project-copacetic
copaceticProject Copacetic (copa) is a CLI tool for patching container image vulnerabilities directly without full image rebuilds, using vulnerability...
27 repositories found
project-copacetic
copaceticProject Copacetic (copa) is a CLI tool for patching container image vulnerabilities directly without full image rebuilds, using vulnerability...
Tencent
AI-Infra-GuardAI-Infra-Guard is a comprehensive red teaming platform by Tencent's Zhuque Lab designed to identify security vulnerabilities in AI systems through...
OSV.dev is Google's open-source vulnerability database and triage service that aggregates security vulnerabilities across ecosystems and provides an...
ossf
cve-bin-toolCVE Binary Tool is a free, open-source security scanner that identifies known vulnerabilities in binaries and software components by matching against...
aquasecurity
trivyTrivy is a comprehensive security scanner for finding vulnerabilities, misconfigurations, secrets, and software licenses across container images,...
The-Art-of-Hacking
h4ckerA comprehensive, curated collection of cybersecurity resources, scripts, tools, and training materials covering ethical hacking, penetration testing,...
nomi-sec
PoC-in-GitHubPoC-in-GitHub is an automated collection tool that gathers proof-of-concept exploits and vulnerability demonstrations from GitHub, designed for...
chaitin
SafeLineSafeLine is a self-hosted Web Application Firewall (WAF) and reverse proxy designed to protect web applications from common attacks including SQL...
freelabz
secatorSecator is a task and workflow automation framework for security assessments that integrates dozens of well-known pentesting and OSINT tools (arjun,...
aquasecurity
trivy-actionTrivy Action is a GitHub Actions wrapper for Aqua Security's Trivy vulnerability scanner, enabling automated container image and artifact scanning...
topscoder
nuclei-wordfence-cveA specialized security tool that provides 77,335 Nuclei vulnerability scanning templates automatically updated daily from Wordfence intelligence,...
Bearer
bearerBearer is an open-source static application security testing (SAST) tool that scans source code to identify security vulnerabilities and privacy...
greenbone
openvas-scannerOpenVAS Scanner is a specialized vulnerability assessment engine for the Greenbone Community Edition, designed to execute continuous feeds of...
trickest
cveCVE PoC is an automated aggregation repository that collects and organizes publicly available proof-of-concept exploits for CVEs, organized by year...
swisskyrepo
PayloadsAllTheThingsPayloadsAllTheThings is a comprehensive, community-maintained reference collection of payloads, bypasses, and exploitation techniques for web...
anchore
grypeGrype is a vulnerability scanner that analyzes container images, filesystems, and SBOMs against known vulnerability databases. It serves DevOps...
bytedance
appsharkAppShark is a static taint analysis platform designed specifically for identifying vulnerabilities and compliance issues in Android applications. It...
infoslack
awesome-web-hackingA curated list of resources for web application security education and penetration testing, including books, documentation, tools, cheat sheets,...
infobyte
faradayFaraday is an open-source vulnerability management platform designed to centralize, aggregate, and normalize security scan data from multiple tools...
jar-analyzer
jar-analyzerJar Analyzer is a Java bytecode analysis GUI tool designed for security audits, vulnerability discovery, and program analysis of JAR/WAR files. It...
goodwithtech
dockleDockle is a container image linter that scans Docker images for security vulnerabilities and best-practice violations, including CIS Benchmarks...
nccgroup
singularitySingularity of Origin is a specialized framework for executing DNS rebinding attacks against vulnerable software on local networks and IoT devices....
guacsec
guacGUAC aggregates software security metadata (SBOMs, attestations, vulnerability data) into a queryable graph database to enable supply chain...
theori-io
copy-fail-CVE-2026-31431Copy Fail (CVE-2026-31431) is a security research project documenting and providing an exploit for a 9-year-old Linux kernel local privilege...
alexandreborges
malwoverviewMalwoverview is a Python-based threat hunting and malware analysis platform that aggregates intelligence from 18+ sources including VirusTotal,...
frohoff
ysoserialysoserial is a proof-of-concept tool for generating Java deserialization attack payloads using gadget chains from common libraries. It is specialized...
gommzystudio
device-activity-trackerThis is a proof-of-concept security research tool that demonstrates a privacy vulnerability in WhatsApp and Signal by measuring Round-Trip Time (RTT)...
Weekly newsletter
Every Monday: the repos worth your attention, anomaly signals and deep AI analysis. No fluff, unsubscribe any time.