Awesome Open Source
Awesome Open Source
Combined Topics
security-vulnerability
x
Advertising
📦 9
All Projects
Application Programming Interfaces
📦 120
Applications
📦 181
Artificial Intelligence
📦 72
Blockchain
📦 70
Build Tools
📦 111
Cloud Computing
📦 79
Code Quality
📦 28
Collaboration
📦 30
Command Line Interface
📦 48
Community
📦 81
Companies
📦 60
Compilers
📦 60
Computer Science
📦 74
Configuration Management
📦 39
Content Management
📦 167
Control Flow
📦 197
Data Formats
📦 77
Data Processing
📦 266
Data Storage
📦 132
Economics
📦 60
Frameworks
📦 198
Games
📦 122
Graphics
📦 103
Hardware
📦 148
Integrated Development Environments
📦 47
Learning Resources
📦 147
Legal
📦 28
Libraries
📦 119
Lists Of Projects
📦 21
Machine Learning
📦 336
Mapping
📦 61
Marketing
📦 15
Mathematics
📦 55
Media
📦 228
Messaging
📦 97
Networking
📦 304
Operating Systems
📦 84
Operations
📦 120
Package Managers
📦 52
Programming Languages
📦 229
Runtime Environments
📦 96
Science
📦 42
Security
📦 375
Social Media
📦 26
Software Architecture
📦 70
Software Development
📦 68
Software Performance
📦 57
Software Quality
📦 127
Text Editors
📦 45
Text Processing
📦 131
User Interface
📦 310
User Interface Components
📦 465
Version Control
📦 29
Virtualization
📦 68
Web Browsers
📦 38
Web Servers
📦 25
Web User Interface
📦 194
The Top 240 Security Vulnerability Open Source Projects on Github
Categories
>
Security
>
Security Vulnerability
Lynis
⭐
8,734
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Vuls
⭐
8,686
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Brakeman
⭐
6,209
A static analysis security vulnerability scanner for Ruby on Rails applications
Syzkaller
⭐
3,689
syzkaller is an unsupervised coverage-guided kernel fuzzer
Cheatsheet God
⭐
3,291
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Securityadvisories
⭐
2,204
🔐 Security advisories as a simple composer exclusion list, updated daily
Secgen
⭐
2,081
Create randomly insecure VMs
Zen Rails Security Checklist
⭐
1,632
Checklist of security precautions for Ruby on Rails applications.
Is Website Vulnerable
⭐
1,627
finds publicly known security vulnerabilities in a website's frontend JavaScript libraries
Kunpeng
⭐
1,134
kunpeng是一个Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。
Uber Cli
⭐
1,123
🚗Uber, at your fingertips
Safety
⭐
1,079
Safety checks your installed dependencies for known security vulnerabilities
Ossa
⭐
711
Open-Source Security Architecture | 开源安全架构
Command Injection Payload List
⭐
700
🎯 Command Injection Payload List
Spectre Attack
⭐
662
Example of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)
Sqliscanner
⭐
640
Automatic SQL injection with Charles and sqlmap api
Fuzzapi
⭐
538
Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
Threatmapper
⭐
477
Identify vulnerabilities in running containers, images, hosts and repositories
Linux_kernel_cves
⭐
433
Tracking CVEs for the linux Kernel
Hacking
⭐
423
hacker, ready for more of our story ! 🚀
Tlsfuzzer
⭐
393
SSL and TLS protocol test suite and fuzzer
Subzy
⭐
389
Subdomain takeover vulnerability checker
Pyup
⭐
376
A tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.
Commit Watcher
⭐
342
Find interesting and potentially hazardous commits in git projects
Watchdog
⭐
309
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Ropium
⭐
292
ROPium is a tool that helps you building ROP exploits by finding and chaining gadgets together
Insecureprogramming
⭐
220
mirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/
H1domains
⭐
200
HackerOne "in scope" domains
Cod Exploits
⭐
166
☠️ Call of Duty - Vulnerabilities and proof-of-concepts
Recsech
⭐
161
Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Crithit
⭐
152
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Employee Mgmt Laravel5.4 Adminlte
⭐
132
The project is using laravel 5.4 and adminlte
Webpocket
⭐
131
Exploit management framework
Compsecattacklabs
⭐
107
Contains Attack labs
Study Struts2 S2 054_055 Jackson Cve 2017 7525_cve 2017 15095
⭐
105
Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告
Crlf Injection Scanner
⭐
105
Command line tool for testing CRLF injection on a list of domains.
