future-architect / vuls

6.5k

Agent-less vulnerability scanner for Linux/FreeBSD/WordPress/Programming language libraries/Network devices

Go Updated May 28, 2019

presidentbeef / brakeman

5.4k

A static analysis security vulnerability scanner for Ruby on Rails applications

ruby rails security static-analysis vulnerabilities brakeman security-vulnerability security-tools security-audit

Ruby Updated May 24, 2019

coreos / clair

5.2k

Vulnerability Static Analysis for Containers

containers static-analysis go kubernetes docker oci oci-image vulnerabilities clair

Good first issues

See all

Provide guide to generate pagination key

kind/documentation low hanging fruit area/dev tooling

#669 opened 6 months ago by KeyboardNerd

Postgresql got updated and helm's chart for clair is not running with that new version

low hanging fruit area/distribution

#655 opened 7 months ago by agboiza

3

README: some docs links do not work

kind/documentation kind/bug

#690 opened 4 months ago by kmoe

Go Updated May 26, 2019

google / clusterfuzz

3.7k

Scalable fuzzing infrastructure.

fuzzing security stability vulnerabilities

Good first issues

See all

Document debugging steps on bot failure detection (e.g. when startup script changed, etc)

documentation

#252 opened 3 months ago by mykter

4

Document how to run integration tests.

documentation testonly

#184 opened 3 months ago by oliverchang

Add links to fuzzing resources in documentation

documentation

#168 opened 4 months ago by oliverchang

6

Python Updated May 28, 2019

1N3 / Sn1per

2.7k

Automated pentest framework for offensive security experts

Shell Updated May 20, 2019

Medicean / VulApps

2.2k

快速搭建各种漏洞环境(Various vulnerability environment)

vulnerabilities docker struts vulnhub cve

Shell Updated Mar 14, 2019

RetireJS / retire.js

2.1k

scanner detecting the use of JavaScript libraries with known vulnerabilities

vulnerabilities scanner firefox-extension grunt-plugins javascript vulnerable-libraries insecure-libraries chrome-extension build-tool security software-composition-analysis

JavaScript Updated May 10, 2019

infoslack / awesome-web-hacking

1.8k

A list of web application security

penetration-testing web-hacking vulnerabilities scanner hacking hacking-tools metasploit web-security

Updated May 10, 2019

snyk / snyk

1.6k

CLI and build-time tool to find & fix known vulnerabilities in open-source dependencies

security monitor snyk vulnerabilities

JavaScript Updated May 28, 2019

archerysec / archerysec

1.1k

Centralize Vulnerability Assessment and Management for DevSecOps Team

vulnerability-assessment vulnerabilities scanning pentesting vulnerability-management opensource pentesters secdevops devops devops-tools devsecops

JavaScript Updated May 25, 2019

cve-search / cve-search

1k

cve-search - a tool to perform local searches for known vulnerabilities

cve-search common-vulnerabilities cpe cve-databases vulnerabilities vulnerability-detection vulnerability-assessment cve cve-scanning

Python Updated May 27, 2019

OWASP / NodeGoat

900

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications…

nodejs owasp-top-ten javascript docker heroku vulnerabilities nodegoat owasp-zap

HTML Updated May 16, 2019

Cryptogenic / Exploit-Writeups

610

A collection where my current and future writeups for exploits/CTF will go

exploitation exploit-development capture-the-flag vulnerabilities

Updated Apr 4, 2019

sundowndev / hacker-roadmap

606

📌 A guide for amateurs pen testers and a collection of hacking tools, resources and references to practice ethical h…

hacking hacking-tool penetration-testing roadmap frameworks hacktools pentest web-hacking exploitation post-exploitation vulnerabilities information-gathering

Updated May 15, 2019

thesp0nge / dawnscanner

587

Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby o…

codereview cybersecurity ruby sinatra padrino vulnerabilities rails hanami security-audit security

