awesome-repositories.com
Blog
awesome-repositories.com

Descoperă cele mai bune repository-uri open source cu căutare AI.

ExploreazăCăutări recomandateAlternative open-sourceSoftware self-hostedBlogHartă site
ProiectDespreCum realizăm clasamentulPresăServer MCP
LegalConfidențialitateTermeni
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

6 repository-uri

Awesome GitHub RepositoriesVulnerability Analysis Tools

Tools used to review, verify, and analyze identified security flaws to determine their potential impact.

Distinct from Vulnerability Analysis: None of the candidates cover the analytical review process of a scanner's findings; they focus on the exploits or the scanning itself.

Explore 6 awesome GitHub repositories matching security & cryptography · Vulnerability Analysis Tools. Refine with filters or upvote what's useful.

Awesome Vulnerability Analysis Tools GitHub Repositories

Găsește cele mai bune repo-uri cu AI.Vom căuta cele mai potrivite repository-uri folosind AI.
  • anthropics/defending-code-reference-harnessAvatar anthropics

    anthropics/defending-code-reference-harness

    6,224Vezi pe GitHub↗

    Acest proiect este un framework pentru descoperirea și remedierea autonomă a vulnerabilităților de securitate folosind agenți de tip large language model. Acesta funcționează ca un pipeline de cercetare în securitate care automatizează procesul de recunoaștere, descoperire a crash-urilor și analiză a exploatabilității pentru a identifica bug-uri software reproductibile. Sistemul se distinge prin utilizarea unui sandbox de agenți containerizat care restricționează ieșirea în rețea și accesul la sistemul de fișiere pentru a preveni compromiterea gazdei. Utilizează o buclă specializată de generare și validare a patch-urilor, care include testarea de re-atac adversarial, unde un agent nou încearcă să ocolească remedierile propuse cu noi input-uri pentru a asigura eficiența remedierii. Framework-ul acoperă o gamă largă de capabilități de securitate, inclusiv analiza statică a vulnerabilităților, partiționarea suprafeței de atac și construcția modelului de amenințare. Oferă instrumente pentru triajul vulnerabilităților prin clustering-ul semnăturilor de crash și deduplicare, precum și capacitatea de a executa migrări de cod la scară largă pentru a aplica remedieri sistemice în întregul codebase.

    Runs a loop of reconnaissance and execution in a sandbox to verify if findings are reproducible crashes.

    Python
    Vezi pe GitHub↗6,224
  • andresriancho/w3afAvatar andresriancho

    andresriancho/w3af

    4,850Vezi pe GitHub↗

    w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities in web applications. It functions as a vulnerability scanner that crawls targets to find injection points and a fuzzer used to discover hidden endpoints and test input validation. The project distinguishes itself by providing an intercepting HTTP proxy for capturing and modifying traffic, combined with a knowledge-base driven exploitation system. It enables the execution of security exploits to gain remote shell access and supports post-exploitation activities, such as routing

    Provides integrated tools to review and verify identified security flaws and their potential impact.

    Pythonappseccross-site-scriptingscanner
    Vezi pe GitHub↗4,850
  • speed47/spectre-meltdown-checkerAvatar speed47

    speed47/spectre-meltdown-checker

    3,936Vezi pe GitHub↗

    This project is a diagnostic toolset used to scan CPU hardware and Linux kernel images to assess susceptibility to Spectre, Meltdown, and other transient execution vulnerabilities. It functions as a vulnerability scanner and security auditor designed to identify side-channel attack risks and verify the status of hardware-level security patches. The tool provides capabilities for both active system assessment and standalone kernel image security analysis. It evaluates the presence of security mitigations by analyzing CPU hardware and kernel configurations without requiring a running kernel or

    Checks for side-channel attack vulnerabilities and the status of hardware-level security patches.

    Shellcve-2017-5715cve-2017-5753cve-2017-5754
    Vezi pe GitHub↗3,936
  • dependencytrack/dependency-trackAvatar DependencyTrack

    DependencyTrack/dependency-track

    3,612Vezi pe GitHub↗

    Dependency-Track is a software composition analysis tool and vulnerability management system designed to track dependencies and supply chain risk. It functions as a platform for ingesting and analyzing CycloneDX software bills of materials to identify known vulnerabilities and license compliance issues within third-party software components. The system distinguishes itself by mirroring external vulnerability databases locally to enable fast offline analysis and using VEX documents to differentiate between technical vulnerabilities and actual contextual risks. It also integrates with identity

    Analyzes the impact of security flaws by matching vulnerability data against mirrored component inventories across projects.

    Javaappsecbill-of-materialsbom
    Vezi pe GitHub↗3,612
  • samsar4/ethical-hacking-labsAvatar Samsar4

    Samsar4/Ethical-Hacking-Labs

    3,397Vezi pe GitHub↗

    Ethical-Hacking-Labs is a comprehensive cybersecurity training curriculum and lab suite designed for learning penetration testing, network analysis, and offensive security techniques. It provides a structured environment for practicing the full attack lifecycle, from initial reconnaissance and scanning to exploitation and post-compromise analysis. The project provides instructional materials and guided exercises that cover specific technical domains, including open source intelligence research and network security courseware. It includes a practical workbook for identifying system vulnerabili

    Includes capabilities to analyze and categorize security flaws using industry standards like CVSS and CVE.

    ethical-hacking-labshackinglinux
    Vezi pe GitHub↗3,397
  • google/osv.devAvatar google

    google/osv.dev

    2,494Vezi pe GitHub↗

    OSV is a distributed database and aggregator of open-source security advisories that uses a standardized vulnerability schema to track security flaws. It functions as a system for collecting and normalizing security data from diverse ecosystems into a single unified format, providing a web API for querying package vulnerabilities and submitting standardized records. The project distinguishes itself through a security advisory distribution service that supports bulk dataset exports via cloud storage buckets and incremental synchronization of security record updates. It also employs sandbox-bas

    Executes bisections and impact analysis tasks in sandboxed containers to determine the scope of software vulnerabilities.

    Pythonsecuritysecurity-toolsvulnerability
    Vezi pe GitHub↗2,494
  1. Home
  2. Security & Cryptography
  3. Vulnerability Analysis Tools

Explorează sub-etichetele

  • Transient Execution AnalysisAnalyzing the impact and presence of side-channel attack vectors in hardware. **Distinct from Vulnerability Analysis Tools:** Analyzes the hardware-level transient execution flaws, whereas the candidate analyzes identified software flaws.