A deliberately vulnerable CI/CD environment. Learn CI/CD security through multip

Python1926apache-2.0

4 months ago

appseccicdctf

Oversecured Vulnerable Android App

Java615bsd-2-clause

4 months ago

android-securityappsecmobile-security

vulnerable web application for training

JavaScript57mit

10 months ago

Vulnerable app with examples showing how to not use secrets

Java1188agpl-3.0

4 months ago

awsazurectf

cwe_checker finds vulnerable patterns in binary executables

Rust1117lgpl-3.0

3 months ago

binary-analysiscwecwe-checker

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Python2832bsd-3-clause

5 months ago

A database of vulnerable Ruby Gems

Ruby1021other

2 days ago

advisory-fileshacktoberfestmetadata

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat

HCL1126apache-2.0

4 months ago

aws-securityazure-securitycloud-security

Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.

Python168gpl-3.0

5 months ago

bountybugcybersecurity

NSE script based on Vulners.com API

Lua3229gpl-3.0

8 months ago

Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoa

92

4 months ago

aws-securitycloudformationcloudsecurity

Vulnerable Android application for developers and security enthusiasts to learn

Java1218mit

7 months ago

A curated list of fuzzing resources ( Books, courses - free and paid, videos, to

5215cc0-1.0

8 months ago

awesomeawesome-listfuzzing

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and pra

HTML4189mit

4 months ago

blueteamcloud-nativecloud-security

A vulnerability scanner for container images and filesystems

Go8302apache-2.0

4 months ago

container-imagecontainerscyclonedx

a static analysis tool for finding vulnerabilities in C/C++ source code

Python471gpl-2.0

4 months ago

A high performance offensive security tool for reconnaissance and vulnerability

Python3050mit

6 months ago

enumerationfuzzinghacking

Honeypot for Intel's AMT Firmware Vulnerability CVE-2017-5689

Go16

9 months ago

OWASP dependency-check is a software composition analysis utility that detects p

Java6399apache-2.0

26 days ago

ant-taskbuild-toolgradle-plugin

Tool to look for several security related Android application vulnerabilities

Python3202other

10 months ago

Infer# is an interprocedural and scalable static code analyzer for C#. Via the c

C#732mit

10 months ago

A static analysis security vulnerability scanner for Ruby on Rails applications

Ruby6944other

4 months ago

brakemanrailsruby

Spot vulnerabilities in postgres SQL scripts

Python71postgresql

9 days ago

Cake Fuzzer is a project that is meant to help automatically and continuously di

Python93gpl-3.0

11 months ago

cybersecuritydasthacking

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes

Go23776apache-2.0

3 days ago

containersdevsecopsdocker

A modular vulnerability scanner with automatic report generation capabilities.

Python493bsd-3-clause

3 months ago

artemispentestingsecurity

National Vulnerability Database (NVD) implemented by rust

Rust16gpl-3.0

21 days ago

actix-webcpecve

Fast and customizable vulnerability scanner based on simple YAML based DSL.

