Shellshock-Vulnerability-Scan

Android app to scan for bash Vulnerability - CVE-2014-6271 also known as Shellsh

Java11gpl-2.0

2 years ago

RVD

RVD

Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.

Python145gpl-3.0

4 months ago

bountybugcybersecurity

AndroBugs_Framework

AndroBugs_Framework

AndroBugs Framework is an efficient Android vulnerability scanner that helps dev

Python1060gpl-3.0

4 years ago

ciscoasa_honeypot

A low interaction honeypot for the Cisco ASA component capable of detecting CVE-

JavaScript49mit

5 years ago

ciscocisco-asaexecution-vulnerability

gql_intruder

A plugin based GraphQL vulnerability assessment tool.

Python11mit

3 years ago

graphqlgraphql-securitypentest-tool

data7

data7

A vulnerability patch gathering tool

Java37apache-2.0

5 years ago

Raccoon

Raccoon

A high performance offensive security tool for reconnaissance and vulnerability

Python2881mit

12 months ago

enumerationfuzzinghacking

a2sv

a2sv

Auto Scanning to SSL Vulnerability

Python598mit

3 years ago

hackingscannersecurity

scanner-cli

scanner-cli

A project security/vulnerability/risk scanning tool

JavaScript356other

2 years ago

cidockernodejs

amthoneypot

Honeypot for Intel's AMT Firmware Vulnerability CVE-2017-5689

Go16

4 years ago

mana-security-app

macOS vulnerability management for individuals

JavaScript16mit

9 months ago

cybersecurityelectronmacos

brakeman

brakeman

A static analysis security vulnerability scanner for Ruby on Rails applications

Ruby6747other

7 days ago

brakemanrailsruby

Log4Pot

A honeypot for the Log4Shell vulnerability (CVE-2021-44228).

