Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
Updated
Jun 5, 2024 - Go
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。
Kubernetes-native security toolkit
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
An IIS short filename enumeration tool
Jie stands out as a comprehensive security assessment and exploitation tool meticulously crafted for web applications. Its robust suite of features encompasses vulnerability scanning, information gathering, and exploitation, elevating it to an indispensable toolkit for both security professionals and penetration testers. 挖洞辅助工具(漏洞扫描、信息收集)
eBPF (extended Berkeley Packet Filter) Guide. Learn all about the eBPF Tools and Libraries for Security, Monitoring , and Networking.
qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
asset-scan是一款适用甲方企业的外网资产周期性扫描监控系统
Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images
Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.
Web API for nuclei and subfinder will help you automate your entire security testing workflow since you can host it anywhere and make it accessible.
vexctl is a tool to attest VEX impact statements
Analyzing Cloud Security Posture
🚀 blazing-fast pentesting suite written in Go
Add a description, image, and links to the vulnerability-detection topic page so that developers can more easily learn about it.
To associate your repository with the vulnerability-detection topic, visit your repo's landing page and select "manage topics."