Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

grep rough audit - source code auditing tool

Wazuh - Docker containers

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

EternalView is an all in one basic information gathering and vulnerability assessment tool

Wazuh - Tools for packages creation

ScanPro - NMap Scanning Scripts ~ Network Mapper

fsp - Firestore Database Vulnerability Scanner Using APKs

Wazuh - Amazon AWS Cloudformation

A collection of awesome security hardening software, libraries, learning tutorials & documents, e-books, best practices, checklists, benchmarks about hardening in Cybersecurity

An Automated Mass Network Vulnerability Scanner and Recon Tool

Shell scripts to identify and fix installations of xz-utils affected by the CVE-2024-3094 vulnerability. Versions 5.6.0 and 5.6.1 of xz-utils are known to be vulnerable, and this script aids in detecting them and optionally downgrading to a stable, un-compromised version (5.4.6) or upgrading to latest version. Added Ansible Playbook

A complete security assessment tool that supports common web security issues scanning and custom POC | Be sure to read the document before using.

Official OSSEC docker container

CVE-2024-6387 Checker is a fast, efficient tool for detecting OpenSSH servers vulnerable to the regreSSHion exploit. It quickly scans multiple IPs, domain names, and CIDR ranges to identify risks and help secure your infrastructure.

Wazuh - Release for Bosh.io

MapSploit - Network Vulnerability Scanner

SADA Webapplication Scanner

Automatic script for subdomain enumeration and vulnerability scan using Acunetix API.

the simplest vulnerability scanner available