Python89gpl-3.0

last year

amthoneypot

Honeypot for Intel's AMT Firmware Vulnerability CVE-2017-5689

Go15

4 years ago

micros_honeypot

MICROS Honeypot is a low interaction honeypot to detect CVE-2018-2636 in the Ora

ASP13mit

5 years ago

deceptionhoneypotmicros

weblogic_honeypot

WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the

Python31mit

3 years ago

deceptionexecution-vulnerabilityhoneypot

nuclei

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

Go14726mit

5 days ago

attack-surfacecve-scannerhacktoberfest

clair

clair

Vulnerability Static Analysis for Containers

Go9721apache-2.0

yesterday

claircontainersdocker

vulscan

vulscan

Advanced vulnerability scanning with Nmap NSE

Lua3064other

2 months ago

exploitlualua-script

inql

inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing,

Python1326apache-2.0

3 days ago

api-documentation-toolbugbountybugbounty-tool

xss-payload-list

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

4860mit

8 months ago

bugbountycross-site-scriptingdom-based

phonito-scanner-action

Free Docker Vulnerability Scanning for CI/CD integration

JavaScript32

last year

security-code-scan

security-code-scan

Vulnerability Patterns Detector for C# and VB.NET

C#872lgpl-3.0

3 months ago

analysisanalyzercode

w3af

w3af

w3af: web application attack and audit framework, the open source web vulnerabil

Python4321

7 months ago

appseccross-site-scriptingscanner

roca

ROCA: Infineon RSA key vulnerability

Python476mit

11 months ago

detectordiscrete-logarithmfingerprinting

is-website-vulnerable

is-website-vulnerable

finds publicly known security vulnerabilities in a website's frontend JavaScript

JavaScript1866apache-2.0

last month

hacktoberfestlighthousenodejs

nmap-vulners

nmap-vulners

NSE script based on Vulners.com API

Lua2996gpl-3.0

9 months ago

android-vts

android-vts

Android Vulnerability Test Suite - In the spirit of open data collection, and wi

Java1010other

4 years ago

anchore

This project is deprecated. Work is now done on https://github.com/anchore/syft

Python361apache-2.0

3 years ago

containersdockerpython

Firmware_Slap

Firmware_Slap

Discovering vulnerabilities in firmware through concolic analysis and function c

Python461gpl-3.0

3 years ago

angrexploitfirmware

cicd-goat

cicd-goat

A deliberately vulnerable CI/CD environment. Learn CI/CD security through multip

Python1629apache-2.0

2 months ago

appseccicdctf

flawfinder

a static analysis tool for finding vulnerabilities in C/C++ source code

Python389gpl-2.0

2 months ago

ListenSSH

Easily report all connections attempts on common vulnerable ports to AbuseIPDB

Python12gpl-3.0

last year

abuseipdbabuseipdb-apihoneypot

insider

insider

Static Application Security Testing (SAST) engine focused on covering the OWASP

Go447mit

last year

androidandroid-securitycli

DependencyCheck

OWASP dependency-check is a software composition analysis utility that detects p

Java5354apache-2.0

8 days ago

ant-taskbuild-toolgradle-plugin

qark

Tool to look for several security related Android application vulnerabilities

Python3048other

2 months ago

infersharp

Infer# is an interprocedural and scalable static code analyzer for C#. Via the c

C#704mit

last month

InsecureShop

An Intentionally designed Vulnerable Android Application built in Kotlin.

Kotlin220mit

2 years ago

ovaa

Oversecured Vulnerable Android App

Java518bsd-2-clause

2 months ago

android-securityappsecmobile-security

dvwassl

SSL-enabled Damn Vulnerable Web App (DVWA)

Dockerfile1mit

5 months ago

dockerdvwaethical-hacking

pyt

pyt

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Appl

Python2139gpl-2.0

3 years ago

abstract-syntaxabstract-syntax-treecontrol-flow-graph

VWGen

VWGen

Vulnerable Web applications Generator

Python81other

6 years ago

addondockergenerator

BadLibrary

vulnerable web application for training

JavaScript56mit

10 days ago

trivy

trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes

Go17797apache-2.0

3 months ago

containersdevsecopsdocker

uxss-db

πŸ”ͺBrowser logic vulnerabilities :skull_and_crossbones:

