded, garak will print a progress bar as it generates. Once the generation is complete, a row evaluating the probe's results on each detector is given.

grIDS is a management system for Security Engineers. grIDS integrates snort as the IDS, nessus as the vulnerability scanner, a port reference, a host information database, and canned reports into a web-based management system.

complete set of tools for windows security analysis and protection

nessquik is a fast web frontend for the Nessus Vulnerability Scanner. It uses modern javascript technologies to deliver a responsive, easy to use interface that lets people quickly schedule scans using Nessus.

Safe3WVS is one of the most powerful web vulnerability scanner with AI on-the-fly web spider crawling technology,especially web portals ,it is the most fast tool to dig such as sql injection, upload vulnerability, and more.http://www.safe3.com.cn/en