Agent-less vulnerability scanner for Linux, FreeBSD, Container Image, Running Container, WordPress, Programming language libraries, Network devices

Vulnerability Static Analysis for Containers

A static analysis security vulnerability scanner for Ruby on Rails applications

Scalable fuzzing infrastructure.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Automated pentest framework for offensive security experts

快速搭建各种漏洞环境(Various vulnerability environment)

A list of web application security

scanner detecting the use of JavaScript libraries with known vulnerabilities

CLI and build-time tool to find & fix known vulnerabilities in open-source dependencies

finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

Centralize Vulnerability Assessment and Management for DevSecOps Team

cve-search - a tool to perform local searches for known vulnerabilities

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

Awesome Node.js Security resources

A service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification

a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities

Open-Source Security Architecture | 开源安全架构

Proof of Concept of ESP32/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588)

A collection where my current and future writeups for exploits/CTF will go

A vulnerable version of Rails that follows the OWASP Top 10

Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.

Examples of Solidity security issues

Linux Binary Exploitation

kernel privilege escalation enumeration and exploitation framework

🎅 The Multi-Tool Web Vulnerability Scanner.

Dependency-Track is an intelligent Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components.

Kubernetes security notes and best practices

🎖safely* install packages with npm or yarn by auditing them as part of your install process