awesome-repositories.com
Blog
awesome-repositories.com

Entdecke die besten Open-Source-Repositories mit KI-gestützter Suche.

EntdeckenKuratierte SuchenOpen-Source-AlternativenSelf-hosted SoftwareBlogSitemap
ProjektÜber unsRanking-MethodikPresseMCP-Server
RechtlichesDatenschutzAGB
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

8 Repos

Awesome GitHub RepositoriesVulnerability Testing Tools

Utilities for identifying and testing security flaws in applications.

Distinguishing note: No candidates provided; fits under security.

Explore 8 awesome GitHub repositories matching security & cryptography · Vulnerability Testing Tools. Refine with filters or upvote what's useful.

Awesome Vulnerability Testing Tools GitHub Repositories

Finde die besten Repos mit KI.Wir suchen mit KI nach den am besten passenden Repositories.
  • dokploy/dokployAvatar von Dokploy

    Dokploy/dokploy

    34,901Auf GitHub ansehen↗

    Dokploy is a self-hosted platform-as-a-service designed to simplify the deployment and management of containerized applications and databases. It provides a centralized control plane that decouples administrative management from application workloads, allowing users to oversee infrastructure across multiple server nodes through a unified web interface or a command-line tool. The platform distinguishes itself through an extensive library of pre-configured application templates, enabling the rapid deployment of databases, identity providers, and various productivity or development tools. It sup

    Provides tools for testing and identifying cross-site scripting vulnerabilities.

    TypeScriptbackendbackupsdatabases
    Auf GitHub ansehen↗34,901
  • v1s1t0r1sh3r3/airgeddonAvatar von v1s1t0r1sh3r3

    v1s1t0r1sh3r3/airgeddon

    7,797Auf GitHub ansehen↗

    airgeddon is a bash-based wireless network audit suite and security toolkit for Linux. It serves as a framework for testing wireless vulnerabilities and verifying network configurations across various encryption standards, including WPA, WEP, and WPS. The project functions as an orchestration layer that integrates a collection of third-party wireless security tools. It features a modular approach to attack vectorization, coordinating tasks such as evil twin simulations with captive portals, WPA handshake interception, and the execution of WPS vulnerability tests. Its capabilities cover a bro

    Recovers network passwords by executing Pixie Dust, brute-force, or known-PIN attacks against WPS implementations.

    Shell
    Auf GitHub ansehen↗7,797
  • derv82/wifite2Avatar von derv82

    derv82/wifite2

    7,610Auf GitHub ansehen↗

    Wifite2 is an automated wireless network security auditor and password recovery suite. It coordinates multiple external auditing tools to scan for wireless networks and execute attacks to recover WEP, WPA, and WPS passwords. The project specializes in a variety of encryption attack vectors, including the interception of four-way handshakes and PMKID hash extraction for offline cracking. It provides dedicated capabilities for breaking legacy WEP encryption via fragmentation and packet replay, as well as recovering wireless keys through WPS PIN brute-force and Pixie-Dust attacks. The tool auto

    Tests wireless networks for weak setup pins using Pixie-Dust or online brute-force methods to recover network keys.

    Pythonwifi-crackerwifi-passwordwifi-security
    Auf GitHub ansehen↗7,610
  • snyk/cliAvatar von snyk

    snyk/cli

    5,428Auf GitHub ansehen↗

    The Snyk CLI is a command-line security scanner that detects known vulnerabilities across open-source dependencies, proprietary application code, container images, and infrastructure-as-code configuration files. It also serves as a platform management tool, allowing users to configure organizations, users, SSO, and reporting from the terminal rather than the web dashboard. The CLI integrates directly into development workflows, enabling scanning within IDEs, build pipelines, and version control systems. It implements static analysis with interfile data flow analysis to find complex security f

    Tests software bills of materials using PURL references to detect known vulnerabilities in listed packages.

