Top 23 vulnerability-assessment Open-Source Projects

• nuclei

  17 17,234 9.8 Go

  Fast and customizable vulnerability scanner based on simple YAML based DSL.

  

Project mention: The 36 tools that SaaS can use to keep their product and data safe from criminal hackers (manual research) | /r/SaaS | 2023-05-22

Nuclei

• h4cker

  4 16,589 9.2 Jupyter Notebook

  This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.

  

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• lynis

  72 12,507 7.8 Shell

  Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

  

Project mention: Who does check linux distros of malware - open source | /r/linux | 2023-12-10

Linux has (free) tools to improve security and detect/remove malware: Lynis,Chkrootkit,Rkhunter,ClamAV,Vuls,LMD,radare2,Yara,ntopng,maltrail,Snort,Suricata...

• vuls

  3 10,671 8.8 Go

  Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

  

• vulscan

  3 3,319 3.4 Lua

  Advanced vulnerability scanning with Nmap NSE

  

Project mention: Scanning ports and finding network vulnerabilities using nmap | dev.to | 2023-12-01

Few people know that nmap is not just for reconnaissance work. Among other things, it allows finding vulnerabilities based on scripts prepared by the community and the tool's developers. Examples include nmap-vulners, vulscan or already prepared scripts that are installed along with nmap.

• Raccoon

  4 2,993 0.0 Python

  A high performance offensive security tool for reconnaissance and vulnerability scanning

• openvas-scanner

  9 2,882 9.4 C

  This repository contains the scanner component for Greenbone Community Edition.

  

Project mention: Monthly Security Checklist | /r/msp | 2023-06-25

OpenVAS - https://github.com/greenbone/openvas-scanner

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• cve-search

  1 2,197 8.0 Python

  cve-search - a tool to perform local searches for known vulnerabilities (by cve-search)

  

• rapidscan

  1 1,650 4.1 Python

  :new: The Multi-Tool Web Vulnerability Scanner.

  

• nerve

  1 438 0.0 Python

  NERVE Continuous Vulnerability Scanner (by PaytmLabs)

  

• mageni

  4 308 6.6

  Open-source vulnerability scanner

  

Project mention: Mageni | /r/selfhosted | 2023-09-08

• Vailyn

  1 187 0.0 Python

  A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

• gvm-tools

  2 153 8.7 Python

  Remote control your Greenbone Community Edition or Greenbone Enterprise Appliance

  

• portauthority

  1 151 0.0 Go

  API that leverages Clair to scan Docker Registries and Kubernetes Clusters for vulnerabilities (by target)

  

• mi-x

  3 141 6.0 Python

  Determine whether your compute is truly vulnerable to a specific vulnerability by accounting for all factors which affect *actual* exploitability (runtime execution, configuration, permissions, existence of a mitigation, OS, etc..)

  

• UnSAFE_Bank

  1 136 0.0 PHP

  Vulnerable Banking Suite

• aeacus

  4 102 5.1 Go

  🔐 Vulnerability remediation scoring system

  

• awesome-vulnerability-assessment

  1 78 2.3

  An ever-growing list of resources for data-driven vulnerability assessment and prioritization

• www-project-zap

  0 68 4.5 HTML

  OWASP Zed Attack Proxy project landing page.

  

• lava

  2 49 0.0 Python

  Microsoft Azure Exploitation Framework (by mattrotlevi)

• tsuki-sploit

  1 43 3.9 C

  A USB-based script for Ethical hacking with multiple attacks

Project mention: 🌟 Introducing tsuki-sploit: A multipurpose USB-based script for Ethical hacking! [FOR EDUCATIONAL PURPOSES ONLY] | /r/Hacking_Tutorials | 2023-05-06

You can read more about it in the github repo: https://github.com/Tsujimar/tsuki-sploit

• cybersecurity-security-harderning

  1 27 10.0 Shell

  A collection of awesome security hardening software, libraries, learning tutorials & documents, e-books, best practices, checklists, benchmarks about hardening in Cybersecurity

• CVEAggregate

  2 27 7.3 JavaScript

  Build a CVE library with aggregated CISA, EPSS and CVSS data

Project mention: CVEAggregate: Build a CVE library with aggregated CISA, EPSS and CVSS data | /r/blueteamsec | 2023-09-03

• SaaSHub

  www.saashub.com sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

vulnerability-assessment related posts

• Scanning ports and finding network vulnerabilities using nmap
  2 projects | dev.to | 1 Dec 2023
• Mageni
  1 project | /r/selfhosted | 8 Sep 2023
• Monthly Security Checklist
  4 projects | /r/msp | 25 Jun 2023
• Show HN: Oneleet – Penetration Testing for SoC 2 and beyond
  1 project | news.ycombinator.com | 11 May 2023
• Show HN: Oneleet – Penetration Testing for SoC 2 and beyond
  1 project | news.ycombinator.com | 11 May 2023
• Catalog of zero-day vulnerabilities
  1 project | /r/sysadmin | 21 Mar 2023
• Vulnerability scanning tools for homelab?
  2 projects | /r/homelab | 5 Mar 2023
• A note from our sponsor - InfluxDB
  www.influxdata.com | 30 Apr 2024

  Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com