6 repository-uri
Tools used to review, verify, and analyze identified security flaws to determine their potential impact.
Distinct from Vulnerability Analysis: None of the candidates cover the analytical review process of a scanner's findings; they focus on the exploits or the scanning itself.
Explore 6 awesome GitHub repositories matching security & cryptography · Vulnerability Analysis Tools. Refine with filters or upvote what's useful.
Acest proiect este un framework pentru descoperirea și remedierea autonomă a vulnerabilităților de securitate folosind agenți de tip large language model. Acesta funcționează ca un pipeline de cercetare în securitate care automatizează procesul de recunoaștere, descoperire a crash-urilor și analiză a exploatabilității pentru a identifica bug-uri software reproductibile. Sistemul se distinge prin utilizarea unui sandbox de agenți containerizat care restricționează ieșirea în rețea și accesul la sistemul de fișiere pentru a preveni compromiterea gazdei. Utilizează o buclă specializată de generare și validare a patch-urilor, care include testarea de re-atac adversarial, unde un agent nou încearcă să ocolească remedierile propuse cu noi input-uri pentru a asigura eficiența remedierii. Framework-ul acoperă o gamă largă de capabilități de securitate, inclusiv analiza statică a vulnerabilităților, partiționarea suprafeței de atac și construcția modelului de amenințare. Oferă instrumente pentru triajul vulnerabilităților prin clustering-ul semnăturilor de crash și deduplicare, precum și capacitatea de a executa migrări de cod la scară largă pentru a aplica remedieri sistemice în întregul codebase.
Runs a loop of reconnaissance and execution in a sandbox to verify if findings are reproducible crashes.
w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities in web applications. It functions as a vulnerability scanner that crawls targets to find injection points and a fuzzer used to discover hidden endpoints and test input validation. The project distinguishes itself by providing an intercepting HTTP proxy for capturing and modifying traffic, combined with a knowledge-base driven exploitation system. It enables the execution of security exploits to gain remote shell access and supports post-exploitation activities, such as routing
Provides integrated tools to review and verify identified security flaws and their potential impact.
This project is a diagnostic toolset used to scan CPU hardware and Linux kernel images to assess susceptibility to Spectre, Meltdown, and other transient execution vulnerabilities. It functions as a vulnerability scanner and security auditor designed to identify side-channel attack risks and verify the status of hardware-level security patches. The tool provides capabilities for both active system assessment and standalone kernel image security analysis. It evaluates the presence of security mitigations by analyzing CPU hardware and kernel configurations without requiring a running kernel or
Checks for side-channel attack vulnerabilities and the status of hardware-level security patches.
Dependency-Track is a software composition analysis tool and vulnerability management system designed to track dependencies and supply chain risk. It functions as a platform for ingesting and analyzing CycloneDX software bills of materials to identify known vulnerabilities and license compliance issues within third-party software components. The system distinguishes itself by mirroring external vulnerability databases locally to enable fast offline analysis and using VEX documents to differentiate between technical vulnerabilities and actual contextual risks. It also integrates with identity
Analyzes the impact of security flaws by matching vulnerability data against mirrored component inventories across projects.
Ethical-Hacking-Labs is a comprehensive cybersecurity training curriculum and lab suite designed for learning penetration testing, network analysis, and offensive security techniques. It provides a structured environment for practicing the full attack lifecycle, from initial reconnaissance and scanning to exploitation and post-compromise analysis. The project provides instructional materials and guided exercises that cover specific technical domains, including open source intelligence research and network security courseware. It includes a practical workbook for identifying system vulnerabili
Includes capabilities to analyze and categorize security flaws using industry standards like CVSS and CVE.
OSV is a distributed database and aggregator of open-source security advisories that uses a standardized vulnerability schema to track security flaws. It functions as a system for collecting and normalizing security data from diverse ecosystems into a single unified format, providing a web API for querying package vulnerabilities and submitting standardized records. The project distinguishes itself through a security advisory distribution service that supports bulk dataset exports via cloud storage buckets and incremental synchronization of security record updates. It also employs sandbox-bas
Executes bisections and impact analysis tasks in sandboxed containers to determine the scope of software vulnerabilities.