# Template-Based CVE Vulnerability Scanners > Search results for `template-based scanner for finding known CVEs at scale` on awesome-repositories.com. 119 total matches; showing the first 50. Explore on the web: https://awesome-repositories.com/q/template-based-scanner-for-finding-known-cves-at-scale **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [this search on awesome-repositories.com](https://awesome-repositories.com/q/template-based-scanner-for-finding-known-cves-at-scale).** ## Results - [aws/aws-cdk](https://awesome-repositories.com/repository/aws-aws-cdk.md) (12,817 ⭐) — The AWS Cloud Development Kit is an infrastructure-as-code framework that enables developers to define and provision cloud resources using familiar programming languages. By utilizing construct-based synthesis, it translates high-level, object-oriented code into declarative templates, allowing for the automated management of complex cloud environments through a centralized, code-driven control plane. The framework distinguishes itself through its ability to model infrastructure as a dependency-aware resource graph, ensuring that components are provisioned and updated in the correct order. It - [idno/known](https://awesome-repositories.com/repository/idno-known.md) (1,117 ⭐) — A social publishing platform. - [apache/superset](https://awesome-repositories.com/repository/apache-superset.md) (73,451 ⭐) — Superset is a web-based business intelligence platform designed for data exploration, visualization, and interactive dashboarding. It functions as a query-driven analytics engine that connects to various SQL databases, allowing users to perform ad-hoc analysis, define virtual metrics, and build complex data visualizations through a centralized interface. The platform distinguishes itself through a robust semantic layer that transforms raw database schemas into calculated columns and virtual metrics, enabling consistent business logic across an organization. It features a plugin-based visualiz - [projectdiscovery/subfinder](https://awesome-repositories.com/repository/projectdiscovery-subfinder.md) (13,105 ⭐) — Subfinder is a security reconnaissance framework designed for subdomain enumeration and attack surface management. It functions as a discovery engine that identifies and maps internet-exposed infrastructure, cloud-hosted assets, and network ranges to maintain a comprehensive inventory of an organization's digital footprint. The project distinguishes itself through a modular, template-driven scanning engine that executes security checks against discovered assets. It leverages cloud-native asset discovery to query provider APIs and infrastructure metadata, while supporting distributed agent orc - [florinpop17/app-ideas](https://awesome-repositories.com/repository/florinpop17-app-ideas.md) (95,036 ⭐) — App-ideas is a development platform that integrates autonomous AI agents into local environments to orchestrate code review, automated fix application, and workflow management. It functions as a command-line interface that connects external AI assistants to your codebase, enabling iterative development cycles through plugin-based integration and natural language triggers. The platform distinguishes itself through a robust static analysis engine that traverses syntax trees to enforce structural coding standards and identify violations. Users can define custom review rules, architectural prefer - [projectdiscovery/naabu](https://awesome-repositories.com/repository/projectdiscovery-naabu.md) (5,766 ⭐) — Naabu is a port scanner library and tool that probes hosts for open ports using SYN, CONNECT, and UDP methods to identify active services. It functions as a Go library for embedding port scanning into programs, and as a standalone tool that accepts targets as hostnames, IP addresses, CIDR ranges, or ASN numbers. The tool discovers live hosts before scanning, filters ports by range or top lists, and can integrate with Nmap for service version detection. The project distinguishes itself through its SYN-based port probing approach that sends TCP SYN packets and analyzes responses without complet - [rhinosecuritylabs/cves](https://awesome-repositories.com/repository/rhinosecuritylabs-cves.md) (897 ⭐) - [projectdiscovery/nuclei](https://awesome-repositories.com/repository/projectdiscovery-nuclei.md) (29,189 ⭐) — Nuclei is a modular security scanning framework designed for automated vulnerability detection and infrastructure reconnaissance. It functions as a template-driven engine that executes security checks across diverse network protocols, allowing users to define custom detection logic to identify vulnerabilities, misconfigurations, and exposed assets. The platform distinguishes itself through its highly extensible architecture, which supports distributed scanning, headless browser automation for dynamic web content, and out-of-band interaction monitoring to detect blind vulnerabilities. It integ - [inverse-scaling/prize](https://awesome-repositories.com/repository/inverse-scaling-prize.md) (621 ⭐) — A prize for finding tasks that cause large language models to show inverse scaling - [binwiederhier/ntfy](https://awesome-repositories.com/repository/binwiederhier-ntfy.md) (30,790 ⭐) — ntfy is a self-hosted messaging infrastructure that provides a lightweight platform for sending and receiving real-time notifications. It functions as a topic-based pub-sub server, allowing users to publish and subscribe