Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 vulnerability-scanner Open-Source Projects
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Linux has (free) tools to improve security and detect/remove malware: Lynis,Chkrootkit,Rkhunter,ClamAV,Vuls,LMD,radare2,Yara,ntopng,maltrail,Snort,Suricata...
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
-
Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
-
Tfsec acts as a Terraform scanning tool. It is a security-focused linter for Terraform that scans code for security flaws, offering an additional layer of security assurance and helping to maintain a strong security posture.
-
scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
-
ThreatMapper
Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.
Project mention: ThreatMapper: Open-source cloud native security observability platform | news.ycombinator.com | 2023-09-10 -
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
nginx-ultimate-bad-bot-blocker
Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders
-
Project mention: Scanning ports and finding network vulnerabilities using nmap | dev.to | 2023-12-01
Few people know that nmap is not just for reconnaissance work. Among other things, it allows finding vulnerabilities based on scripts prepared by the community and the tool's developers. Examples include nmap-vulners, vulscan or already prepared scripts that are installed along with nmap.
-
SecretScanner
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
-
OpenVAS - https://github.com/greenbone/openvas-scanner
-
Project mention: New EMBA firmware analyzer release - EMBA v1.2.3 - R.I.P. Binwalk | /r/netsec | 2023-05-11
-
kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
-
-
safety
Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.
Project mention: A Tale of Two Kitchens - Hypermodernizing Your Python Code Base | dev.to | 2023-11-12Safety and Dependabot complement these security tools by focusing on external dependencies. Safety takes charge of examining your dependencies, ensuring they are up-to-date and free from any known vulnerabilities. Dependabot works similarly, scanning dependencies, verifying if they're current and assessing them for potential security flaws. This function is crucial as weaknesses in external dependencies can compromise the security of the entire codebase.
-
Project mention: Magika: AI powered fast and efficient file type identification | news.ycombinator.com | 2024-02-15
Is it safe to assume that hashing (1) every file on disk, or (2) any given file on disk at random, will yield random bits with uniform probability; and (3) why Argon2 instead of e.g. only two rounds of SHA256?
https://github.com/google/osv.dev/blob/master/README.md#usin... :
> We provide a Go based tool that will scan your dependencies, and check them against the OSV database for known vulnerabilities via the OSV API. ... With package metadata, not (a file hash, package) database that could be generated from OSV and the actual package files instead of their manifest of already-calculated checksums.
Might as well be heating a pool on the roof with all of this waste heat from hashing binaries build from code of unknown static and dynamic quality.
Add'l useful formats:
> Currently it is able to scan various lockfiles, debian docker containers, SPDX and CycloneDB SBOMs, and git repositories
-
-
-
-
-
AutoPWN-Suite
AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
vulnerability-scanners related posts
- Scanning ports and finding network vulnerabilities using nmap
- Monthly Security Checklist
- Pyscan: A command-line tool to detect security issues in your python dependencies.
- Announcing Pyscan: A dependency vulnerability scanner for python projects.
- Introducing Pezzo: Open-source AI Development Toolkit 🚀
- Docker image vulnerabilities scanning trivy vs synk.io
- Docker image vulnerabilities scanning trivy vs synk.io
-
A note from our sponsor - InfluxDB
www.influxdata.com | 28 Mar 2024
Index
What are some of the best open-source vulnerability-scanner projects? This list will help you:
Project | Stars | |
---|---|---|
1 | trivy | 20,988 |
2 | lynis | 12,386 |
3 | vuls | 10,617 |
4 | Scanners-Box | 7,926 |
5 | tfsec | 6,500 |
6 | scan4all | 5,170 |
7 | ThreatMapper | 4,614 |
8 | faraday | 4,558 |
9 | nginx-ultimate-bad-bot-blocker | 3,620 |
10 | vulscan | 3,272 |
11 | SecretScanner | 2,924 |
12 | openvas-scanner | 2,804 |
13 | EMBA | 2,356 |
14 | kics | 1,865 |
15 | rapidscan | 1,629 |
16 | safety | 1,611 |
17 | osv.dev | 1,374 |
18 | ATSCAN | 1,311 |
19 | trivy-operator | 994 |
20 | go-dork | 958 |
21 | PentestTools | 903 |
22 | AutoPWN-Suite | 875 |
23 | clair-scanner | 837 |