project-copacetic
copaceticProject Copacetic (copa) is a CLI tool for patching container image vulnerabilities directly without full image rebuilds, using vulnerability...
25 repositories found
project-copacetic
copaceticProject Copacetic (copa) is a CLI tool for patching container image vulnerabilities directly without full image rebuilds, using vulnerability...
six2dez
reconftwreconFTW is an automated reconnaissance framework designed for bug bounty hunters and penetration testers to enumerate subdomains, perform security...
ossf
cve-bin-toolCVE Binary Tool is a free, open-source security scanner that identifies known vulnerabilities in binaries and software components by matching against...
DependencyTrack
dependency-trackDependency-Track is an OWASP-maintained Component Analysis platform that ingests Software Bill of Materials (SBOMs) to identify and mitigate supply...
ClusterFuzz is a scalable fuzzing infrastructure used by Google to find security and stability issues in software, powering both internal Google...
Bearer
bearerBearer is an open-source static application security testing (SAST) tool that scans source code to identify security vulnerabilities and privacy...
opencve
opencveOpenCVE is a vulnerability intelligence platform that aggregates CVE data from multiple sources (MITRE, NVD, RedHat, etc.) and provides filtering,...
trickest
cveCVE PoC is an automated aggregation repository that collects and organizes publicly available proof-of-concept exploits for CVEs, organized by year...
edoardottt
awesome-hacker-search-enginesA curated collection of search engines and tools for security professionals conducting penetration testing, vulnerability assessments, and threat...
pwndoc
pwndocPwnDoc is a collaborative pentest reporting platform that streamlines the generation of customizable Word documents from security audit findings....
anchore
grypeGrype is a vulnerability scanner that analyzes container images, filesystems, and SBOMs against known vulnerability databases. It serves DevOps...
infoslack
awesome-web-hackingA curated list of resources for web application security education and penetration testing, including books, documentation, tools, cheat sheets,...
lirantal
npqnpq is a command-line tool that audits npm packages before installation by checking against CVE databases, analyzing package metadata (age,...
OSS-Fuzz is a continuous fuzzing service that automatically discovers security vulnerabilities and stability bugs in open source software using...
RetireJS
retire.jsRetire.js is a specialized security scanner that detects JavaScript libraries with known vulnerabilities in web and Node.js applications, addressing...
ycdxsb
PocOrExp_in_GithubThis project automatically aggregates proof-of-concept (POC) and exploit (EXP) code from GitHub, indexed by CVE ID. It serves security researchers,...
cve-search
cve-searchcve-search is a specialized security tool that imports CVE and CPE data into MongoDB to enable fast, local vulnerability searches without exposing...
future-architect
vulsVuls is an agent-less vulnerability scanner written in Go that detects security vulnerabilities across Linux, FreeBSD, Windows, macOS, containers,...
quay
clairClair is a static analysis tool that scans OCI and Docker container images for known vulnerabilities, enabling security teams to assess container...
snyk
cliSnyk CLI is a developer-focused security scanning tool that detects and monitors vulnerabilities across open-source dependencies, application code,...
presidentbeef
brakemanBrakeman is a static analysis security scanner specifically designed for Ruby on Rails applications, detecting vulnerabilities in Rails code without...
jaeles-project
jaelesJaeles is a Go-based Web Application Scanner framework designed for security professionals and bug bounty hunters to build custom vulnerability...
bkerler
exploit_meexploit_me is a deliberately vulnerable ARM/AARCH64 application designed as a CTF-style educational tutorial covering 29 exploitation techniques...
lirantal
is-website-vulnerableis-website-vulnerable is a security scanning tool that detects publicly known vulnerabilities in a website's frontend JavaScript libraries by...
FriendsOfPHP
security-advisoriesA centralized database of known security vulnerabilities in PHP packages and libraries, maintained as a YAML-based reference that integrates with...
Weekly newsletter
Every Monday: the repos worth your attention, anomaly signals and deep AI analysis. No fluff, unsubscribe any time.