#cves

Nuclei templates
sponsor
Nuclei templates

Community curated list of templates for the Nuclei engine to find security vulnerabilities.

Nuclei
sponsor
Nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

CVEMap
CVEMap

Navigate the CVE jungle with ease using CLI tool designed to provide a structured interface.

SiCat
SiCat

Advanced exploit search tool designed to identify and gather information about exploits.

cve-search
cve-search

A tool to perform local searches for known vulnerabilities.

cvecrowd.com
cvecrowd.com

Lists CVEs that are currently being discussed on the social network Mastodon.

cve-collector
cve-collector

Simple latest CVE collector written in Python.

Trivy
Trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, repositories...

karma v2
karma v2

Passive open source intelligence automated reconnaissance.

BugProve
BugProve

Automated firmware analysis tool for composition analysis and vulnerability scanning.

Jira-Lens
Jira-Lens

Fast and customizable vulnerability scanner for Jira.

traitor
traitor

Automatic Linux privilege escalation via exploitation of low-hanging fruit.

cve
cve

Gather and update all available and newest CVEs with their PoC.

wpfinger
wpfinger

wpfinger is a red-team WordPress scanning tool.

nuclei-wordfence-cve
nuclei-wordfence-cve

Collection of Nuclei templates dedicated to WordPress core, plugins and themes vulnerabilities.

TerminatorZ
TerminatorZ

Scan for top potential vulnerabilities with known CVEs in your web applications.

WebInspect
WebInspect

An automated dynamic testing solution that provides comprehensive vulnerability detection.

Invicti
Invicti

Web Application Security For Enterprise.

hunter.how
hunter.how

Internet search engines for security researchers.

RedTeam_toolkit
RedTeam_toolkit

Open source Django offensive webapp which is keeping the best tools used in the redteaming.

Vulmap
Vulmap

Online local vulnerability scanners project.

afrog
afrog

A vulnerability scanning tools for penetration testing.

awesome-cve-poc
awesome-cve-poc

A collection about Proof of Concepts of Common Vulnerabilities and Exposures.

reapoc
reapoc

OpenSource Poc && Vulnerable-Target Storage Box.

Qualys Cloud Platform
Qualys Cloud Platform

The revolutionary architecture that powers Qualys' IT, security, and compliance cloud apps.

Shodan
Shodan

Search engine for Internet-connected devices.

Netlas.io
Netlas.io

Netlas.io is the network atlas of Internet. IP, DNS, Web, IoT devices, and etc.

LanGuard
LanGuard

Patch management, vulnerability scanning, and network auditing.

Nexpose
Nexpose

Vulnerability scanner which aims to support the entire vulnerability management lifecycle.

Core Impact
Core Impact

Designed to enable security teams to conduct advanced penetration tests with ease.

Paros Proxy
Paros Proxy

HTTP(S) proxy for assessing web application vulnerability.

Nessus
Nessus

The global gold standard in vulnerability assessment built for the modern attack surface.

jok3r
jok3r

Network and Web Pentest Automation Framework.

Legion
Legion

Aids in discovery, reconnaissance and exploitation of information systems.

windows-kernel-exploits
windows-kernel-exploits

A list of Windows kernel exploits.

Linux Exploit Suggester
Linux Exploit Suggester

Based on operating system release number.

WES-NG
WES-NG

Windows Exploit Suggester - Next Generation.

Windows Exploit Suggester
Windows Exploit Suggester

Compares target patch levels against the Microsoft vulnerability DB to detect missing patches.

WinPwn
WinPwn

Automation for internal Windows pentest / AD-Security.

DependencyCheck
DependencyCheck

Utility that detects publicly disclosed vulnerabilities in application dependencies.

Acunetix
Acunetix

Quickly find and fix the vulnerabilities that put your web applications at risk of attack.

OpenVAS
OpenVAS

This repository contains the scanner component for Greenbone Community Edition.

Exploitalert
Exploitalert

Exploits found on the INTERNET.

The Exploit Database
The Exploit Database

Archive of public exploits and corresponding vulnerable software.

burp-vulners-scanner
burp-vulners-scanner

Vulnerability scanner based on vulners.com search API.

Betterscan
Betterscan

Code Scanning/SAST/static analysis/linting using many tools/scanners with one report.

Eagle
Eagle

Vulnerability scanner for mass detection of web-based applications vulnerabilities.

SearchSploit
SearchSploit

Cli tool for Exploit-DB that also allows you to take a copy of Exploit Database with you.

flan
flan

A pretty sweet vulnerability scanner.

Faraday security
Faraday security

Open source sulnerability management and orchestration platform.

git-vuln-finder
git-vuln-finder

Find potential software vulnerabilities from git commit messages.

Retire.js
Retire.js

Detects the use of JavaScript libraries with known vulnerabilities.

As3nt
As3nt

Another Subdomain ENumeration Tool.

Nmap
Nmap

The network mapper.

Metasploit
Metasploit

The world’s most used penetration testing framework.

w3af
w3af

Web Application Attack and Audit Framework.

detectify-cves
detectify-cves

Find CVEs that don't have a Detectify modules.

Burp Suite
Burp Suite

The class-leading vulnerability scanning, penetration testing, and web app security platform.

WPScan
WPScan

WPScan WordPress Security Scanner