Vulnerability Management Tools
Vulnerability management tools for security scanning, penetration testing, bug bounty programs, and vulnerability assessment.
Browse 662 vulnerability management tools
FEATURED
USE CASES
WeirdAAL is an open-source framework that provides tools and libraries for simulating attacks and testing security vulnerabilities in AWS environments.
Pacu is an open-source AWS exploitation framework designed for offensive security testing against cloud environments through modular attack capabilities.
A security assessment tool that identifies AWS IAM permissions by systematically testing API calls to determine the actual scope of access granted to specific credentials.
Dufflebag searches through public AWS EBS snapshots to identify accidentally exposed secrets and sensitive information.
Find leaked credentials by scanning repositories for high entropy strings.
MetaHub is an open-source vulnerability management tool that provides impact-contextual analysis of security findings in AWS environments through automated contextualization, ownership identification, and prioritization scoring.
A proof-of-concept toolkit for fingerprinting and exploiting Amazon Web Services cloud infrastructures using the boto library.
A shell script-based Unix security auditing tool that generates scored compliance reports based on CIS frameworks and provides lockdown capabilities with rollback functionality.
A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.
WordPress security scanner for identifying vulnerabilities in WordPress websites.
An exploitation framework for industrial security with modules for controlling PLCs and scanning devices.
A next-generation web scanner that identifies websites and recognizes web technologies, including content management systems, blogging platforms, and more.
A Python script for creating a cohesive and up-to-date penetration testing framework.
A comprehensive repository of payloads and bypass techniques for web application security testing and penetration testing across multiple platforms and attack vectors.
InternalBlue is a Bluetooth experimentation framework that enables low-level firmware interaction with Broadcom chips for security research and attack prototype development.
Ropper is a multi-architecture binary analysis tool that searches for ROP gadgets and displays information about executable files for exploit development.
Mass IP port scanner for Internet-scale scanning with high speed and flexibility.
Automate the search for Exploits and Vulnerabilities in important databases.
mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.
LinEnum is a tool for Linux enumeration that provides detailed system information and performs various checks and tasks.
A Ruby framework designed to aid in the penetration testing of WordPress systems.
Powerful PowerShell script for identifying missing software patches for local privilege escalation vulnerabilities.
Vulnerability Management Specializations
662 tools across 5 specializations · 309 free, 353 commercial
Bug Bounty Platforms
Bug bounty platforms that connect organizations with security researchers for crowdsourced vulnerability discovery and responsible disclosure.
Exposure Management
Exposure management solutions for identifying, prioritizing, and remediating security exposures across the entire attack surface.
Penetration Testing
Penetration testing tools and frameworks for manual security testing, exploit development, and vulnerability validation.
Vulnerability Management Tools FAQ
Common questions about Vulnerability Management tools, selection guides, pricing, and comparisons.
Vulnerability scanning is automated, runs continuously, and identifies known CVEs and misconfigurations across your infrastructure at scale. Penetration testing is manual, performed periodically (quarterly or annually), and involves skilled testers attempting to exploit vulnerabilities, chain findings, and demonstrate real-world impact. Scanning finds what is vulnerable; pen testing proves what is exploitable.
Prioritize based on exploitability and business impact, not just CVSS score. Consider: is there a known exploit in the wild (CISA KEV catalog), is the asset internet-facing, what data does it hold, and can the vulnerability be chained with others. Risk-based vulnerability management tools combine these factors to rank vulnerabilities by actual risk to your organization.
Vulnerability management focuses on identifying and patching software vulnerabilities (CVEs). Exposure management takes a broader view, encompassing vulnerabilities, misconfigurations, identity weaknesses, and attack path analysis to understand and reduce your overall exposure to attacks. It asks "how could an attacker reach our critical assets?" rather than just "what CVEs do we have?"
