Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
翻译 - 适用于Linux,FreeBSD,容器映像,运行容器,WordPress,编程语言库,网络设备的无代理漏洞扫描程序
OSS-Fuzz - continuous fuzzing for open source software.
翻译 - OSS-Fuzz-开源软件的连续模糊测试。
Vulnerability Static Analysis for Containers
翻译 - 容器的漏洞静态分析
grype 是一款针对容器镜像和文件系统的漏洞扫描器
A static analysis security vulnerability scanner for Ruby on Rails applications
翻译 - 用于Ruby on Rails应用程序的静态分析安全漏洞扫描程序
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
翻译 - 简单的脚本进行全面侦察
A list of web application security
Scalable fuzzing infrastructure.
翻译 - 可扩展的模糊测试基础架构。
Snyk CLI scans and monitors your projects for security vulnerabilities.
翻译 - CLI和构建时工具来查找和修复开源依赖项中的已知漏洞
Hunt for security weaknesses in Kubernetes clusters
翻译 - 寻找Kubernetes集群中的安全漏洞
📦 Make security testing of K8s, Docker, and Containerd easier.
翻译 - CDK是一个开放源代码的容器渗透工具包,可在不依赖任何操作系统的情况下,在不同的瘦容器中进行稳定利用。它带有有用的网络工具,许多强大的PoC / EXP可帮助您轻松逃脱容器并接管K8s集群。
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
快速搭建各种漏洞环境(Various vulnerability environment)
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
An step by step fuzzing tutorial. A GitHub Security Lab initiative
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Awesome Node.js Security resources
HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
翻译 - HackSys Extreme漏洞Windows驱动程序