to message channels using standard HTTP requests. By bridging server-side events with native mobile and desktop clients, it enables the delivery of alerts across various environments through a unified communication layer. The project distinguishes itself by offering a complete, private notification ecosystem that includes persistent message caching and robust access control. - [projectdiscovery/nuclei-templates](https://awesome-repositories.com/repository/projectdiscovery-nuclei-templates.md) (12,518 ⭐) — Nuclei-templates is a security automation framework and vulnerability scanning library designed for the continuous assessment of distributed infrastructure. It functions as a collection of structured configuration files that define how to identify security flaws and misconfigurations across web applications and network services. The project utilizes a declarative domain-specific language to decouple detection logic from the underlying execution engine. This approach allows for the creation of modular, protocol-agnostic scanning rules that can be updated independently of the core software. By - [portswigger/wordpress-scanner](https://awesome-repositories.com/repository/portswigger-wordpress-scanner.md) (75 ⭐) — Find known vulnerabilities in WordPress plugins and themes using Burp Suite proxy. - [facebook/sapling](https://awesome-repositories.com/repository/facebook-sapling.md) (6,885 ⭐) — Sapling is a scalable version control system designed to handle repositories with millions of files and commits, making it suitable for large monorepos. It reads and writes Git repositories natively, maintaining full interoperability with Git remotes and standard workflows, and provides an interactive commit graph for exploring repository history and state. The system uses a bookmark-based branching model that eliminates named branches in favor of lightweight, movable labels for commits. It tracks how each commit was created, amended, rebased, or split through commit-graph-based mutation trac - [astral-sh/ruff](https://awesome-repositories.com/repository/astral-sh-ruff.md) (48,177 ⭐) — Ruff is a high-performance static analysis and code formatting tool designed for Python. Built in Rust, it functions as a comprehensive engine that scans source code to detect programming errors, security vulnerabilities, and deviations from established coding standards. By parsing source code into a structured tree representation, it provides both automated linting and style enforcement across entire projects. The tool distinguishes itself through its speed and deep integration into the development lifecycle. It utilizes parallelized file processing to maximize throughput on large codebases - [bearer/bearer](https://awesome-repositories.com/repository/bearer-bearer.md) (2,566 ⭐) — Bearer is a static analysis security testing tool and privacy compliance auditor. It identifies security vulnerabilities, hard-coded secrets, and privacy risks in source code through static analysis and data flow tracing. The tool distinguishes itself by tracking the movement of sensitive data through code to identify leaks and by mapping personal and health-related information flows to generate evidence for privacy impact assessments. It also provides differential scanning for pull requests and uses fingerprint-based suppression to exclude known false positives from reports. The platform co - [introlab/find-object](https://awesome-repositories.com/repository/introlab-find-object.md) (477 ⭐) — Find-Object project - [bblanchon/arduinojson](https://awesome-repositories.com/repository/bblanchon-arduinojson.md) (7,176 ⭐) — ArduinoJson is a C++ library for parsing and manipulating JSON data and MessagePack binary streams on microcontrollers with limited memory and processing power. It provides the core primitives necessary for embedded data serialization and parsing, enabling devices to exchange structured data over serial or network interfaces. The library is distinguished by its focus on microcontroller memory management, employing strategies such as pool-based allocation, string deduplication, and non-owning string views to minimize RAM usage. It further optimizes for constrained environments by allowing cons - [gouravaich/finding-donors-for-charity](https://awesome-repositories.com/repository/gouravaich-finding-donors-for-charity.md) (1 ⭐) — Apply supervised machine learning techniques and an analytical mind on data collected for the U.S. census to help CharityML (a fictitious charity organization) identify people most likely to donate to their cause - [hahwul/dalfox](https://awesome-repositories.com/repository/hahwul-dalfox.md) (4,846 ⭐) — Dalfox is an automated web application security tool specifically designed for discovering and verifying cross-site scripting vulnerabilities. It functions as an XSS vulnerability scanner that analyzes HTTP parameters and DOM structures to identify reflected, stored, and blind injection points. The project distinguishes itself by providing a Model Context Protocol server and a REST API, allowing artificial intelligence agents and remote interfaces to trigger and manage security scans programmatically. It utilizes a payload mutation engine and fingerprinting strategies to execute WAF evasion t - [alecthomas/kong](https://awesome-repositories.com/repository/alecthomas-kong.md) (2,976 ⭐) — Kong is a declarative command line interface framework and parser for Go. It maps flags and positional arguments