is-website-vulnerable
finds publicly known security vulnerabilities in a website's frontend JavaScript
JavaScript1927apache-2.0
last year
hacktoberfestlighthousenodejs
cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multip
Python1926apache-2.0
4 months ago
appseccicdctf
wrongsecrets
Vulnerable app with examples showing how to not use secrets
Java1188agpl-3.0
3 months ago
awsazurectf
trommel
TROMMEL: Sift Through Embedded Device Files to Identify Potential Vulnerable Ind
Python204other
4 years ago
cwe_checker
cwe_checker finds vulnerable patterns in binary executables
Rust1117lgpl-3.0
3 months ago
binary-analysiscwecwe-checker
cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
Python2832bsd-3-clause
5 months ago
ruby-advisory-db
A database of vulnerable Ruby Gems
Ruby1020other
6 days ago
advisory-fileshacktoberfestmetadata
terragoat
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat
HCL1126apache-2.0
4 months ago
aws-securityazure-securitycloud-security
RVD
Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.
Python168gpl-3.0
5 months ago
bountybugcybersecurity
cfngoat
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoa
92
4 months ago
aws-securitycloudformationcloudsecurity
Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, to
5215cc0-1.0
8 months ago
awesomeawesome-listfuzzing
kubernetes-goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and pra
HTML4189mit
4 months ago
blueteamcloud-nativecloud-security
weblogic_honeypot
WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the
Python31mit
5 years ago
deceptionexecution-vulnerabilityhoneypot
grype
A vulnerability scanner for container images and filesystems
Go8302apache-2.0
3 months ago
container-imagecontainerscyclonedx
Firmware_Slap
Discovering vulnerabilities in firmware through concolic analysis and function c
Python468gpl-3.0
4 years ago
angrexploitfirmware
ciscoasa_honeypot
A low interaction honeypot for the Cisco ASA component capable of detecting CVE-
JavaScript51mit
6 years ago
ciscocisco-asaexecution-vulnerability
flawfinder
a static analysis tool for finding vulnerabilities in C/C++ source code
Python471gpl-2.0
4 months ago
gql_intruder
A plugin based GraphQL vulnerability assessment tool.
Python13mit
4 years ago
graphqlgraphql-securitypentest-tool
Raccoon
A high performance offensive security tool for reconnaissance and vulnerability
Python3050mit
6 months ago
enumerationfuzzinghacking
scanner-cli
A project security/vulnerability/risk scanning tool
JavaScript358other
3 years ago
cidockernodejs
DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects p
Java6399apache-2.0
24 days ago
ant-taskbuild-toolgradle-plugin
mana-security-app
macOS vulnerability management for individuals
JavaScript22mit
2 years ago
cybersecurityelectronmacos
infersharp
Infer# is an interprocedural and scalable static code analyzer for C#. Via the c
C#732mit
10 months ago
brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
Ruby6944other
4 months ago
brakemanrailsruby
pyt
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Appl
Python2176gpl-2.0
4 years ago
abstract-syntaxabstract-syntax-treecontrol-flow-graph
CakeFuzzer
Cake Fuzzer is a project that is meant to help automatically and continuously di
Python93gpl-3.0
11 months ago
cybersecuritydasthacking
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes
Go23744apache-2.0
yesterday
containersdevsecopsdocker
Artemis
A modular vulnerability scanner with automatic report generation capabilities.
