Vulnerability Management and Vulnerability Detection Tools & Resources

Web Security

Security Scanning

Web App Security

Security Analysis

Javascript

Bima Scanner

An automated web application security scanner that evaluates JavaScript library vulnerabilities and HTTP security headers to assess website security posture.

1

Web Security

Security Scanning

+6

SecurityVulnerability.io

SecurityVulnerability.io simplifies the process of collecting, enriching, and presenting vulnerability information for both human and machine consumption.

0

Security Information

SecurityVulnerability.io

SecurityVulnerability.io simplifies the process of collecting, enriching, and presenting vulnerability information for both human and machine consumption.

0

+1

dom-red

A command-line script that tests multiple domains from a list for open redirect vulnerabilities and reports findings.

0

Cli

dom-red

A command-line script that tests multiple domains from a list for open redirect vulnerabilities and reports findings.

0

Open Redirect

Command Line Tool

+7

Eagle

A multithreaded vulnerability scanner for web-based applications

0

Web Application Security

Web Security

Eagle

A multithreaded vulnerability scanner for web-based applications

0

Web Application Security

+1

Git-Vuln-Finder

A tool that uses NLP and ML to identify potential software vulnerabilities from git commit messages

0

Natural Language Processing

Machine Learning

Open Source

Git

Software Security

Git-Vuln-Finder

A tool that uses NLP and ML to identify potential software vulnerabilities from git commit messages

0

Natural Language Processing

Machine Learning

+3

Retire.js

JavaScript library scanner and SBOM generator

0

Javascript

Retire.js

JavaScript library scanner and SBOM generator

0

Javascript

kube-hunter is a security scanning tool that identifies vulnerabilities and security weaknesses in Kubernetes clusters through automated assessment and provides detailed reporting with remediation guidance.

0

Kubernetes

Kubernetes Security

kube-hunter

kube-hunter is a security scanning tool that identifies vulnerabilities and security weaknesses in Kubernetes clusters through automated assessment and provides detailed reporting with remediation guidance.

0

Kubernetes

Kubernetes Security

+7

Nikto

Web server scanner for identifying security vulnerabilities.

0

Web App Security

Web Server

Security Audit

Nikto

Web server scanner for identifying security vulnerabilities.

0

Web App Security

Web Server

+2

DefectDojo

OWASP Project for making vulnerability management easier.

0

Collaboration

Owasp

DefectDojo

OWASP Project for making vulnerability management easier.

0

+2

Flan

A vulnerability scanner that helps you identify and fix vulnerabilities in your code

0

Security Testing

Penetration Testing

Flan

A vulnerability scanner that helps you identify and fix vulnerabilities in your code

0

Security Testing

+2

Nexus Repository Manager Dependency/Namespace Confusion Checker

A Python script that scans Nexus Repository Manager for artifacts with identical names across repositories to identify dependency confusion attack vulnerabilities.

0

Dependency Management

Software Supply Chain

Python

Package Security

Supply Chain Security

Dependency Scanning

Nexus Repository Manager Dependency/Namespace Confusion Checker

A Python script that scans Nexus Repository Manager for artifacts with identical names across repositories to identify dependency confusion attack vulnerabilities.

0

Dependency Management

Software Supply Chain

+6

Mana Security

Mana Security is a macOS-focused vulnerability management tool that continuously monitors 100+ applications for security vulnerabilities and tracks patching performance against community benchmarks.

0

Macos

Monitoring

Mac Security

Patch Management

Security Monitoring

Mana Security

Mana Security is a macOS-focused vulnerability management tool that continuously monitors 100+ applications for security vulnerabilities and tracks patching performance against community benchmarks.

0

Macos

+7

CVE Ape

CVE Ape is an open source tool that creates a local CVE database from the National Vulnerability Database for offline vulnerability searching by package name, vendor, or OS components.

0

CVE Ape

CVE Ape is an open source tool that creates a local CVE database from the National Vulnerability Database for offline vulnerability searching by package name, vendor, or OS components.

0

+7

Nessus Professional

Advanced vulnerability assessment tool for gaining visibility and preventing cyber attacks.

0

Attack Surface

Compliance

Nessus Professional

Advanced vulnerability assessment tool for gaining visibility and preventing cyber attacks.

0

+2

Zero Day Initiative Published Advisories

List of publicly disclosed vulnerabilities with security filters and detailed advisories.

0

Zero Day Initiative Published Advisories

List of publicly disclosed vulnerabilities with security filters and detailed advisories.

0

Clair

Clair is an open source static analysis tool that scans application containers for known vulnerabilities through API-based image indexing and matching.

0

Container Security

Static Analysis

Docker

Clair

Clair is an open source static analysis tool that scans application containers for known vulnerabilities through API-based image indexing and matching.

0

Container Security

Static Analysis

+7

Hakiri Toolbelt

A command line tool that automates vulnerability scanning of Ruby gems and Rails stack components by identifying CVE vulnerabilities in detected technology versions.

0

Ruby

Cli

Dependency Scanning

Automation

Application Security

Ruby On Rails

Hakiri Toolbelt

A command line tool that automates vulnerability scanning of Ruby gems and Rails stack components by identifying CVE vulnerabilities in detected technology versions.

0