Ssl Checker
⭐
86
Python script that collects SSL/TLS information from hosts
Rockyou2021.txt
⭐
82
RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!
Meltdown
⭐
75
Local Exploit for Meltdown
Laravel Soar
⭐
71
An extension package for optimizing sql statements easily and easily in laravel applications. - 在 Laravel 应用程序中轻松容易的优化 sql 语句的扩展包。
Loki
⭐
71
Proof-of-concept of emotion-targeted content delivery using machine learning and ARKit.
Network Threats Taxonomy
⭐
70
Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies
Btle Sniffer
⭐
70
Passively scan for Bluetooth Low Energy devices and attempt to fingerprint them
Audit_reports
⭐
68
QuillAudits Smart Contracts, deFi, NFT, tokens, DApps Audit Reports
Resources
⭐
64
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Vulnogram
⭐
63
Vulnogram is a tool for creating and editing CVE information in CVE JSON format
Unsafe_bank
⭐
60
Vulnerable Banking Suite
Magpie
⭐
60
Beyond CSPM. Security analysis and threat detection for cloud infrastructure.
Vilicus
⭐
57
Vilicus is an open source tool that orchestrates security scans of container images(docker/oci) and centralizes all results into a database for further analysis and metrics.
Fabric8 Analytics Vscode Extension
⭐
55
Red Hat Dependency Analytics extension
Chimay Red
⭐
52
Mikrotik RouterOS (6.x < 6.38.5) exploit kit. Reverse engineered from the "Vault 7" WikiLeaks publication.
Bento
⭐
52
Bento Toolkit is a minimal fedora-based container for penetration tests and CTF with the sweet addition of GUI applications.
Hybridtestframework
⭐
49
End to End testing of Web, API and Security
Ekolabs
⭐
40
EKOLABS esta dedicada para investigadores independientes y para la comunidad del Software Libre. Vamos a proveer de stands completos con monitor, alimentacion de energia y acceso a internet por cable, y vos vas a traer tu maquina para mostrar tu trabajo y responder preguntas de los participantes de Ekoparty Security Conference
Ciscoasa_honeypot
⭐
39
A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability.
Jeroboam
⭐
39
Check all your apps on macOS for vulnerable Sparkle updaters
Cve 2020 4463
⭐
39
IBM Maximo Asset Management is vulnerable to Information Disclosure via XXE Vulnerability (CVE-2020-4463)
Owasp Jenkins
⭐
38
Want to test your applications using the latest OWASP security toolchains and the NIST National Vulnerability Database using Jenkins, Ansible and docker? 🐳 🛡 🔒
Exploits
⭐
36
Some of my public exploits
Soteria
⭐
35
Plugin to block compilation when unapproved dependencies are used or code styling does not comply.
Ransomware Json Dataset
⭐
34
Compiles a json dataset using public sources that contains properties to aid in the detection and mitigation of over 1000 variants of ransomware.
Grapx
⭐
33
grapX will iterate through the URLs and grep the endpoints with all possible extensions.
Ai Cms
⭐
30
Free and open source Manga CMS (Deprecated!)
Itwsv
⭐
28
ITWSV- Integrated Tool for Web Security Vulnerability
Moodlescan
⭐
27
Tool for scan vulnerabilities in Moodle platforms
Herpaderping
⭐
25
Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
Training Application Security
⭐
25
This repository for training application security.
Pyvas
⭐
24
OpenVAS Management Protocol Client for Python
Handshake Cracker
⭐
24
Handshake cracker
Befree
⭐
23
Website Security, Antivirus & Firewall || a powerful application that can secure your website against hackers, attacks and other incidents of abuse
Weblogic_honeypot
⭐
23
WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.
Yas3bl
⭐
20
🔓 Yet Another S3 Bucket Leak
Pentesting
⭐
20
Misc. Public Reports of Penetration Testing and Security Audits.
Python Pentest Toolkit
⭐
19
Pentest ToolKit
Browserrecon Php
⭐
19
Advanced Web Browser Fingerprinting
Icestick Lpc Tpm Sniffer
⭐
18
FGBA-based LPC bus sniffing tool for Lattice iCEstick Evaluation Kit
Orthrus
⭐
17
🛡 Monitor, analyze, & report security misconfigurations across environments.