Python493bsd-3-clause
3 months ago
artemispentestingsecurity
scap-rs
National Vulnerability Database (NVD) implemented by rust
Rust16gpl-3.0
18 days ago
actix-webcpecve
uxss-db
🔪Browser logic vulnerabilities :skull_and_crossbones:
HTML685mit
4 years ago
browsercvejavascript
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Go18930mit
3 months ago
attack-surfacecve-scannerhacktoberfest
retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities. Ca
JavaScript3604other
4 months ago
build-toolchrome-extensionfirefox-extension
sbt-dependency-check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if th
Scala263apache-2.0
5 months ago
appseccvedevops
inql
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing,
Python1540apache-2.0
5 months ago
api-documentation-toolbugbountybugbounty-tool
dagda
a tool to perform static analysis of known vulnerabilities, trojans, viruses, ma
Python1159apache-2.0
2 years ago
detecting-anomalous-activitiesdockermalware-detection
tsunami-security-scanner
Tsunami is a general purpose network security scanner with an extensible plugin
Java8278apache-2.0
2 months ago
xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
5992mit
4 months ago
bugbountycross-site-scriptingdom-based
puma-scan
Puma Scan is a software security Visual Studio extension that provides real time
C#443mpl-2.0
2 years ago
quark-engine
Dig Vulnerabilities in the BlackBox
Python1263gpl-3.0
3 months ago
androidblackboxblackbox-testing
awesome-buggy-erc20-tokens
A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected
Python608cc0-1.0
9 months ago
awesomeawesome-listdapp
security-code-scan
Vulnerability Patterns Detector for C# and VB.NET
C#944lgpl-3.0
4 months ago
analysisanalyzercode
actions
A set of GitHub actions for checking your projects for vulnerabilities
HTML508other
3 months ago
actionssnyk
awesome-security-newsletters
Periodic cyber security newsletters that capture the latest news, summaries of c
806gpl-2.0
9 months ago
cybersecuritynewsletter
rugby-board-node
Deprecate due to vulnerabilities in dependencies. Rugby News Board built with No
JavaScript7mit
5 years ago
herokunodejspreact
w3af
w3af: web application attack and audit framework, the open source web vulnerabil
Python4512
2 years ago
appseccross-site-scriptingscanner
checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in in
Python7139apache-2.0
yesterday
awsaws-securityazure
kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigur
Open Policy Agent2097apache-2.0
2 days ago
appseccloudnativedevsecops
roca
ROCA: Infineon RSA key vulnerability
Python481mit
last year
detectordiscrete-logarithmfingerprinting
phpcs-security-audit
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilitie
PHP706gpl-3.0
2 years ago
phpphp-codesnifferphpcs
teler-waf
teler-waf is a Go HTTP middleware that protects local web services from OWASP To
Go322apache-2.0
4 months ago
gogo-librarygo-package
lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vuln
TypeScript1429other
7 months ago
compliancecontinuous-deliverycve-scanning
is-website-vulnerable
finds publicly known security vulnerabilities in a website's frontend JavaScript
JavaScript1927apache-2.0
last year
hacktoberfestlighthousenodejs
cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multip
Python1926apache-2.0
4 months ago
appseccicdctf
wrongsecrets
Vulnerable app with examples showing how to not use secrets
Java1188agpl-3.0
3 months ago
awsazurectf
trommel
TROMMEL: Sift Through Embedded Device Files to Identify Potential Vulnerable Ind
Python204other
4 years ago
cwe_checker
cwe_checker finds vulnerable patterns in binary executables
Rust1117lgpl-3.0
3 months ago
binary-analysiscwecwe-checker
cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
Python2832bsd-3-clause
5 months ago
ruby-advisory-db
A database of vulnerable Ruby Gems
Ruby1020other
6 days ago
advisory-fileshacktoberfestmetadata
terragoat
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat
HCL1126apache-2.0
4 months ago
aws-securityazure-securitycloud-security
RVD
Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.
Python168gpl-3.0
5 months ago
bountybugcybersecurity
cfngoat
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoa
92
4 months ago
aws-securitycloudformationcloudsecurity
Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, to
5215cc0-1.0
8 months ago
awesomeawesome-listfuzzing
kubernetes-goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and pra
HTML4189mit
4 months ago
blueteamcloud-nativecloud-security
weblogic_honeypot
WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the
Python31mit
5 years ago
deceptionexecution-vulnerabilityhoneypot
grype
A vulnerability scanner for container images and filesystems
Go8302apache-2.0
3 months ago
container-imagecontainerscyclonedx
Firmware_Slap
Discovering vulnerabilities in firmware through concolic analysis and function c
Python468gpl-3.0
4 years ago
angrexploitfirmware
ciscoasa_honeypot
A low interaction honeypot for the Cisco ASA component capable of detecting CVE-
JavaScript51mit
6 years ago
ciscocisco-asaexecution-vulnerability
flawfinder
a static analysis tool for finding vulnerabilities in C/C++ source code
Python471gpl-2.0
4 months ago
gql_intruder
A plugin based GraphQL vulnerability assessment tool.
