Vulnerability Assessment Tools

CIS Benchmarks Audit

A standalone Python script that audits system configurations against CIS Hardening Benchmarks to assess compliance readiness without requiring installation or dependencies.

Ansible Collection - devsec.hardening

A collection of Ansible roles for hardening various systems and services

ThreatMapper

A runtime threat management and attack path enumeration tool for cloud-native environments

Crashwalk

A Go-based crash analysis tool that processes and reproduces crash files from fuzzing tools like AFL with multiple debugging engines and output formats.

Linux Soft Exploit Suggester

Script to find exploits for vulnerable software packages on Linux systems using an exploit database.

CVE Ape

CVE Ape is an open source tool that creates a local CVE database from the National Vulnerability Database for offline vulnerability searching by package name, vendor, or OS components.

is-my-node-vulnerable

Check for known vulnerabilities in your Node.js installation.

PlumHound

PlumHound is a reporting engine that converts BloodHoundAD's Neo4J queries into operational security reports for analyzing Active Directory vulnerabilities and attack paths.

Linux Exploit Suggester

Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.

Windows Exploit Suggester

Compares target's patch levels against Microsoft vulnerability database and detects missing patches.

Android Vulnerability Test Suite

A tool that showcases the attack surface of a given Android device, highlighting potential vulnerabilities and security risks.

DueDLLigence

An open-source tool that automates the detection and analysis of DLL hijacking vulnerabilities in Windows applications, providing detailed reports and remediation guidance.