directly into typed Go structures using struct tags, allowing developers to define terminal interfaces through data models rather than manual parsing logic. The project functions as a configuration mapper that populates Go structures from a combination of command-line arguments, environment variables, and JSON files. It distinguishes itself by providing a dependency injection container to pass external services into command handlers and a plugin architecture for dynamic command reg - [continuedev/continue](https://awesome-repositories.com/repository/continuedev-continue.md) (33,716 ⭐) — Continue is an automated code review platform that integrates AI agents directly into the software development lifecycle. By executing custom validation rules against pull request diffs, it provides immediate feedback through repository status checks, allowing teams to enforce quality, security, and documentation standards before manual review begins. The system distinguishes itself through a file-based configuration model where validation logic is defined in version-controlled markdown files. These files act as system prompts that guide autonomous agents in evaluating code changes. This appr - [tylermcginnis/re-base](https://awesome-repositories.com/repository/tylermcginnis-re-base.md) (2,102 ⭐) — Questions? Find me on twitter at @tylermcginnis - [balena-io/etcher](https://awesome-repositories.com/repository/balena-io-etcher.md) (33,872 ⭐) — Etcher is a cross-platform utility designed for creating bootable media by flashing raw disk images onto USB drives and SD cards. It functions as a desktop application that provides a graphical interface for low-level storage device management, ensuring data integrity through built-in validation during the writing process. The application utilizes a unified interface layer to map high-level commands to native system utilities, allowing it to operate consistently across different operating systems. It employs a stream-based data pipeline to pipe image contents directly to storage media, which - [pycqa/bandit](https://awesome-repositories.com/repository/pycqa-bandit.md) (8,092 ⭐) — Bandit is a static analysis security testing tool and vulnerability detection scanner for Python source code. It functions as a security-focused linter and static analyzer that identifies common vulnerabilities and architectural flaws without executing the program. The tool utilizes an abstract syntax tree to analyze code patterns and identifies risky function calls or insecure configurations. It employs a plugin-based rule engine to decouple scanning logic from individual security checks and supports configuration-driven filtering to exclude specific files or ignore certain warnings. The sy - [sindresorhus/find-up](https://awesome-repositories.com/repository/sindresorhus-find-up.md) (640 ⭐) — Find a file or directory by walking up parent directories - [base/base-mcp](https://awesome-repositories.com/repository/base-base-mcp.md) (348 ⭐) — A Model Context Protocol (MCP) server that provides onchain tools for LLMs, allowing them to interact with the Base network and Coinbase API. - [elastic/elasticsearch](https://awesome-repositories.com/repository/elastic-elasticsearch.md) (77,012 ⭐) — Elasticsearch is a distributed search engine and document store designed for the high-performance indexing and retrieval of massive volumes of unstructured data. It functions as a centralized analytics platform, providing a schema-flexible architecture that organizes information into searchable indices while maintaining global cluster state through a distributed consensus mechanism. The platform distinguishes itself through its integrated approach to observability, security, and advanced analytics. It combines full-text, vector, and hybrid search capabilities with machine learning-driven insi - [aquasecurity/trivy](https://awesome-repositories.com/repository/aquasecurity-trivy.md) (36,462 ⭐) — Trivy is a comprehensive security scanner designed to identify vulnerabilities and misconfigurations across container images, filesystems, and infrastructure as code files. It functions as a software composition analysis tool and an infrastructure security scanner, providing automated checks for CI/CD pipelines and cloud environments to ensure the integrity of the software supply chain. The tool distinguishes itself through a modular, plugin-based architecture that allows for the independent inspection of diverse targets. It utilizes a declarative policy engine to evaluate configurations agai - [davila7/claude-code-templates](https://awesome-repositories.com/repository/davila7-claude-code-templates.md) (20,933 ⭐) — Claude Code Templates is a comprehensive framework for orchestrating specialized AI agents and automating development workflows within local environments. It provides a structured system for defining, configuring, and deploying AI personas that handle specific technical tasks, ranging from backend architecture and frontend implementation to security auditing and infrastructure management. The project distinguishes itself through a configuration-driven approach that allows teams to standardize development environments and share reusable agent definitions across projects. It includes a robust C - [koalaman/shellcheck](https://awesome-repositories.com/repository/koalaman-shellcheck.md) (39,574 ⭐) — This project is a static analysis tool and linter designed to improve the quality, reliability, and