Build software better, together

aquasecurity / trivy

Open

docs: Installation on Debian/Ubuntu: follow Debian's "instructions to connect to a third-party repository"

3

elchenberg commented May 25, 2022

According to the Debain wiki keys “MUST NOT be placed in /etc/apt/trusted.gpg.d or loaded by apt-key add.”: https://wiki.debian.org/DebianRepository/UseThirdParty

So instead of this:

wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.

help wanted good first issue kind/feature

Open

operation.NewCache() print the redis user and password to log

2

Open

CISOfy / lynis

Star

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

linux shell auditing devops unix security-audit pci-dss compliance hardening security-vulnerability security-hardening devops-tools hipaa vulnerability-detection vulnerability-scanners security-scanner vulnerability-assessment gdpr security-tools system-hardening

Updated May 18, 2022
Shell

future-architect / vuls

Star

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

go linux golang freebsd security security-audit administrator cybersecurity security-vulnerability vulnerabilities security-hardening vulnerability-detection vulnerability-management vulnerability-scanners security-scanner vulnerability-assessment vuls security-automation security-tools vulnerability-scanner

Updated May 30, 2022
Go

projectdiscovery / nuclei

Star

Fast and customizable vulnerability scanner based on simple YAML based DSL.

security vulnerability-detection security-scanner vulnerability-assessment vulnerability-scanner attack-surface subdomain-takeover cve-scanner nuclei-engine

Updated Jun 4, 2022
Go

armosec / kubescape

Star

Kubescape is a K8s open-source tool providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer and image vulnerabilities scanning.

kubernetes security devops vulnerability-detection nsa best-practice mitre-attack

Updated Jun 3, 2022
Go

projectdiscovery / nuclei-templates

Star

Open

Template / PR Information

Added phpMyAdmin Default Login
References: https://www.phpmyadmin.net/

Template Validation

I've validated this template locally?

YES
NO

Additional Details (leave it blank if not applicable)

Additional References:

Nuclei Template Creation Guideline
[Nucl

good first issue

jeremylong / DependencyCheck

Sponsor

Star

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

security security-audit maven-plugin jenkins-plugin gradle-plugin build-tool ant-task vulnerability-detection software-composition-analysis

Updated Jun 3, 2022
Java

wazuh / wazuh

Star

Wazuh - The Open Source Security Platform

security elasticsearch log-analysis monitoring incident-response ids intrusion-detection pci-dss compliance security-hardening loganalyzer vulnerability-detection ossec openscap wazuh policy-monitoring security-awareness file-integrity-management

Updated Jun 3, 2022
C

ysrc / xunfeng

Star

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

security security-audit scanner exploits infosec pentesting vulnerability-detection vulnerability-scanners vulnerability-assessment

Updated Mar 16, 2021
Python

Arachni / arachni

Star

Web Application Security Scanner Framework

javascript ruby crawler security-audit modular hack dom analysis scanner detection hacking xss audit web-application penetration-testing sql-injection vulnerability-detection arachni scanners

Updated May 29, 2022
Ruby

scipag / vulscan

Star

Advanced vulnerability scanning with Nmap NSE

security security-audit lua exploit lua-script nmap penetration-testing vulnerability vulnerability-databases vulnerability-detection nse vulnerability-identification vulnerability-scanners security-scanner vulnerability-assessment nmap-scripts nsescript nmap-scan-script vulnerability-scanning vulnerability-database-entry

Updated Mar 11, 2022
Lua

cve-search / cve-search

Star

cve-search - a tool to perform local searches for known vulnerabilities

vulnerabilities cve cpe vulnerability-detection cve-scanning vulnerability-assessment common-vulnerabilities cve-search cve-databases cve-entries

Updated Jun 2, 2022
Python

greenbone / openvas-scanner

Star

This repository contains the scanner component for Greenbone Community Edition.

scanner vulnerability openvas vulnerability-detection vulnerability-management vulnerability-scanners vulnerability-assessment gvm greenbone greenbone-vulnerability-management openvas-scanner

Updated Jun 3, 2022
C

deepfence / ThreatMapper

Star

🔥

🔥 Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more. 🔥

🔥

serverless secops cloud-native security-vulnerability vulnerability-detection vulnerability-management observability vulnerability-scanners vulnerability-assessment log4j2 threat-analysis security-tools cloudsecurity devsecops vulnerability-scanning scanning-tool registry-scanning cwpp

Updated Jun 5, 2022
JavaScript

0xInfection / TIDoS-Framework

Star

The Offensive Manual Web Application Penetration Testing Framework.

osint enumeration highlight scanning exploitation vulnerability-detection web-penetration-testing intelligence-gathering web-application-security comprehensive-web reconnaissance footprinting vulnerability-analysis comprehensive web-fuzzer scanning-enumeration tidos-framework

Updated Feb 12, 2021
Python

vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.

bot crawler hacking exploits vulnerability pentest vulnerability-detection vulnerability-assessment information-gathering security-tools cms-detector cloudflare-detection shell-injection vulnerability-exploit website-vulnerability-scanner wp-scanner auto-exploiter dorks detects-vulnerabilities subdomains-gathering

Updated Mar 30, 2022
Python

wagiro / BurpBounty

Star

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

bug-bounty bugbounty vulnerability-detection burpsuite burp-extensions vulnerability-scanner

