Free
bundler-audit View bundler-audit
A tool to run YARA rules against node_module folders to identify suspicious scripts
Vulnerability Management
Proactively identify and fix security weaknesses to prevent cyber threats and protect your assets.
Try these 172 AI Vulnerability Management Tools
Free
bWAPP View bWAPP
Linux privilege escalation auditing tool for detecting security deficiencies in Linux kernels.
Free
Buster View Buster
A tool that finds unprotected secrets in container images or file systems, matching against a database of 140 secret types.
Free
CakeFuzzer View CakeFuzzer
Command line interface for managing and inspecting images, policies, subscriptions, and registries with support for various operating systems and packages.
Free
Censys View Censys
OCaml bindings to the YARA scanning engine for integrating YARA scanning capabilities into OCaml projects
Free
Clair View Clair
A repository containing hourly-updated data dumps of bug bounty platform scopes
Free
CloudJack View CloudJack
Open source security auditing tool to search and dump system configuration.
Free
Commix-Testbed View Commix-Testbed
A community effort to compile security advisories for Ruby libraries with a detailed directory structure.
Free
CRT sh View CRT sh
Open source web application security scanner with 200+ vulnerability identification capabilities.
Free
CVE Scanning of Alpine base images using Multi Stage builds in Docker 17.05 View CVE Scanning of Alpine base images using Multi Stage builds in Docker 17.05
A list of vulnerable applications for testing and learning
Free
CVE View CVE
Donate to your favorite open-source projects and charities using PayPal
Free
CVE Ape View CVE Ape
Compares target's patch levels against Microsoft vulnerability database and detects missing patches.
Free
Cybersecurity Evaluation Tool (CSET) View Cybersecurity Evaluation Tool (CSET)
A tool to find and search for registered CVEs, creating a local CVE database for offline use.
Free
Dagda View Dagda
testssl.sh is a free command line tool for checking server's TLS/SSL configurations with clear and machine-readable output.
Free
Damn Vulnerable iOS App (DVIA) View Damn Vulnerable iOS App (DVIA)
A fuzzer for detecting open redirect vulnerabilities
Free
DefectDojo View DefectDojo
A tool for scanning websites with open .git repositories and dumping their content for Bug Hunting/Pentesting Purposes.
Free
detect-secrets View detect-secrets
A free and open-source tool for identifying vulnerabilities in Joomla-based websites.
Free
Dirty COW View Dirty COW
A vulnerable web site for testing Sentinel features
Free
Dnscan View Dnscan
Automated contextual security findings enrichment and impact evaluation tool for vulnerability management.
Free
Docker Bench for Security View Docker Bench for Security
Automate version scraping and vulnerability scanning for Ruby on Rails stacks.
Free
dom-red View dom-red
Cloud-based service for testing and analyzing Android and iOS apps for malware, vulnerabilities, and security threats.
Free
Dockerscan View Dockerscan
A wargame designed to test your hacking skills and knowledge
Free
dom-based-xss-finder View dom-based-xss-finder
A comprehensive guide to Android Security
Free
DorkSearch View DorkSearch
An open source project for static analysis of vulnerabilities in application containers
5.0