vulnerability-detection

Star

Here are 665 public repositories matching this topic...

Language:All

Filter by language

All665 Python259 Shell44 Go42 JavaScript35 TypeScript24 C18 Java17 Jupyter Notebook16 Dockerfile11 HTML11

Sort:Most stars

Sort options

Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

aquasecurity /trivy

Star27.6k

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

go docker kubernetes golang security containers iac vulnerability infrastructure-as-code vulnerability-detection hacktoberfest vulnerability-scanners security-tools devsecops misconfiguration

UpdatedJul 18, 2025
Go

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

security vulnerability-detection hacktoberfest security-scanner vulnerability-assessment vulnerability-scanner dast attack-surface subdomain-takeover cve-scanner nuclei-engine

UpdatedJul 18, 2025
Go

CISOfy /lynis

Star14.4k

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

linux shell auditing devops unix security-audit pci-dss compliance hardening security-vulnerability security-hardening devops-tools hipaa vulnerability-detection vulnerability-scanners security-scanner vulnerability-assessment gdpr security-tools system-hardening

UpdatedJul 8, 2025
Shell

wazuh /wazuh

Star12.9k

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

security security-audit log-analysis incident-response cybersecurity pci-dss infosec compliance xdr siem security-hardening vulnerability-detection security-automation security-tools wazuh cloud-security malware-detection container-security file-integrity-monitoring configuration-assessement

UpdatedJul 18, 2025
C

future-architect /vuls

Star11.7k

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

go linux golang freebsd security security-audit administrator cybersecurity security-vulnerability vulnerabilities security-hardening vulnerability-detection vulnerability-management vulnerability-scanners security-scanner vulnerability-assessment vuls security-automation security-tools vulnerability-scanner

UpdatedJul 18, 2025
Go

kubescape /kubescape

Star10.9k

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

kubernetes security devops vulnerability-detection nsa best-practice mitre-attack

UpdatedJul 15, 2025
Go

projectdiscovery /nuclei-templates

Star10.5k

Community curated list of templates for the nuclei engine to find security vulnerabilities.

security fingerprint exploits nuclei bugbounty vulnerability-detection hacktoberfest exploit-development nuclei-templates nuclei-checks

UpdatedJul 18, 2025
JavaScript

dependency-check /DependencyCheck

Star7.1k

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

security security-audit maven-plugin jenkins-plugin gradle-plugin build-tool ant-task vulnerability-detection software-composition-analysis

UpdatedJul 17, 2025
Java

GhostTroops /scan4all

Star5.7k

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

ssh golang tools attack nmap brute-force recon nuclei auto bugbounty vulnerability-detection hacker vulnerability-scanners security-scanner 0day security-tools pentest-tool hacktools bugbounty-tools vulnerabilities-scan

UpdatedJul 12, 2024
Go

deepfence /ThreatMapper

Star5k

Open Source Cloud Native Application Protection Platform (CNAPP)

kubernetes devops containers secops cloud-native compliance vulnerability-detection vulnerability-management hacktoberfest observability vulnerability-scanners threat-analysis security-tools cloudsecurity devsecops scanning-tool registry-scanning cspm cwpp cnapp

UpdatedJun 9, 2025
TypeScript

greenbone /openvas-scanner

Star4k

This repository contains the scanner component for Greenbone Community Edition.

c scanner vulnerability openvas vulnerability-detection vulnerability-management techops vulnerability-scanners vulnerability-assessment gvm foo greenbone greenbone-vulnerability-management openvas-scanner greenbone-community-edition

UpdatedJul 18, 2025
Rust

Arachni /arachni

Star3.9k

Web Application Security Scanner Framework

javascript ruby crawler security-audit modular hack dom analysis scanner detection hacking xss audit web-application penetration-testing sql-injection vulnerability-detection arachni scanners

UpdatedMay 22, 2025
Ruby

scipag /vulscan

Star3.6k

Advanced vulnerability scanning with Nmap NSE

security security-audit lua exploit lua-script nmap penetration-testing vulnerability vulnerability-databases vulnerability-detection nse vulnerability-identification vulnerability-scanners security-scanner vulnerability-assessment nmap-scripts nsescript nmap-scan-script vulnerability-scanning vulnerability-database-entry

UpdatedSep 11, 2024
Lua

ysrc /xunfeng

Star3.6k

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

security security-audit scanner exploits infosec pentesting vulnerability-detection vulnerability-scanners vulnerability-assessment

UpdatedApr 16, 2024
Python

DependencyTrack /dependency-track

Star3.1k

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

security owasp bom vulnerabilities appsec component-analysis nvd vulnerability-detection hacktoberfest sca software-security security-automation devsecops software-composition-analysis bill-of-materials ossindex purl package-url sbom cyclonedx

UpdatedJul 16, 2025
Java

cve-search /cve-search

Star2.5k

cve-search - a tool to perform local searches for known vulnerabilities

vulnerabilities cve cpe vulnerability-detection cve-scanning vulnerability-assessment common-vulnerabilities cve-search cve-databases cve-entries

UpdatedJul 3, 2025
Python

Checkmarx /kics

Star2.4k

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

golang security iac infrastructure-as-code cloudnative appsec vulnerability-detection hacktoberfest vulnerability-scanners security-tools devsecops open-policy-agent

UpdatedJul 18, 2025
Open Policy Agent

anouarbensaad /vulnx

Star2k

vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.