Python13mit
4 years ago
graphqlgraphql-securitypentest-tool
Raccoon
A high performance offensive security tool for reconnaissance and vulnerability
Python3050mit
6 months ago
enumerationfuzzinghacking
scanner-cli
A project security/vulnerability/risk scanning tool
JavaScript358other
3 years ago
cidockernodejs
DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects p
Java6399apache-2.0
24 days ago
ant-taskbuild-toolgradle-plugin
mana-security-app
macOS vulnerability management for individuals
JavaScript22mit
2 years ago
cybersecurityelectronmacos
infersharp
Infer# is an interprocedural and scalable static code analyzer for C#. Via the c
C#732mit
10 months ago
brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
Ruby6944other
4 months ago
brakemanrailsruby
pyt
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Appl
Python2176gpl-2.0
4 years ago
abstract-syntaxabstract-syntax-treecontrol-flow-graph
CakeFuzzer
Cake Fuzzer is a project that is meant to help automatically and continuously di
Python93gpl-3.0
11 months ago
cybersecuritydasthacking
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes
Go23744apache-2.0
yesterday
containersdevsecopsdocker
Artemis
A modular vulnerability scanner with automatic report generation capabilities.
Python493bsd-3-clause
3 months ago
artemispentestingsecurity
scap-rs
National Vulnerability Database (NVD) implemented by rust
Rust16gpl-3.0
18 days ago
actix-webcpecve
uxss-db
🔪Browser logic vulnerabilities :skull_and_crossbones:
HTML685mit
4 years ago
browsercvejavascript
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Go18930mit
3 months ago
attack-surfacecve-scannerhacktoberfest
retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities. Ca
JavaScript3604other
4 months ago
build-toolchrome-extensionfirefox-extension
sbt-dependency-check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if th
Scala263apache-2.0
5 months ago
appseccvedevops
inql
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing,
Python1540apache-2.0
5 months ago
api-documentation-toolbugbountybugbounty-tool
dagda
a tool to perform static analysis of known vulnerabilities, trojans, viruses, ma
Python1159apache-2.0
2 years ago
detecting-anomalous-activitiesdockermalware-detection
tsunami-security-scanner
Tsunami is a general purpose network security scanner with an extensible plugin
Java8278apache-2.0
2 months ago
xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
5992mit
4 months ago
bugbountycross-site-scriptingdom-based
puma-scan
Puma Scan is a software security Visual Studio extension that provides real time
C#443mpl-2.0
2 years ago
quark-engine
Dig Vulnerabilities in the BlackBox
Python1263gpl-3.0
3 months ago
androidblackboxblackbox-testing
awesome-buggy-erc20-tokens
A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected
Python608cc0-1.0
9 months ago
awesomeawesome-listdapp
security-code-scan
Vulnerability Patterns Detector for C# and VB.NET
C#944lgpl-3.0
4 months ago
analysisanalyzercode
actions
A set of GitHub actions for checking your projects for vulnerabilities
HTML508other
3 months ago
actionssnyk
awesome-security-newsletters
Periodic cyber security newsletters that capture the latest news, summaries of c
806gpl-2.0
9 months ago
cybersecuritynewsletter
rugby-board-node
Deprecate due to vulnerabilities in dependencies. Rugby News Board built with No
JavaScript7mit
5 years ago
herokunodejspreact
w3af
w3af: web application attack and audit framework, the open source web vulnerabil
Python4512
2 years ago
appseccross-site-scriptingscanner
checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in in
Python7139apache-2.0
yesterday
awsaws-securityazure
kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigur
Open Policy Agent2097apache-2.0
2 days ago
appseccloudnativedevsecops
roca
ROCA: Infineon RSA key vulnerability
Python481mit
last year
detectordiscrete-logarithmfingerprinting
phpcs-security-audit
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilitie
PHP706gpl-3.0
2 years ago
phpphp-codesnifferphpcs
teler-waf
teler-waf is a Go HTTP middleware that protects local web services from OWASP To
Go322apache-2.0
4 months ago
gogo-librarygo-package
lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vuln
TypeScript1429other
7 months ago
compliancecontinuous-deliverycve-scanning