Build software better, together

To Reproduce
Go to Http3XXStatusCodeBasedInjection Vulnerability and click on click here link as shown in the above image. it will route to a new webpage but that webpage will not open and will fail.

Expected behavior
The

Currently docker images are not versioned which can be an issue going further

Open

Adding new level in Unrestricted File upload which doesn't have a check on size of file uploaded

1

Find more good first issues

mfazrinizar / FazScan

Star

| FazScan is a Perl program to do some vulnerability scanning and pentesting |

Updated Jun 16, 2019
Perl

Mixeway / MixewayHub

Star

Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.

docker-compose cicd openvas vulnerability-management fortify acunetix security-automation security-tools devsecops vulnerability-scanning checkmarx dependency-track devsecops-pipeline security-orchestrator

Updated Dec 16, 2021
Shell

skerkour / phaser

Star

Automated attack surface mapper and vulnerability scanner (Work In Progress 🚧)

rust security security-audit attack rust-lang vulnerability infosec pentesting pentest offensive offensive-security security-tools vulnerability-scanning pentest-tool vulnerability-scanner black-hat black-hat-rust

Updated Oct 16, 2021
Rust

iinc0gnit0 / RVuln

Star

[ Automated Web Vulnerability Scanner ]

rust security web hacking xss rust-lang xss-vulnerability vulnerabilities hacking-tool vulnerability-scanners security-tools web-scanner vulnerability-scanning

Updated Jul 12, 2020
Rust

anchore / ci-tools

Star

Contains scripts for running anchore engine in CI pipelines

docker vulnerability-scanning ci-tools image-scanning container-security anchore anchore-engine

Updated Nov 22, 2021
Shell

darvid / nessusbeat

Star

A Beat that monitors a local Nessus reports directory and outputs scan results to Elasticsearch or Logstash.

elasticsearch logstash beats beat nessus vulnerability-assessment elasticbeats vulnerability-scanning vulnerability-scanner

Updated Oct 1, 2017
Go

drsh4rky / hacking-with-python

Star

You guessed well, genius !! This tool is intended for the initiation to ethical hacking with python

information-retrieval shodan hacking cybersecurity nmap ddos-attacks scapy cyber-security hacking-tool mitm-attacks vulnerability-scanning cyber-attack python-hacking eavesdrop password-attacks

Updated Aug 11, 2019
Python

Ar0xA / nessus2es

Star

Send your nessus compliance and vulnerability scan data to ElasticSearch

elasticsearch elk vulnerability compliance nessus elk-stack vulnerability-scanning nessus-api-python compliance-testing

Updated Sep 11, 2018
Python

aquasecurity / trivy-vscode-extension

Star

A VS Code Extension for Trivy

vscode-extension vulnerability-scanning

Updated Feb 16, 2022
TypeScript

infobyte / faraday-cli

Star

Faraday's Command Line Interface

devops command-line faraday pentest vulnerability-management security-automation devsecops vulnerability-scanning

Updated Jan 14, 2022
Python

scmanjarrez / CVEScannerV2

Star

Nmap script that searches for probable vulnerabilities based on services discovered in open ports.

security security-audit exploit nmap penetration-testing vulnerability vulnerability-databases vulnerability-detection nse vulnerability-identification vulnerability-scanners security-scanner metasploit nmap-scripts nsescript nmap-scan-script vulnerability-scanning exploit-db nmap-script nmap-scan

Updated Mar 18, 2022
Python

bureado / awesome-software-supply-chain-security

Star

A compilation of resources in the software supply chain security domain, with emphasis on open source

static-analysis security-vulnerability dependencies vulnerability-management software-supply-chain cve-scanning attestation package-management reproducible-builds devsecops software-composition-analysis vulnerability-scanning dependency-management oss-compliance sbom supply-chain-security supply-chain-attacks software-supply-chain-security

Updated Mar 19, 2022

Yashvendra / Recon-X

Star

Advanced Reconnaissance tool to enumerate attacking surface of the target.

dns security scanner nmap geoip traceroute whois-lookup subdomains information-gathering security-tools vulnerability-scanning reconnaissance hackertarget

Updated Dec 22, 2019
Shell

SecureStackCo / actions-exposure

Star

A GitHub Action that scans your public web applications after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.

security deployment actions web-application dynamic-analysis web-vulnerability-scanner vulnerability-detection software-composition-analysis vulnerability-scanning cloud-security deployment-pipeline deployment-automation github-actions web-vulnerability secrets-detection cloud-security-posture-management

Updated Feb 15, 2022

ptdropper / CVE-Scanner-for-your-SW-BOM

Star

CVE Vulnerability scanner of your software bill of materials (SBOM). ASCII text input.

python nist scan bom nvd3 vulnerability vulnerabilities cve vulnerability-detection cve-scanning vulnerability-identification vulnerability-scanners vulnerability-scanning vulnerability-scanner cve-search cve-databases sbom cve-entries

Updated Oct 26, 2020
Python

SxNade / JitterBug

Star

JitterBug passively searches for Basic Info, open ports, potential CVE's on the given Target IP in third party databases without Direct interaction with the target

dialog cve-scanning information-gathering portscanner passive-vulnerability-scanner vulnerability-scanning vulnerability-scanner ip-info passive-check cve-search osint-tool passive-info jitterbug

Updated Sep 29, 2021
Shell

RackReaver / AVMP

Star

Open

Add example Tenable automations to `examples/dynamic_process_configs`

RackReaver commented Jul 22, 2021

I have moved to a new company that no longer utilizes Tenable.io and no longer have access to an instance for testing. Anyone who is using this if you could go ahead and make a pull request with a redacted versions of any dynamic configuration files you have it would be appreciated.

If you have questions let me know.

Add an Incident Response Process Configuration to `examples/static_process_config`

Mixeway / MixewayBackend

Star

Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayBackend project contains source code of backend with all plugin integrations writer in Spring Boot.

spring-boot backend rest-api vulnerability-management devsecops vulnerability-scanning devsecops-pipeline

Updated Mar 9, 2022
Java

vulnerability-scanning

Here are 49 public repositories matching this topic...

scipag / vulscan

grayddq / GScan

deepfence / ThreatMapper

olacabs / jackhammer

dwisiswant0 / crlfuzz

vulscanteam / vulscan

0x4D31 / salt-scanner

enlightn / security-checker

Secure-Compliance-Solutions-LLC / GVM-Docker

x364e3ab6 / AWVS-13-SCAN-PLUS

Patrowl / PatrowlHears

SasanLabs / VulnerableApp

Http3XXStatusCodeBased injection vulnerability doesn't work with VulnerableApp Facade

Currently docker images are not versioned which can be an issue going further

Adding new level in Unrestricted File upload which doesn't have a check on size of file uploaded

mfazrinizar / FazScan

Mixeway / MixewayHub

skerkour / phaser

iinc0gnit0 / RVuln

anchore / ci-tools

darvid / nessusbeat

drsh4rky / hacking-with-python

Ar0xA / nessus2es

aquasecurity / trivy-vscode-extension

infobyte / faraday-cli

scmanjarrez / CVEScannerV2

bureado / awesome-software-supply-chain-security

Yashvendra / Recon-X

SecureStackCo / actions-exposure

ptdropper / CVE-Scanner-for-your-SW-BOM

SxNade / JitterBug

RackReaver / AVMP

Add example Tenable automations to `examples/dynamic_process_configs`

Add an Incident Response Process Configuration to `examples/static_process_config`

Mixeway / MixewayBackend

Improve this page

Add this topic to your repo