HTML657mit

3 years ago

browsercvejavascript

retire.js

scanner detecting the use of JavaScript libraries with known vulnerabilities. Ca

JavaScript3382other

10 days ago

build-toolchrome-extensionfirefox-extension

sbt-dependency-check

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if th

Scala256apache-2.0

21 days ago

appseccvedevops

trommel

TROMMEL: Sift Through Embedded Device Files to Identify Potential Vulnerable Ind

Python197other

3 years ago

dagda

dagda

a tool to perform static analysis of known vulnerabilities, trojans, viruses, ma

Python1069apache-2.0

4 months ago

detecting-anomalous-activitiesdockermalware-detection

cwe_checker

cwe_checker

cwe_checker finds vulnerable patterns in binary executables

Rust945lgpl-3.0

10 days ago

binary-analysiscwecwe-checker

tsunami-security-scanner

Tsunami is a general purpose network security scanner with an extensible plugin

Java7931apache-2.0

15 days ago

Vuldroid

Vuldroid

Vuldroid is a Vulnerable Android Application made with security issues in order

Java49mit

2 years ago

android-applicationandroid-securityapplication-security

puma-scan

puma-scan

Puma Scan is a software security Visual Studio extension that provides real time

C#428mpl-2.0

11 months ago

quark-engine

quark-engine

Dig Vulnerabilities in the BlackBox

Python1119gpl-3.0

3 days ago

androidblackboxblackbox-testing

cloudgoat

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Python2185bsd-3-clause

7 days ago

ruby-advisory-db

A database of vulnerable Ruby Gems

Ruby955other

28 days ago

advisory-fileshacktoberfestmetadata

awesome-buggy-erc20-tokens

awesome-buggy-erc20-tokens

A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected

Python562cc0-1.0

2 years ago

awesomeawesome-listdapp

actions

actions

A set of GitHub actions for checking your projects for vulnerabilities

HTML427other

3 days ago

actionssnyk

CodeAlchemist

CodeAlchemist

CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaSc

F#230mit

4 years ago

code-generationfsharpfuzzer

awesome-security-newsletters

Periodic cyber security newsletters that capture the latest news, summaries of c

720gpl-2.0

2 months ago

cybersecuritynewsletter

rugby-board-node

Deprecate due to vulnerabilities in dependencies. Rugby News Board built with No

JavaScript7mit

4 years ago

herokunodejspreact

checkov

checkov

Prevent cloud misconfigurations and find vulnerabilities during build-time in in

Python5875apache-2.0

20 days ago

awsaws-securityazure

kics

kics

Find security vulnerabilities, compliance issues, and infrastructure misconfigur

Open Policy Agent1616apache-2.0

3 months ago

appseccloudnativedevsecops

cfngoat

cfngoat

Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoa

85

last month

aws-securitycloudformationcloudsecurity

terragoat

terragoat

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat

HCL1035apache-2.0

12 hours ago

aws-securityazure-securitycloud-security

Android-InsecureBankv2

Vulnerable Android application for developers and security enthusiasts to learn

Java1119mit

5 months ago

phpcs-security-audit

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilitie

PHP681gpl-3.0

9 months ago

phpphp-codesnifferphpcs

diva-android

DIVA Android - Damn Insecure and vulnerable App for Android

Java849gpl-3.0

4 months ago

Awesome-Fuzzing

A curated list of fuzzing resources ( Books, courses - free and paid, videos, to

4763cc0-1.0

2 months ago

awesomeawesome-listfuzzing

lunasec

lunasec

LunaSec - Dependency Security Scanner that automatically notifies you about vuln

TypeScript1351other

3 months ago

compliancecontinuous-deliverycve-scanning

yubioath-android

Yubico Authenticator

Store your unique credential on a hardware-backed security key and take it where

Kotlin236bsd-2-clause

10 months ago

nfcoathtotp

Shellshock-Vulnerability-Scan

Android app to scan for bash Vulnerability - CVE-2014-6271 also known as Shellsh

Java11gpl-2.0

2 years ago

RVD

RVD

Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.

Python145gpl-3.0

4 months ago

bountybugcybersecurity

AndroBugs_Framework

AndroBugs_Framework

AndroBugs Framework is an efficient Android vulnerability scanner that helps dev

Python1060gpl-3.0

4 years ago

ciscoasa_honeypot

A low interaction honeypot for the Cisco ASA component capable of detecting CVE-

JavaScript49mit

5 years ago

ciscocisco-asaexecution-vulnerability

gql_intruder

A plugin based GraphQL vulnerability assessment tool.

Python11mit

3 years ago

graphqlgraphql-securitypentest-tool

data7

data7

A vulnerability patch gathering tool

Java37apache-2.0

5 years ago

Raccoon

Raccoon

A high performance offensive security tool for reconnaissance and vulnerability

Python2881mit

12 months ago

enumerationfuzzinghacking

a2sv

a2sv

Auto Scanning to SSL Vulnerability

Python598mit

3 years ago

hackingscannersecurity

scanner-cli

scanner-cli

A project security/vulnerability/risk scanning tool

JavaScript356other

2 years ago

cidockernodejs

amthoneypot

Honeypot for Intel's AMT Firmware Vulnerability CVE-2017-5689

Go16

4 years ago

mana-security-app

macOS vulnerability management for individuals

JavaScript16mit

9 months ago

cybersecurityelectronmacos

brakeman

brakeman

A static analysis security vulnerability scanner for Ruby on Rails applications

Ruby6747other

7 days ago

brakemanrailsruby

Log4Pot

A honeypot for the Log4Shell vulnerability (CVE-2021-44228).

