24 Resources
Golang vulnerabilities Libraries
Scan systems and docker images for potential spring4shell vulnerabilities.
Scan systems and docker images for potential spring4shell vulnerabilities. Will detect in-depth (layered archives jar/zip/tar/war and scans for vulnerable Spring4shell versions. Binaries for Windows, Linux and OsX, but can be build on each platform supported by supported Golang.
GoVWA - A web application developed to help the pentester and programmers to learn the vulnerabilities
GoVWA - A web application developed to help the pentester and programmers to learn the vulnerabilities
🍷 Find exploits and vulnerabilities in the most important databases.
🍷 Dionisio Dionisio is a tool that can automate the search for exploits and vulnerabilities. Written in Go and open source, Dionisio has an advanced
Vulnerability-exporter - A Prometheus Exporter for managing vulnerabilities in kubernetes by using trivy
Kubernetes Vulnerability Exporter A Prometheus Exporter for managing vulnerabili
Integrate Snyk into Harbor
Harbor Snyk Scanner Harbor Snyk Scanner is a scanner adaptor for Harbor to integrate scan results from Snyk. The project is currently work in progress
OpenSCA is a Software Composition Analysis (SCA) solution that supports detection of open source component dependencies and vulnerabilities.
OpenSCA-Cli 项目介绍 OpenSCA 用来扫描项目的第三方组件依赖及漏洞信息。 下载安装 从 releases 下载对应系统架构的可执行文件压缩包 或者下载源码编译(需要 go 1.11 及以上版本) git clone https://github.com/XmirrorSecurit
log4jshell vulnerability scanner for bug bounty
log4shell-looker a log4jshell vulnerability scanner for bug bounty (Written in G
Git watchdog will scan your public repository and find out the vulnerabilities
Dependencies Docker Go 1.17 MySQL 8.0.25 Bootstrap Run chmod +x start.sh if start.sh script does not have privileged to run Run ./start.sh --bootstrap
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Table of contents 1. About 2. Getting started 2.1. Requirements 2.2. Installation 3. Usage 3.1. CLI Usage 3.2. Using Docker 3.3. Older versions 3.4. U
Frontend to display data from huskyCI analyses
How does it work? The main goal of this project is to provide a front-end for every huskyCI user to check the stats of the analyses done. If you don't
A vulnerability scanner for container images and filesystems
A vulnerability scanner for container images and filesystems
Build a local copy of Known Exploited Vulnerabilities Catalog by CISA. Server mode for easy querying.
go-kev go-kev build a local copy of Known Exploited Vulnerabilities Catalog by CISA. Usage $ go-kev help Go Known Exploited Vulnerabilities Usage:
Build a local copy of Known Exploited Vulnerabilities Catalog by CISA. Server mode for easy querying.
go-kev go-kev build a local copy of Known Exploited Vulnerabilities Catalog by CISA. Usage $ go-kev help Go Known Exploited Vulnerabilities Usage:
A detector for the Trojan Source and other unicode-based vulnerabilities.
Trojan Source Detector This application detects Trojan Source attacks in source code. It can be used as part of the CI system to make sure there are n
Search for vulnerabilities and exposures while filtering based on age, keywords, and other parameters.
FAV/E FAV/E (Find A Vulnerability/Exposure) utilizes the NIST CVE database search API to search for vulnerabilities and exposures while filtering base
TProx is a fast reverse proxy path traversal detector and directory bruteforcer.
TProx is a fast reverse proxy path traversal detector and directory bruteforcer Install • Usage • Examples • Join Discord Install Options From Source
Kubei is a flexible Kubernetes runtime scanner, scanning images of worker and Kubernetes nodes providing accurate vulnerabilities assessment, for more information checkout:
Kubei is a vulnerabilities scanning and CIS Docker benchmark tool that allows users to get an accurate and immediate risk assessment of their kubernet
A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
Dent More Information If you want to learn more about the techniques utlized in this framework please take a look at this article. Description This fr
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Vuls: VULnerability Scanner Vulnerability scanner for Linux/FreeBSD, agent-less, written in Go. We have a slack team. Join slack team Twitter: @vuls_e
Vulnerability Static Analysis for Containers
Clair Note: The main branch may be in an unstable or even broken state during development. Please use releases instead of the main branch in order to
A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index
Nancy nancy is a tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index, and as well, works with Nexus IQ Server
SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities
SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities Why?
Tool to check for dependency confusion vulnerabilities in multiple package management systems
Confused A tool for checking for lingering free namespaces for private package names referenced in dependency configuration for Python (pypi) requirem
PHP security vulnerabilities checker
Local PHP Security Checker The Local PHP Security Checker is a command line tool that checks if your PHP application depends on PHP packages with know