Free
bundler-audit
A tool to run YARA rules against node_module folders to identify suspicious scripts
Vulnerability Management
Proactively identify and fix security weaknesses to prevent cyber threats and protect your assets.
Try these 172 AI Vulnerability Management Tools
Free
bWAPP
Linux privilege escalation auditing tool for detecting security deficiencies in Linux kernels.
Free
Buster
A tool that finds unprotected secrets in container images or file systems, matching against a database of 140 secret types.
Free
CakeFuzzer
Command line interface for managing and inspecting images, policies, subscriptions, and registries with support for various operating systems and packages.
Free
Censys
OCaml bindings to the YARA scanning engine for integrating YARA scanning capabilities into OCaml projects
Free
Clair
A repository containing hourly-updated data dumps of bug bounty platform scopes
Free
CloudJack
Open source security auditing tool to search and dump system configuration.
Free
Commix-Testbed
A community effort to compile security advisories for Ruby libraries with a detailed directory structure.
Free
CRT sh
Open source web application security scanner with 200+ vulnerability identification capabilities.
Free
CVE Scanning of Alpine base images using Multi Stage builds in Docker 17.05
A list of vulnerable applications for testing and learning
Free
CVE
Donate to your favorite open-source projects and charities using PayPal
Free
CVE Ape
Compares target's patch levels against Microsoft vulnerability database and detects missing patches.
Free
Cybersecurity Evaluation Tool (CSET)
A tool to find and search for registered CVEs, creating a local CVE database for offline use.
Free
Dagda
testssl.sh is a free command line tool for checking server's TLS/SSL configurations with clear and machine-readable output.
Free
Damn Vulnerable iOS App (DVIA)
A fuzzer for detecting open redirect vulnerabilities
Free
DefectDojo
A tool for scanning websites with open .git repositories and dumping their content for Bug Hunting/Pentesting Purposes.
Free
detect-secrets
A free and open-source tool for identifying vulnerabilities in Joomla-based websites.
Free
Dnscan
Automated contextual security findings enrichment and impact evaluation tool for vulnerability management.
Free
Docker Bench for Security
Automate version scraping and vulnerability scanning for Ruby on Rails stacks.
Free
dom-red
Cloud-based service for testing and analyzing Android and iOS apps for malware, vulnerabilities, and security threats.
Free
Free
DorkSearch
An open source project for static analysis of vulnerabilities in application containers