Python89gpl-3.0

last year

amthoneypot

Honeypot for Intel's AMT Firmware Vulnerability CVE-2017-5689

Go15

4 years ago

micros_honeypot

MICROS Honeypot is a low interaction honeypot to detect CVE-2018-2636 in the Ora

ASP13mit

5 years ago

deceptionhoneypotmicros

weblogic_honeypot

WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the

Python31mit

3 years ago

deceptionexecution-vulnerabilityhoneypot

nuclei

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

Go14726mit

5 days ago

attack-surfacecve-scannerhacktoberfest

clair

clair

Vulnerability Static Analysis for Containers

Go9721apache-2.0

yesterday

claircontainersdocker

vulscan

vulscan

Advanced vulnerability scanning with Nmap NSE

Lua3064other

2 months ago

exploitlualua-script

inql

inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing,

Python1326apache-2.0

3 days ago

api-documentation-toolbugbountybugbounty-tool

xss-payload-list

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

4860mit

8 months ago

bugbountycross-site-scriptingdom-based

phonito-scanner-action

Free Docker Vulnerability Scanning for CI/CD integration

JavaScript32

last year

security-code-scan

security-code-scan

Vulnerability Patterns Detector for C# and VB.NET

C#872lgpl-3.0

3 months ago

analysisanalyzercode

w3af

w3af

w3af: web application attack and audit framework, the open source web vulnerabil

Python4321

7 months ago

appseccross-site-scriptingscanner

roca

ROCA: Infineon RSA key vulnerability

Python476mit

11 months ago

detectordiscrete-logarithmfingerprinting

is-website-vulnerable

is-website-vulnerable

finds publicly known security vulnerabilities in a website's frontend JavaScript

JavaScript1866apache-2.0

last month

hacktoberfestlighthousenodejs

nmap-vulners

nmap-vulners

NSE script based on Vulners.com API

Lua2996gpl-3.0

9 months ago

android-vts

android-vts

Android Vulnerability Test Suite - In the spirit of open data collection, and wi

Java1010other

4 years ago

anchore

This project is deprecated. Work is now done on https://github.com/anchore/syft

Python361apache-2.0

3 years ago

containersdockerpython

Firmware_Slap

Firmware_Slap

Discovering vulnerabilities in firmware through concolic analysis and function c

Python461gpl-3.0

3 years ago

angrexploitfirmware

cicd-goat

cicd-goat

A deliberately vulnerable CI/CD environment. Learn CI/CD security through multip

Python1629apache-2.0

2 months ago

appseccicdctf

flawfinder

a static analysis tool for finding vulnerabilities in C/C++ source code

Python389gpl-2.0

2 months ago

ListenSSH

Easily report all connections attempts on common vulnerable ports to AbuseIPDB

Python12gpl-3.0

last year

abuseipdbabuseipdb-apihoneypot

insider

insider

Static Application Security Testing (SAST) engine focused on covering the OWASP

Go447mit

last year

androidandroid-securitycli

DependencyCheck

OWASP dependency-check is a software composition analysis utility that detects p

Java5354apache-2.0

8 days ago

ant-taskbuild-toolgradle-plugin

qark

Tool to look for several security related Android application vulnerabilities

Python3048other

2 months ago

infersharp

Infer# is an interprocedural and scalable static code analyzer for C#. Via the c

C#704mit

last month

InsecureShop

An Intentionally designed Vulnerable Android Application built in Kotlin.

Kotlin220mit

2 years ago

ovaa

Oversecured Vulnerable Android App

Java518bsd-2-clause

2 months ago

android-securityappsecmobile-security

dvwassl

SSL-enabled Damn Vulnerable Web App (DVWA)

Dockerfile1mit

5 months ago

dockerdvwaethical-hacking

pyt

pyt

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Appl

Python2139gpl-2.0

3 years ago

abstract-syntaxabstract-syntax-treecontrol-flow-graph

VWGen

VWGen

Vulnerable Web applications Generator

Python81other

6 years ago

addondockergenerator

BadLibrary

vulnerable web application for training

JavaScript56mit

10 days ago

trivy

trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes

Go17797apache-2.0

3 months ago

containersdevsecopsdocker

uxss-db

πŸ”ͺBrowser logic vulnerabilities :skull_and_crossbones:

