Vulnerability Scanning
Showing 27 of 27 projects
A comprehensive security scanner that finds vulnerabilities, misconfigurations, secrets, and SBOMs in containers, Kubernetes, code, and clouds.
An open source trusted cloud native registry that stores, signs, and scans container images and Helm charts.
A CLI and library for evaluating, red-teaming, and comparing LLM prompts, agents, and RAGs with simple declarative configs.
A curated collection of awesome software, libraries, books, and resources for cybersecurity professionals.
A curated collection of awesome software, libraries, documents, books, and resources about cybersecurity.
Static vulnerability analysis for container images (OCI/Docker) via an API that indexes and matches against known security flaws.
A CLI tool and Go library for generating Software Bill of Materials (SBOM) from container images and filesystems.
A CLI tool and Go library for generating Software Bill of Materials (SBOM) from container images and filesystems.
A static code analysis tool that scans infrastructure as code, container images, and open source packages for security misconfigurations and vulnerabilities.
A static code analysis tool that scans infrastructure as code, container images, and open source packages for security misconfigurations and vulnerabilities.
A command-line tool for red-teaming and vulnerability scanning of large language models (LLMs).
A modular web application fuzzer that replaces FUZZ keywords with payloads to test parameters, authentication, forms, and directories.
A comprehensive collection of Yara rules for malware detection, vulnerability identification, and security analysis.
A security auditing tool for SSH server and client configurations, analyzing algorithms, vulnerabilities, and policy compliance.
An Nmap NSE script that transforms nmap into a vulnerability scanner using offline vulnerability databases.
A high-performance offensive security tool for reconnaissance, vulnerability scanning, and information gathering.
An open-source firmware security analyzer for embedded Linux devices, performing extraction, static/dynamic analysis, SBOM generation, and vulnerability reporting.
Nmap NSE script that uses Vulners.com API to detect software vulnerabilities during network scans.
A standalone tool that finds unprotected secrets like passwords and API keys in container images and file systems.
An on-path blackbox network traffic security testing tool for detecting weak TLS/SSL connections and cleartext traffic.
A Composer package that blocks installation of PHP dependencies with known security vulnerabilities.
An automated security testing framework for REST APIs that detects vulnerabilities like SQL injection, XSS, and CSRF.
A static analysis tool for Go that finds vulnerabilities using SSA form and source-to-sink tracing to reduce false positives.
A Python tool that scans HTTP servers for publicly accessible secret files and security vulnerabilities like git repos and backup files.
A Burp Suite extension for advanced GraphQL security testing, featuring vulnerability scanning, batch attacks, and schema analysis.
A command-line toolkit for validating, scanning, and managing SCAP (Security Content Automation Protocol) documents.
A curated list of DevSecOps tools, resources, and training materials for integrating security into the development lifecycle.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.