Vulnerability discovery

Tool categories

There are 2 tool collections available that cover Vulnerability discovery:

Security tools

The following security tools are linked to Vulnerability discovery and are worth investigating.

  • Archery (vulnerability assessment and management)
  • CMSeeK (CMS detection and exploitation)
  • CMSmap (reconnaissance tool for popular CMS frameworks)
  • Dagda (vulnerability scanner for Docker containers)
  • Glastopf (honeypot)
  • Intrigue Core (attack surface discovery)
  • Jackhammer (collaboration tool)
  • LFI Suite (LFI scanner and exploiter)
  • OpenVAS (vulnerability scanner)
  • Pocsuite (vulnerability testing and development framework)
  • Pompem (find exploits)
  • Safety (vulnerability scanner for software dependencies)
  • Spaghetti (web vulnerability scanner)
  • VScan (vulnerability scanner with Nmap and NSE)
  • Vuls (agentless vulnerability scanner)
  • arch-audit (detection of vulnerable packages on Arch Linux)
  • detectem (software enumeration)
  • graudit (static code analysis tool)
  • salt-scanner (Linux vulnerability scanner)
  • vFeed (vulnerability database and query engine)
  • vulnerability-alerter (retrieve vulnerability data from NIST)
  • vulnerable-node (vulnerable application)
  • vulnix (vulnerability scanner for NixOS)
  • w3af (web application attack and audit framework)