portability of shell scripts. By performing deep structural analysis, it identifies common programming pitfalls, syntax errors, and security vulnerabilities before scripts are executed. It functions as an automated code reviewer that enforces best practices and helps developers maintain consistent, robust code across different operating environments. The tool distinguishes itself through its dialect-aware grammar resolution, which adapts its parsing logic based on the specific shell interpreter - [alexk111/hd-wallet-scanner](https://awesome-repositories.com/repository/alexk111-hd-wallet-scanner.md) (35 ⭐) — HD Wallet Scanner Find all used addresses in your Bitcoin HD Wallets bypassing gap limits - [awesomedata/awesome-public-datasets](https://awesome-repositories.com/repository/awesomedata-awesome-public-datasets.md) (75,979 ⭐) — This project is a community-maintained, open-access directory of high-quality public datasets. It serves as a centralized reference point for researchers, developers, and data scientists to locate reliable information sources across a wide spectrum of industries and scientific fields. By providing a structured index, the repository facilitates the discovery of data necessary for exploratory analysis, machine learning model training, and the development of data-intensive applications. The directory distinguishes itself through a lightweight, platform-agnostic approach to resource indexing that - [presidentbeef/brakeman](https://awesome-repositories.com/repository/presidentbeef-brakeman.md) (7,248 ⭐) — Brakeman is a static analysis security tool and scanner specifically designed for Ruby on Rails source code. It identifies common security vulnerabilities, such as injection and cross-site scripting, by analyzing the application codebase without executing the application. The tool functions as a security auditor that detects mass assignment risks and template vulnerabilities. It evaluates the final output of rendered views and identifies unrestricted assignment patterns that could allow unauthorized modification of model attributes. The system provides vulnerability management through the us - [portswigger/upload-scanner](https://awesome-repositories.com/repository/portswigger-upload-scanner.md) (419 ⭐) — HTTP file upload scanner for Burp Proxy - [curl/curl](https://awesome-repositories.com/repository/curl-curl.md) (42,214 ⭐) — Curl is a command-line tool and portable library for transferring data across a wide range of network protocols. It functions as a unified engine that abstracts diverse communication standards, allowing users and developers to move files and information between servers using a consistent interface. The project provides both a versatile command-line client for terminal-based automation and a stable programmatic interface for integrating complex network operations into applications. The system is distinguished by its protocol-agnostic core and its ability to manage both synchronous and asynchro - [gitlabhq/gitlabhq](https://awesome-repositories.com/repository/gitlabhq-gitlabhq.md) (24,433 ⭐) — This project is a Git DevOps platform and repository manager providing a complete toolset for hosting Git repositories, managing project tasks, and automating software delivery pipelines. It functions as a self-hosted version control system with integrated access controls, an issue tracker for project management, and a CI/CD pipeline orchestrator. The platform distinguishes itself by integrating DevSecOps capabilities, specifically a security scanner designed to detect secret leaks and API keys during the code review process. It coordinates the entire DevOps lifecycle, linking version control - [0x4d31/salt-scanner](https://awesome-repositories.com/repository/0x4d31-salt-scanner.md) (262 ⭐) — A linux vulnerability scanner based on Vulners Audit API and Salt Open, with Slack notifications and JIRA integration. - [vulnerscom/burp-vulners-scanner](https://awesome-repositories.com/repository/vulnerscom-burp-vulners-scanner.md) (897 ⭐) — Vulnerability scanner based on vulners.com search API - [cockroachdb/cockroach](https://awesome-repositories.com/repository/cockroachdb-cockroach.md) (32,207 ⭐) — Cockroach is a distributed SQL database designed to scale horizontally across multiple nodes while maintaining strict ACID compliance and global data consistency. It functions as a relational database engine that automatically partitions data into ranges, rebalancing them across a cluster to accommodate growing storage and throughput requirements. By utilizing a distributed consensus protocol, the system ensures that all nodes agree on the order of operations, providing fault tolerance and continuous availability even in the event of hardware failures. The system distinguishes itself through - [testssl/testssl.sh](https://awesome-repositories.com/repository/testssl-testssl-sh.md) (8,912 ⭐) — testssl.sh is a network security tool and SSL/TLS security scanner used to audit server configurations. It functions as a diagnostic utility that validates supported ciphers and protocols to identify cryptographic vulnerabilities and flaws in encrypted communication. The tool is available as both a command-line utility and a dockerized security scanner, allowing for execution in isolated environments without the need for local dependency installation. Its capabilities cover SSL configuration auditing and TLS server security analysis. The system exports scan results