Faraday_plugins
⭐
17
Security tools report parsers for FaradaySEC
Packager
⭐
17
Laravel Package Skeleton Generator - https://youtu.be/kQRQWzDEbGk
Autovas
⭐
16
AutoVAS is an automated vulnerability analysis system with a deep learning approach.
Bwapp
⭐
15
bWAPP latest modified for PHP7
Protocol Analyzer
⭐
15
Fuzz testing framework for network protocols.
Shieldfy Php Client
⭐
15
The official PHP SDK for Shieldfy
Checkmarx Github Action
⭐
15
Checkmarx Scan Github Action
Hikvision Recover
⭐
15
Command-line tool for generating recovery codes for Hikvision IP Cameras
Npm Audit Helper
⭐
14
Helps you understand and work through npm audit results
Write_up_ctf
⭐
14
my write up about ctf
Puma6fail
⭐
14
CVE-2017-5693 Denial of service vulnerability in Puma 6 modems
Networkalarm
⭐
13
A tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.
Cve 2017 5753
⭐
12
OSX 10.13.2, CVE-2017-5753, Spectre, PoC, C, ASM for OSX, MAC, Intel Arch, Proof of Concept, Hopper.App Output
Slig
⭐
12
Siemens LOGO!8 PLC Password Hacking Proof-of-Concept-Tool
Kc_s701_break_free
⭐
11
Result of the Android security research
Ssltest
⭐
10
SSL check through SSL Labs API
Can I Protect Xss
⭐
10
Everything about xss protection technology
Keycloak Scanner
⭐
10
Keycloak security scanner
Micros_honeypot
⭐
10
MICROS Honeypot is a low interaction honeypot to detect CVE-2018-2636 in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (MICROS). This is a directory traversal vulnerability.
Revive Cc
⭐
9
Static analysis tool for Hyperledger Frabric smart contracts written in Go.
Multiscanner
⭐
9
Security Tool which scans a target using OpenVAS, Zap, and Nexpose. And consolidates the scan result.
Shithub
⭐
9
ShitHub is a collaborative platform, created to check your own and/or foreign code for security vulnerabilitys and design issues.
Phantom Explorer
⭐
9
A Blockchain Explorer for PHANTOM using Vue.js and Tailwind CSS. https://explorer.phantom.org
1-100 of 240 projects
Next >
Related Projects
Python Security Vulnerability Projects (61)
Security Tools Vulnerability Projects (61)
Advertising
📦 9
All Projects
Application Programming Interfaces
📦 120
Applications
📦 181
Artificial Intelligence
📦 72
Blockchain
📦 70
Build Tools
📦 111
Cloud Computing
📦 79
Code Quality
📦 28
Collaboration
📦 30
Command Line Interface
📦 48
Community
📦 81
Companies
📦 60
Compilers
📦 60
Computer Science
📦 74
Configuration Management
📦 39
Content Management
📦 167
Control Flow
📦 197
Data Formats
📦 77
Data Processing
📦 266
Data Storage
📦 132
Economics
📦 60
Frameworks
📦 198
Games
📦 122
Graphics
📦 103
Hardware
📦 148
Integrated Development Environments
📦 47
Learning Resources
📦 147
Legal
📦 28
Libraries
📦 119
Lists Of Projects
📦 21
Machine Learning
📦 336
Mapping
📦 61
Marketing
📦 15
Mathematics
📦 55
Media
📦 228
Messaging
📦 97
Networking
📦 304
Operating Systems
📦 84
Operations
📦 120
Package Managers
📦 52
Programming Languages
📦 229
Runtime Environments
📦 96
Science
📦 42
Security
📦 375
Social Media
📦 26
Software Architecture
📦 70
Software Development
📦 68
Software Performance
📦 57
Software Quality
📦 127
Text Editors
📦 45
Text Processing
📦 131
User Interface
📦 310
User Interface Components
📦 465
Version Control
📦 29
Virtualization
📦 68
Web Browsers
📦 38
Web Servers
📦 25
Web User Interface
📦 194
"GitHub" is a registered trademark of GitHub, Inc. Awesome Open Source is not affiliated with GitHub.