    TypeScriptmonitorsecuritysnyk
    Auf GitHub ansehen↗5,428
  • jtesta/ssh-auditAvatar von jtesta

    jtesta/ssh-audit

    4,218Auf GitHub ansehen↗

    Dieses Projekt ist ein SSH-Sicherheitsaudit-Tool, das zur Analyse von Server- und Client-Konfigurationen entwickelt wurde. Es fungiert als kryptografischer Analysator, der Schlüsselaustausch-, MAC- und Verschlüsselungsalgorithmen bewertet, um schwache oder veraltete Primitive zu identifizieren und die Sicherheitskonformität sicherzustellen. Das Tool zeichnet sich dadurch aus, dass es einen Härtungsleitfaden mit plattformspezifischen Konfigurationsanweisungen und Algorithmus-Empfehlungen zur Behebung erkannter Schwachstellen bereitstellt. Es enthält zudem einen Denial-of-Service-Tester, der die Server-Resilienz gegen CPU-Erschöpfung und gleichzeitige Socket-Verbindungsangriffe misst. Breite Funktionen decken Sicherheitsaudits und Schwachstellentests ab, einschließlich der Validierung von Sicherheitsrichtlinien und der Identifizierung von Softwareversionen. Das Projekt führt zudem kryptografische Validierungen durch Diffie-Hellman-Modulus-Größentests durch und bewertet das Verhalten von Client-Software mittels listener-basierter Analyse.

    Measures how a server handles concurrent sockets to determine susceptibility to denial-of-service vulnerabilities.

    Python
    Auf GitHub ansehen↗4,218
  • jonaslejon/malicious-pdfAvatar von jonaslejon

    jonaslejon/malicious-pdf

    4,070Auf GitHub ansehen↗

    This project is a set of specialized utilities for generating malformed documents, obfuscating payloads, and crafting specific attack vectors to evaluate the resilience of security scanners. It functions as a PDF fuzzing framework and security testing tool designed to create PDF files with embedded payloads for verifying how document viewers and web applications handle vulnerabilities. The toolkit provides capabilities for encoding and hiding malicious content to test the detection effectiveness of security scanners. It includes a security payload generator for crafting specific attack vector

    Generates PDF files containing specific payloads to test how viewers handle common security vulnerabilities.

    Pythonbugbountybugbounty-toolpdf
    Auf GitHub ansehen↗4,070
  • dependencytrack/dependency-trackAvatar von DependencyTrack

    DependencyTrack/dependency-track

    3,612Auf GitHub ansehen↗

    Dependency-Track is a software composition analysis tool and vulnerability management system designed to track dependencies and supply chain risk. It functions as a platform for ingesting and analyzing CycloneDX software bills of materials to identify known vulnerabilities and license compliance issues within third-party software components. The system distinguishes itself by mirroring external vulnerability databases locally to enable fast offline analysis and using VEX documents to differentiate between technical vulnerabilities and actual contextual risks. It also integrates with identity

    Scans uploaded SBOMs against vulnerability intelligence sources to identify security risks and license issues.

    Javaappsecbill-of-materialsbom
    Auf GitHub ansehen↗3,612
  • ankit0183/wifi-hackingAvatar von ankit0183

    ankit0183/Wifi-Hacking

    2,561Auf GitHub ansehen↗

    This project is a wireless network security toolkit designed for monitoring wireless traffic and exploiting vulnerabilities in network authentication protocols. It provides a suite of tools for scanning networks, capturing authentication handshakes, and testing the security of wireless access points. The toolkit includes a password wordlist generator to create custom lists for offline key recovery and a handshake cracker to recover encrypted keys using brute-force methods. It also features a vulnerability scanner specifically for testing the security of the Wireless Protected Setup pin system

    Tests Wi-Fi Protected Setup implementations to recover network credentials.

    Pythoncrack-handshakehackathonhacking-tool
    Auf GitHub ansehen↗2,561
  1. Home
  2. Security & Cryptography
  3. Vulnerability Testing Tools

Unter-Tags erkunden

  • Connection-Based DoS TestingTesting of server resilience against high volumes of concurrent socket connections. **Distinct from Vulnerability Testing Tools:** Targets resource exhaustion via socket connection rates, unlike general application vulnerability tools.
  • SBOM Vulnerability TestersTests software bills of materials using PURL references to detect known vulnerabilities in listed packages. **Distinct from Vulnerability Testing Tools:** Distinct from Vulnerability Testing Tools: specifically tests SBOM documents using PURLs, not general application vulnerability testing.
  • WPS Vulnerability Testing1 Sub-TagSpecialized testing of Wi-Fi Protected Setup implementations to recover network credentials. **Distinct from Vulnerability Testing Tools:** Specifically targets WPS protocols rather than general application vulnerability testing.