Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
- 
 Updated
 Oct 24, 2025 
- Go
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( Ν‘Β° ΝΚ Ν‘Β°)...
Open Source Cloud Native Application Protection Platform (CNAPP)
This repository contains the scanner component for Greenbone Community Edition.
Web Application Security Scanner Framework
Advanced vulnerability scanning with Nmap NSE
ε·‘ι£ζ―δΈζ¬Ύιη¨δΊδΌδΈε η½ηζΌζ΄εΏ«ιεΊζ₯,ε·‘θͺζ«ζη³»η»γ
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
cve-search - a tool to perform local searches for known vulnerabilities
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Zero shot vulnerability discovery using LLMs
vulnx π·οΈ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
π The Multi-Tool Web Vulnerability Scanner.
Add a description, image, and links to the vulnerability-detection topic page so that developers can more easily learn about it.
To associate your repository with the vulnerability-detection topic, visit your repo's landing page and select "manage topics."