Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 Vulnerability Open-Source Projects
-
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
-
-
-
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
-
awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
-
-
-
-
dockle
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
-
-
bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
-
hacking-resources
Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Also https://github.com/swisskyrepo/PayloadsAllTheThings I'm sure there's a few test php files in here for filter bypasses too
Project mention: A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons | dev.to | 2024-04-16Trivy Owner/Maintainer: Aqua Security Age: First released on GitHub on May 7th, 2019 License: Apache License 2.0 backward-compatible with tfsec
Trivy Operator : A simple and comprehensive vulnerability scanner for containers and other artifacts. It detects vulnerabilities of OS packages (Alpine, Debian, CentOS, etc.) and application dependencies (pip, npm, yarn, composer, etc.) (Alternatives : Grype, Snyk, Clair, Anchore, Twistlock)
Project mention: anybody got ysoserial to work in kali 2022 running java v17? | /r/oscp | 2023-06-24
Did you try using https://trickest.com?
Project mention: How do you stay on top of new vulnerabilities or CVEs? | /r/cybersecurity | 2023-12-07
Yeah, pretty close: "On-site request forgery"[0]
[0] https://github.com/daffainfo/AllAboutBugBounty/blob/master/O...
Project mention: Scanning ports and finding network vulnerabilities using nmap | dev.to | 2023-12-01Few people know that nmap is not just for reconnaissance work. Among other things, it allows finding vulnerabilities based on scripts prepared by the community and the tool's developers. Examples include nmap-vulners, vulscan or already prepared scripts that are installed along with nmap.
OpenVAS - https://github.com/greenbone/openvas-scanner
Project mention: Show HN: Bearer Code Security Scanner Add Support for Java, PHP, Go, and Python | news.ycombinator.com | 2023-10-26
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Vulnerability related posts
- Suas imagens de container não estão seguras!
- Tell HN: Ubiquiti APs likely vulnerable to Terrapin
- Terrapin SSH Attack: An Overview
- Distroless images using melange and apko
- Strange subdomain found during nmap scan
- A folosit cineva până acum Trickest?
- Scanning ports and finding network vulnerabilities using nmap
-
A note from our sponsor - InfluxDB
www.influxdata.com | 26 Apr 2024
Index
What are some of the best open-source Vulnerability projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | PayloadsAllTheThings | 56,681 |
| 2 | trivy | 21,316 |
| 3 | h4cker | 16,518 |
| 4 | hacker101 | 13,603 |
| 5 | grype | 7,623 |
| 6 | ysoserial | 7,291 |
| 7 | awesome-hacker-search-engines | 6,664 |
| 8 | cve | 6,062 |
| 9 | PoC-in-GitHub | 5,946 |
| 10 | HowToHunt | 5,573 |
| 11 | awesome-web-hacking | 5,432 |
| 12 | AllAboutBugBounty | 5,409 |
| 13 | faraday | 4,615 |
| 14 | vulscan | 3,314 |
| 15 | dalfox | 3,272 |
| 16 | openvas-scanner | 2,870 |
| 17 | fuzz.txt | 2,788 |
| 18 | dockle | 2,651 |
| 19 | command-injection-payload-list | 2,582 |
| 20 | pentest-guide | 2,348 |
| 21 | reverse-shell | 1,782 |
| 22 | bearer | 1,736 |
| 23 | hacking-resources | 1,712 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com