cve-search - a tool to perform local searches for known vulnerabilities
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTra...
翻译 - LunaSec - 安全性和合规性 SDK,可阻止软件中的数据泄漏。只需几行代码,LunaSec 就在您的堆栈中添加了零信任架构、独特的每记录加密以及针对 XSS、SQL 注入和 RCE 等常见安全问题的保护。在这里现场试用:https://app.lunasec.dev
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Finding potential software vulnerabilities from git commit messages
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
#Awesome#A compilation of resources in the software supply chain security domain, with emphasis on open source
National Vulnerability Database dependency checker for Clojure projects
the blazing-fast pentesting suite.
SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a web interface.
翻译 - SECMON 是一种基于 Web 的工具,用于通过 Web 界面实现信息安全监视和漏洞管理的自动化。
RouterOS Security Inspector
A simple framework for sending test payloads for known web CVEs.
Check linux sources dump for known CVEs.
NIST-based CVE lookup store and API powered by Rust.
Zed Attack Proxy Scripts for finding CVEs and Secrets.
Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds
The goal of this project is to provide additional features on top of the existing npm audit options
不定期记录一下浪费了时间去关注过的垃圾CVE漏洞。
OWASP Kubernetes security and compliance tool [WIP]
Nmap script to detect a Microsoft Exchange instance version with OWA enabled.