Updated May 10, 2022
BlitzBasic

pyupio / safety

Sponsor

Star

Safety checks your installed dependencies for known security vulnerabilities

python security travis security-vulnerability vulnerability-detection vulnerability-scanners

Updated May 30, 2022
Python

DependencyTrack / dependency-track

Star

Open

Migrate Swagger to OpenAPI 3

3

stevespringett commented Nov 18, 2020

The current swagger definition is autogenerated. The automatically generated definitions rely on reflection and annotations to create the documentation. The reflection capabilities are poor at best and lead to missing API parameters. Annotations can help in some cases, but the only fix for Swagger is to create individual POJOs for every possible request. This will lead to unnecessary large number

enhancement help wanted p2 good first issue

Moham3dRiahi / XAttacker

Star

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

wordpress video drupal exploit scanner hacking joomla prestashop pentest exploitation vulnerability-detection hacking-tool security-scanner vulnerability-assessment lokomedia security-tools vulnerability-scanner vulnerability-exploit website-vulnerability-scanner wp-scanner auto-exploiter

Updated Apr 16, 2022
Perl

lutfumertceylan / top25-parameter

Star

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️

⚔️

🧙

security infosec pentesting bugbounty xss-detection vulnerability-detection pentest-tool vulnerability-research bugbountytips

Updated May 10, 2022

Lucifer1993 / SatanSword

Star

红队综合渗透框架

poc fingerprinting vulnerability-detection vulnerability-scanners security-tools pentest-tool

Updated Apr 2, 2022
Python

0xricksanchez / paper_collection

Star

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

linux iot embedded kernel paper linux-kernel fuzzing exploitation vulnerability-detection mitigations rca sanitizer directed-fuzzing hybrid-fuzzing fuzzing-binaries guided-fuzzing root-cause

Updated Apr 28, 2022

toolswatch / vFeed

Star

The Correlated CVE Vulnerability And Threat Intelligence Database API

python threat exploits vulnerability scap vulnerability-databases threatintel cve oval vulnerability-detection vulnerability-identification vulnerability-scanners cwe capec intelligence-gathering threat-intelligence vulnerability-database-entry threat-intelligence-database vfeed common-vulnerability-exposure

Updated May 28, 2021
Python

seccubus / seccubus

Star

Easy automated vulnerability scanning, reporting and analysis

security analysis ssllabs nmap medusa filters nessus vulnerability-detection seccubus repeated-scans nikto vulnerability-management testssl

Updated Jan 10, 2020
JavaScript

m0nad / HellRaiser

Star

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

ruby rails security security-audit network scanner hacking nmap cve network-analysis vulnerability-detection cve-scanning hacking-tool vulnerability-scanners vulnerability-assessment security-tools

Updated May 24, 2022
Ruby

Patrowl / PatrowlManager

Star

Open

Feedback

1

antonmalae commented Nov 15, 2018

I think that you are doing a very necessary system and your idea is cool, but at the moment it has a lot of bugs. From what I noticed, the assets do not understand the ascii characters and the system crashes. In addition, I did not find a description of the API, I would like to integrate your system into TheHive, or rather make it possible to view information about an asset in TheHive. I believe t

good first issue

mikeroyal / Open-Source-Security-Guide

Star

Open Source Security Guide

security best-practices owasp penetration-testing pentesting compliance vulnerabilities security-hardening appsec vulnerability-detection cve-scanning vulnerability-scanners gdpr security-automation security-tools devsecops pentesting-tools awesome-opensource awesome-security

Updated Jun 3, 2022
Go

SkyLined / BugId

Star

Detect, analyze and uniquely identify crashes in Windows applications

python windows debugger debugging security crash-reporting analysis bug id crash report vulnerability vulnerabilities unique-id vulnerability-detection vulnerability-assessment bug-analysis debugging-tool vulnerability-analysis crash-analysis

Updated May 20, 2022
Python

we1h0 / SecurityManageFramwork

Star

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

security security-audit scanner exploits infosec pentesting vulnerability-detection vulnerability-scanners vulnerability-assessment

Updated Jan 6, 2022
Python

vulnerability-detection

Here are 290 public repositories matching this topic...

aquasecurity / trivy

docs: Installation on Debian/Ubuntu: follow Debian's "instructions to connect to a third-party repository"

operation.NewCache() print the redis user and password to log

Feature: Add podAnnotations

CISOfy / lynis

future-architect / vuls

projectdiscovery / nuclei

armosec / kubescape

projectdiscovery / nuclei-templates

add phpmyadmin-default-login

Template / PR Information

Template Validation

Additional Details (leave it blank if not applicable)

Additional References:

jeremylong / DependencyCheck

wazuh / wazuh

ysrc / xunfeng

Arachni / arachni

scipag / vulscan

cve-search / cve-search

greenbone / openvas-scanner

deepfence / ThreatMapper

0xInfection / TIDoS-Framework

anouarbensaad / vulnx

wagiro / BurpBounty

pyupio / safety

DependencyTrack / dependency-track

Migrate Swagger to OpenAPI 3

Moham3dRiahi / XAttacker

lutfumertceylan / top25-parameter

Lucifer1993 / SatanSword

0xricksanchez / paper_collection

toolswatch / vFeed

seccubus / seccubus

m0nad / HellRaiser

Patrowl / PatrowlManager

Feedback

mikeroyal / Open-Source-Security-Guide

SkyLined / BugId

we1h0 / SecurityManageFramwork

Improve this page

Add this topic to your repo