HTML657mit

3 years ago

browsercvejavascript

retire.js

scanner detecting the use of JavaScript libraries with known vulnerabilities. Ca

JavaScript3382other

10 days ago

build-toolchrome-extensionfirefox-extension

sbt-dependency-check

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if th

Scala256apache-2.0

21 days ago

appseccvedevops

trommel

TROMMEL: Sift Through Embedded Device Files to Identify Potential Vulnerable Ind

Python197other

3 years ago

dagda

dagda

a tool to perform static analysis of known vulnerabilities, trojans, viruses, ma

Python1069apache-2.0

4 months ago

detecting-anomalous-activitiesdockermalware-detection

cwe_checker

cwe_checker

cwe_checker finds vulnerable patterns in binary executables

Rust945lgpl-3.0

10 days ago

binary-analysiscwecwe-checker

tsunami-security-scanner

Tsunami is a general purpose network security scanner with an extensible plugin

Java7931apache-2.0

15 days ago

Vuldroid

Vuldroid

Vuldroid is a Vulnerable Android Application made with security issues in order

Java49mit

2 years ago

android-applicationandroid-securityapplication-security

puma-scan

puma-scan

Puma Scan is a software security Visual Studio extension that provides real time

C#428mpl-2.0

11 months ago

quark-engine

quark-engine

Dig Vulnerabilities in the BlackBox

Python1119gpl-3.0

3 days ago

androidblackboxblackbox-testing

cloudgoat

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Python2185bsd-3-clause

7 days ago

ruby-advisory-db

A database of vulnerable Ruby Gems

Ruby955other

28 days ago

advisory-fileshacktoberfestmetadata

awesome-buggy-erc20-tokens

awesome-buggy-erc20-tokens

A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected

Python562cc0-1.0

2 years ago

awesomeawesome-listdapp

actions

actions

A set of GitHub actions for checking your projects for vulnerabilities

HTML427other

3 days ago

actionssnyk

CodeAlchemist

CodeAlchemist

CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaSc

F#230mit

4 years ago

code-generationfsharpfuzzer

awesome-security-newsletters

Periodic cyber security newsletters that capture the latest news, summaries of c

720gpl-2.0

2 months ago

cybersecuritynewsletter

rugby-board-node

Deprecate due to vulnerabilities in dependencies. Rugby News Board built with No

JavaScript7mit

4 years ago

herokunodejspreact

checkov

checkov

Prevent cloud misconfigurations and find vulnerabilities during build-time in in

Python5875apache-2.0

20 days ago

awsaws-securityazure

kics

kics

Find security vulnerabilities, compliance issues, and infrastructure misconfigur

Open Policy Agent1616apache-2.0

3 months ago

appseccloudnativedevsecops

cfngoat

cfngoat

Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoa

85

last month

aws-securitycloudformationcloudsecurity

terragoat

terragoat

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat

HCL1035apache-2.0

12 hours ago

aws-securityazure-securitycloud-security

Android-InsecureBankv2

Vulnerable Android application for developers and security enthusiasts to learn

Java1119mit

5 months ago

phpcs-security-audit

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilitie

PHP681gpl-3.0

9 months ago

phpphp-codesnifferphpcs

diva-android

DIVA Android - Damn Insecure and vulnerable App for Android

Java849gpl-3.0

4 months ago

Awesome-Fuzzing

A curated list of fuzzing resources ( Books, courses - free and paid, videos, to

4763cc0-1.0

2 months ago

awesomeawesome-listfuzzing

lunasec

lunasec

LunaSec - Dependency Security Scanner that automatically notifies you about vuln

TypeScript1351other

3 months ago

compliancecontinuous-deliverycve-scanning

yubioath-android

Yubico Authenticator

Store your unique credential on a hardware-backed security key and take it where

Kotlin236bsd-2-clause

10 months ago

nfcoathtotp