Ruby Updated May 7, 2019

bloodzer0 / ossa

558

Open-Source Security Architecture | 开源安全架构

security security-vulnerability security-tools security-audit security-scanner ids ips business-security application-security code-audit vulnerabilities vulnerability-scanners

Updated May 28, 2019

spencerdodd / kernelpop

545

kernel privilege escalation enumeration and exploitation framework

enumeration kernel exploits vulnerabilities security tools

Python Updated Aug 2, 2018

OWASP / railsgoat

541

A vulnerable version of Rails that follows the OWASP Top 10

rails security appsec ruby ruby-on-rails owasp-top vulnerabilities

Good first issues

See all

Update R5 A4 documentation for IDOR "attack one"

Documentation

#312 opened over 1 year ago by nvisium-john-poulin

A7 MFLAC Documentation + Unit Test Issue

Documentation bug

#318 opened over 1 year ago by nvisium-john-poulin

Update R5 SQLi Documentation

Documentation

#314 opened over 1 year ago by nvisium-john-poulin

HTML Updated May 28, 2019

eliasgranderubio / dagda

518

a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in do…

docker security static-analysis vulnerabilities detecting-anomalous-activities malware-detection

Python Updated Mar 23, 2019

crytic / not-so-smart-contracts

516

Examples of Solidity security issues

solidity vulnerabilities ethereum

Solidity Updated Apr 18, 2019

anchore / anchore-engine

506

A service that analyzes docker images and applies user-defined acceptance policies to allow automated container image…

docker containers security python static-analysis vulnerabilities docker-image anchore-engine dockerhub whitelist

Python Updated May 24, 2019

lirantal / awesome-nodejs-security

476

Awesome Node.js Security resources

nodejs security cybersecurity web-security owasp vulnerabilities pentest infosec

Updated May 6, 2019

r0hi7 / BinExp

375

Linux Binary Exploitation

linux binaries exploitation stackoverflow tutorial consolidation bufferoverflow buffer-overflow-attack format-string-attack vulnerabilities shellcode-injector return-to-libc ret2libc global-offset-table overriding-got got-spawning-shell heap-exploitation

C Updated Apr 24, 2019

LockGit / Hacking

330

hacking is a kind of spirit !

hack attack geek cracker poc hacking tools hacker hacking-tool attacker attacks security-vulnerability scanner vulnerability vulnerabilities vulnerability-scanners security security-research tool

Python Updated May 28, 2019

snyk / vulnerabilitydb

323

Snyk's public vulnerability database

security vulnerabilities vulnerability-databases vulndb snyk infosec

Updated Sep 16, 2018

DependencyTrack / dependency-track

322

Dependency-Track is an intelligent Supply Chain Component Analysis platform that allows organizations to identify and…

Java Updated May 28, 2019

snyk / zip-slip-vulnerability

315

Zip Slip Vulnerability (Arbitrary file write through archive extraction)

security vulnerabilities

Updated May 21, 2019

YalcinYolalan / WSSAT

305

WEB SERVICE SECURITY ASSESSMENT TOOL

web-service security-tools dynamic-testing static-analysis vulnerabilities xxe-injection sqlinjection xss xml-bomb rest-api-test information-disclosure soap-web-services web-service-test scanner web-service-scanner rest-api-scanner

C# Updated May 3, 2019

BugScanTeam / GitHack

280

.git 泄漏利用工具，可还原历史版本

git vulnerabilities

Python Updated Jul 31, 2017

swisskyrepo / Wordpresscan

277

WPScan rewritten in Python + some WPSeku ideas

python wordpress wordpress-plugin wordpress-theme vulnerabilities vulnerability-scanners wpscan wordpress-scanner wordpress-security

Python Updated Apr 11, 2019

Apr	MAY	Jun
	28
2018	2019	2020

vulnerabilities

Repositories 201

Good first issues

Good first issues

Good first issues

Related topics