Go18930mit

4 months ago

attack-surfacecve-scannerhacktoberfest

Vulnerability Static Analysis for Containers

Go10370apache-2.0

5 days ago

claircontainersdocker

scanner detecting the use of JavaScript libraries with known vulnerabilities. Ca

JavaScript3604other

4 months ago

build-toolchrome-extensionfirefox-extension

Advanced vulnerability scanning with Nmap NSE

Lua3482other

2 months ago

exploitlualua-script

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if th

Scala263apache-2.0

5 months ago

appseccvedevops

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing,

Python1540apache-2.0

5 months ago

api-documentation-toolbugbountybugbounty-tool

Tsunami is a general purpose network security scanner with an extensible plugin

Java8279apache-2.0

2 days ago

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

5992mit

4 months ago

bugbountycross-site-scriptingdom-based

Dig Vulnerabilities in the BlackBox

Python1263gpl-3.0

4 months ago

androidblackboxblackbox-testing

A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected

Python608cc0-1.0

9 months ago

awesomeawesome-listdapp

Vulnerability Patterns Detector for C# and VB.NET

C#944lgpl-3.0

5 months ago

analysisanalyzercode

A set of GitHub actions for checking your projects for vulnerabilities

HTML508other

3 months ago

actionssnyk

Periodic cyber security newsletters that capture the latest news, summaries of c

806gpl-2.0

9 months ago

cybersecuritynewsletter

Prevent cloud misconfigurations and find vulnerabilities during build-time in in

Python7150apache-2.0

yesterday

awsaws-securityazure

Find security vulnerabilities, compliance issues, and infrastructure misconfigur

Open Policy Agent2099apache-2.0

3 days ago

appseccloudnativedevsecops

teler-waf is a Go HTTP middleware that protects local web services from OWASP To

Go322apache-2.0

4 months ago

gogo-librarygo-package

LunaSec - Dependency Security Scanner that automatically notifies you about vuln

TypeScript1429other

7 months ago

compliancecontinuous-deliverycve-scanning

finds publicly known security vulnerabilities in a website's frontend JavaScript

JavaScript1927apache-2.0

last year

hacktoberfestlighthousenodejs

An Intentionally designed Vulnerable Android Application built in Kotlin.

Kotlin227mit

3 years ago

SSL-enabled Damn Vulnerable Web App (DVWA)

Dockerfile5mit

2 years ago

dockerdvwaethical-hacking

Vulnerable Web applications Generator

Python84other

7 years ago

addondockergenerator

TROMMEL: Sift Through Embedded Device Files to Identify Potential Vulnerable Ind

Python204other

4 years ago

Vuldroid is a Vulnerable Android Application made with security issues in order

Java59mit

3 years ago

android-applicationandroid-securityapplication-security

AndroBugs Framework is an efficient Android vulnerability scanner that helps dev

Python1118gpl-3.0

6 years ago

Android app to scan for bash Vulnerability - CVE-2014-6271 also known as Shellsh

Java11gpl-2.0

3 years ago

DIVA Android - Damn Insecure and vulnerable App for Android

Java937gpl-3.0

2 years ago

WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the

Python31mit

5 years ago

deceptionexecution-vulnerabilityhoneypot

Discovering vulnerabilities in firmware through concolic analysis and function c

Python468gpl-3.0

4 years ago

angrexploitfirmware

A low interaction honeypot for the Cisco ASA component capable of detecting CVE-

JavaScript51mit

6 years ago

ciscocisco-asaexecution-vulnerability

A plugin based GraphQL vulnerability assessment tool.

Python13mit

4 years ago

graphqlgraphql-securitypentest-tool

A vulnerability patch gathering tool

Java40apache-2.0

6 years ago

Auto Scanning to SSL Vulnerability

Python617mit

4 years ago

hackingscannersecurity

A project security/vulnerability/risk scanning tool

JavaScript358other

3 years ago

cidockernodejs

Static Application Security Testing (SAST) engine focused on covering the OWASP

Go511mit

3 years ago

androidandroid-securitycli

macOS vulnerability management for individuals

JavaScript22mit

2 years ago

cybersecurityelectronmacos

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Appl

Python2177gpl-2.0

4 years ago

abstract-syntaxabstract-syntax-treecontrol-flow-graph

A honeypot for the Log4Shell vulnerability (CVE-2021-44228).

Python89gpl-3.0

3 years ago

A tool to enable fuzzing for Spectre vulnerabilities

C++30other

5 years ago

Android Vulnerability Test Suite - In the spirit of open data collection, and wi

Java1015other

5 years ago

🔪Browser logic vulnerabilities :skull_and_crossbones:

HTML685mit

4 years ago

browsercvejavascript

a tool to perform static analysis of known vulnerabilities, trojans, viruses, ma

Python1159apache-2.0

2 years ago

detecting-anomalous-activitiesdockermalware-detection

Free Docker Vulnerability Scanning for CI/CD integration

JavaScript31

last year

Puma Scan is a software security Visual Studio extension that provides real time

C#443mpl-2.0

2 years ago

Deprecate due to vulnerabilities in dependencies. Rugby News Board built with No

JavaScript7mit

5 years ago

herokunodejspreact

w3af: web application attack and audit framework, the open source web vulnerabil

Python4512

2 years ago

appseccross-site-scriptingscanner

ROCA: Infineon RSA key vulnerability

Python482mit

last year

detectordiscrete-logarithmfingerprinting

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilitie

PHP706gpl-3.0

2 years ago

phpphp-codesnifferphpcs