into structured reports a - [itering/scale.go](https://awesome-repositories.com/repository/itering-scale-go.md) (69 ⭐) — Scale Codec written by golang, reference from polkascan/py-scale-codec. - [analysis-tools-dev/static-analysis](https://awesome-repositories.com/repository/analysis-tools-dev-static-analysis.md) (14,389 ⭐) — This project is a comprehensive, curated directory of static analysis, linting, and security scanning utilities. It serves as a central resource for developers to discover, compare, and select tools based on specific programming languages, licensing models, and integration requirements. The directory distinguishes itself by providing deep metadata for each listed utility, including community-driven popularity rankings, maintenance status, and deployment methods. By aggregating these tools into a single searchable index, it enables teams to identify solutions for enforcing coding standards, ma - [clickhouse/clickhouse](https://awesome-repositories.com/repository/clickhouse-clickhouse.md) (48,229 ⭐) — ClickHouse is a high-performance, columnar analytical database designed for real-time query execution and large-scale data aggregation. It functions as a distributed data warehouse capable of processing petabytes of information, while also providing an embedded engine that integrates directly into applications for native query capabilities without external dependencies. The system is built to handle high-throughput ingestion and complex analytical workloads, delivering millisecond-level latency for interactive dashboards and operational monitoring. The platform distinguishes itself through ad - [coreos/clair](https://awesome-repositories.com/repository/coreos-clair.md) (11,011 ⭐) — Clair is a container vulnerability scanner that performs static analysis of container images to identify known security vulnerabilities. It functions as an analyzer for OCI and Docker images, indexing their contents to detect security risks and outdated packages without requiring the containers to be running. The tool identifies vulnerabilities by matching indexed container components against security databases to find common vulnerabilities and exposures. This process involves analyzing filesystem layers to track the provenance and versioning of packages across the image hierarchy. The proj - [aaif-goose/goose](https://awesome-repositories.com/repository/aaif-goose-goose.md) (49,637 ⭐) — Goose is an autonomous coding assistant and extensible AI agent framework designed to automate software development workflows. It functions as an orchestration engine that can install, execute, and test code, as well as manage local files and shell commands. The platform is model-agnostic, providing a flexible interface to connect with diverse cloud-based or self-hosted large language model providers. It distinguishes itself through a standardized context protocol for integrating external tools and extensions, and a recipe system that allows users to define and repeat complex, multi-step AI w - [netdiscover-scanner/netdiscover](https://awesome-repositories.com/repository/netdiscover-scanner-netdiscover.md) (385 ⭐) — Netdiscover, ARP Scanner (official repository) - [anchore/grype](https://awesome-repositories.com/repository/anchore-grype.md) (12,423 ⭐) — Grype is a command-line security scanner designed to identify known vulnerabilities within container images, filesystems, and software manifests. It functions as a software composition analysis tool that detects security flaws in application components and open-source libraries to support supply chain security. The tool distinguishes itself by reconstructing the final state of container images through layered filesystem inspection and normalizing diverse package formats into a unified dependency graph. It maintains a local cache of security advisories synchronized from multiple upstream sourc - [atuinsh/atuin](https://awesome-repositories.com/repository/atuinsh-atuin.md) (30,266 ⭐) — Atuin is a command-line tool that replaces standard shell history with a searchable, encrypted SQLite database. By hooking into shell initialization scripts, it provides an interactive, keyboard-driven interface for real-time command filtering and retrieval. The platform ensures data privacy through a client-side encryption layer, securing sensitive history and configuration data before it is synchronized across multiple machines. Beyond history management, Atuin functions as an executable documentation platform that enables teams to create and share interactive runbooks. These documents use - [capacitor-community/barcode-scanner](https://awesome-repositories.com/repository/capacitor-community-barcode-scanner.md) (446 ⭐) — Barcode Scanner @capacitor-community/barcode-scanner A fast and efficient (QR) barcode scanner for Capacitor. - [andresriancho/w3af](https://awesome-repositories.com/repository/andresriancho-w3af.md) (4,850 ⭐) — w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities in web applications. It functions as a vulnerability scanner that crawls targets to find injection points and a fuzzer used to discover hidden endpoints and test input validation. The project distinguishes itself by providing an intercepting HTTP proxy for capturing and modifying traffic, combined with a knowledge-base driven exploitation system. It enables the execution of security exploits to gain remote shell access and supports post-exploitation activities, such as routing