Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

A vulnerability scanner for container images and filesystems

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it

傻瓜式漏洞PoC测试框架

GUAC aggregates software security metadata into a high fidelity graph database.

🧵 CLI tool for directly patching container images!

This repository contains a simple vulnerability scanner for the Terrapin attack present in the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".

DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover

A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.

Struts2漏洞扫描利用工具 - Golang版. Struts2 Scanner Written in Golang

Jie stands out as a comprehensive security assessment and exploitation tool meticulously crafted for web applications. Its robust suite of features encompasses vulnerability scanning, information gathering, and exploitation, elevating it to an indispensable toolkit for both security professionals and penetration testers. 挖洞辅助工具(漏洞扫描、信息收集)

:: Prism X · Automated Enterprise Network Security Risk Detection and Vulnerability Scanning Tool / 棱镜 X · 自动化企业网络安全风险检测、漏洞扫描工具

An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability

Go Web Application Penetration Test

🐸 Scans your Git repository with JFrog Xray for security vulnerabilities. 🤖

CLI to integrate continuous fuzzing with Fuzzit (no longer available)