RVD
Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.
Python158gpl-3.0
11 months ago
bountybugcybersecurity
flawfinder
a static analysis tool for finding vulnerabilities in C/C++ source code
Python448gpl-2.0
5 months ago
DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects p
Java5494apache-2.0
5 months ago
ant-taskbuild-toolgradle-plugin
qark
Tool to look for several security related Android application vulnerabilities
Python3136other
4 months ago
infersharp
Infer# is an interprocedural and scalable static code analyzer for C#. Via the c
C#717mit
4 months ago
CakeFuzzer
Cake Fuzzer is a project that is meant to help automatically and continuously di
Python87gpl-3.0
5 months ago
cybersecuritydasthacking
sbt-dependency-check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if th
Scala258apache-2.0
6 months ago
appseccvedevops
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes
Go19887apache-2.0
4 months ago
containersdevsecopsdocker
retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities. Ca
JavaScript3521other
10 days ago
build-toolchrome-extensionfirefox-extension
checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in in
Python6236apache-2.0
4 months ago
awsaws-securityazure
dagda
a tool to perform static analysis of known vulnerabilities, trojans, viruses, ma
Python1112apache-2.0
11 months ago
detecting-anomalous-activitiesdockermalware-detection
tsunami-security-scanner
Tsunami is a general purpose network security scanner with an extensible plugin
Java8055apache-2.0
2 months ago
is-website-vulnerable
finds publicly known security vulnerabilities in a website's frontend JavaScript
JavaScript1905apache-2.0
9 months ago
hacktoberfestlighthousenodejs
quark-engine
Dig Vulnerabilities in the BlackBox
Python1230gpl-3.0
16 hours ago
androidblackboxblackbox-testing
awesome-buggy-erc20-tokens
A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected
Python584cc0-1.0
3 months ago
awesomeawesome-listdapp
actions
A set of GitHub actions for checking your projects for vulnerabilities
HTML478other
2 months ago
actionssnyk
awesome-security-newsletters
Periodic cyber security newsletters that capture the latest news, summaries of c
786gpl-2.0
2 months ago
cybersecuritynewsletter
kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigur
Open Policy Agent1791apache-2.0
4 months ago
appseccloudnativedevsecops
lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vuln
TypeScript1408other
21 hours ago
compliancecontinuous-deliverycve-scanning
cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multip
Python1808apache-2.0
yesterday
appseccicdctf
Raccoon
A high performance offensive security tool for reconnaissance and vulnerability
Python3005mit
20 days ago
enumerationfuzzinghacking
ovaa
Oversecured Vulnerable Android App
Java602bsd-2-clause
5 months ago
android-securityappsecmobile-security
brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
Ruby6747other
7 months ago
brakemanrailsruby
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Go17287mit
12 hours ago
attack-surfacecve-scannerhacktoberfest
inql
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing,
Python1462apache-2.0
21 days ago
api-documentation-toolbugbountybugbounty-tool
cwe_checker
cwe_checker finds vulnerable patterns in binary executables
Rust1037lgpl-3.0
last month
binary-analysiscwecwe-checker
xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
5647mit
5 months ago
bugbountycross-site-scriptingdom-based
phonito-scanner-action
Free Docker Vulnerability Scanning for CI/CD integration
JavaScript33
6 months ago
cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
Python2740bsd-3-clause
yesterday
ruby-advisory-db
A database of vulnerable Ruby Gems
Ruby973other
3 months ago
advisory-fileshacktoberfestmetadata
security-code-scan
Vulnerability Patterns Detector for C# and VB.NET
C#917lgpl-3.0
5 months ago
analysisanalyzercode
roca
ROCA: Infineon RSA key vulnerability
Python477mit
6 months ago
detectordiscrete-logarithmfingerprinting
cfngoat
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoa
90
6 months ago
aws-securitycloudformationcloudsecurity
terragoat
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat
HCL1101apache-2.0
2 days ago
aws-securityazure-securitycloud-security
Android-InsecureBankv2
Vulnerable Android application for developers and security enthusiasts to learn
Java1191mit
16 days ago
Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, to
5082cc0-1.0
30 days ago
awesomeawesome-listfuzzing
AndroBugs_Framework
AndroBugs Framework is an efficient Android vulnerability scanner that helps dev
Python1096gpl-3.0
5 years ago
Firmware_Slap
Discovering vulnerabilities in firmware through concolic analysis and function c
Python463gpl-3.0
4 years ago
angrexploitfirmware
insider
Static Application Security Testing (SAST) engine focused on covering the OWASP
Go486mit
2 years ago
androidandroid-securitycli
pyt
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Appl
Python2161gpl-2.0
3 years ago
abstract-syntaxabstract-syntax-treecontrol-flow-graph
uxss-db
🔪Browser logic vulnerabilities :skull_and_crossbones:
HTML675mit
3 years ago
browsercvejavascript
puma-scan
Puma Scan is a software security Visual Studio extension that provides real time
C#436mpl-2.0
2 years ago
CodeAlchemist
CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaSc
F#229mit
4 years ago
code-generationfsharpfuzzer
Shellshock-Vulnerability-Scan
Android app to scan for bash Vulnerability - CVE-2014-6271 also known as Shellsh
Java11gpl-2.0
3 years ago
rugby-board-node
Deprecate due to vulnerabilities in dependencies. Rugby News Board built with No
JavaScript7mit
5 years ago
herokunodejspreact
micros_honeypot
MICROS Honeypot is a low interaction honeypot to detect CVE-2018-2636 in the Ora
ASP14mit
6 years ago
deceptionhoneypotmicros
weblogic_honeypot
WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the
Python31mit
4 years ago
deceptionexecution-vulnerabilityhoneypot
android-vts
Android Vulnerability Test Suite - In the spirit of open data collection, and wi
Java1013other
5 years ago
phpcs-security-audit
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilitie
PHP701gpl-3.0
last year
phpphp-codesnifferphpcs
ciscoasa_honeypot
A low interaction honeypot for the Cisco ASA component capable of detecting CVE-
JavaScript50mit
5 years ago
ciscocisco-asaexecution-vulnerability
gql_intruder
A plugin based GraphQL vulnerability assessment tool.
Python12mit
3 years ago
graphqlgraphql-securitypentest-tool
ListenSSH
Easily report all connections attempts on common vulnerable ports to AbuseIPDB
Python12gpl-3.0
2 years ago
abuseipdbabuseipdb-apihoneypot
scanner-cli
A project security/vulnerability/risk scanning tool
JavaScript359other
3 years ago
cidockernodejs
mana-security-app
macOS vulnerability management for individuals
JavaScript21mit
last year
cybersecurityelectronmacos
InsecureShop
An Intentionally designed Vulnerable Android Application built in Kotlin.
Kotlin224mit
2 years ago
trommel
TROMMEL: Sift Through Embedded Device Files to Identify Potential Vulnerable Ind
Python200other
4 years ago
Vuldroid
Vuldroid is a Vulnerable Android Application made with security issues in order
Java55mit
3 years ago
android-applicationandroid-securityapplication-security
w3af
w3af: web application attack and audit framework, the open source web vulnerabil
Python4449
last year
appseccross-site-scriptingscanner
anchore
This project is deprecated. Work is now done on https://github.com/anchore/syft
Python360apache-2.0
4 years ago
containersdockerpython
Yubico Authenticator
Store your unique credential on a hardware-backed security key and take it where
Kotlin236bsd-2-clause
last year
nfcoathtotp