Vulnerability Analysis

BED is a network protocol fuzzer designed to check daemons for potential buffer overflows, format strings, and similar vulnerabilities. It supports fuzzing various protocols like HTTP, FTP, and SMTP.

changeme is a default credential scanner that detects common default credentials missed by commercial vulnerability scanners. It allows easy addition of new credentials via yaml files without writing code.

Perl script that scans Cisco routers for common vulnerabilities. It performs password guessing and checks for known issues on targeted hosts.

Mass Cisco scanner for attempting to exploit Cisco devices across an IP range. It checks multiple IPs for vulnerabilities and logs results.

Fast tool to scan CRLF vulnerabilities written in Go. CRLFuzz scans for CRLF vulnerabilities in a fast way using Go.

Doona is a network fuzzer forked from the Bruteforce Exploit Detector Tool (BED), designed to check daemons for potential buffer overflows, format string bugs, and similar vulnerabilities. It supports fuzzing multiple network protocols using various modules.

DotDotPwn is a flexible intelligent fuzzer designed to discover directory traversal vulnerabilities in software such as HTTP/FTP/TFTP servers and web platforms like CMSs, ERPs, and Blogs.

exploitdb-papers provides the Exploit Database’s archive of papers and ezines. It offers searchable archives from The Exploit Database for research and reference.

Gitleaks is a SAST tool for detecting and preventing hardcoded secrets like passwords, API keys, and tokens in git repositories. It provides an easy-to-use solution for finding secrets, past or present, in code.

Grep rough audit is a source code auditing tool that uses grep to find potential security flaws. It offers a simple, flexible alternative to tools like RATS, SWAAT, and flaw-finder with minimal technical requirements.

Remote network security auditor metapackage that installs all required components for the Greenbone Vulnerability Manager, a modular tool for testing remote systems for vulnerabilities. Provides scripts to setup, start, and stop GVM services.

Heartbleed honeypot script that listens on TCP port 443 and responds with bogus SSL heartbeat responses. Detects and logs IPs attempting Heartbleed scans while rickrolling scanners.

Heartleech is a scanner that detects systems vulnerable to the Heartbleed OpenSSL bug and can download vulnerable data. It supports bulk downloads, private key retrieval, and various evasion and proxy features.

IPv6 assessment and troubleshooting tools suite for security testing of IPv6 networks and implementations. Includes tools for address scanning, fragmentation attacks, ICMPv6 manipulation, and blackhole detection.

LES is a Linux privilege escalation auditing tool that assesses kernel exposure to publicly known exploits and verifies kernel hardening security measures.

Fast and customizable vulnerability scanner based on simple YAML based DSL. Sends requests across targets using templates for zero false positives and fast scanning on large number of hosts.

PatchLeaks goes from a CVE number to the exact patched code and its vulnerability analysis. It compares two versions of a code-base, highlights lines changed by the vendor, and explains why they matter.

Pompem is an exploit and vulnerability finder that automates searches across major databases like PacketStorm, CXSecurity, ZeroDay, Vulners, NVD, and WPScan. It facilitates the work of pentesters, ethical hackers, and forensics experts by exporting results to HTML or text format.

SIP test suite designed to evaluate implementation level security and robustness of Session Initiation Protocol (SIP) implementations.

qsslcaudit tests SSL/TLS clients to determine if they handle connections securely. It checks for vulnerabilities in certificate trust, protocol support, and cipher strength.

Sara is an autonomous RouterOS configuration analyzer for finding security issues on MikroTik hardware. It performs security configuration audits and CVE audits on RouterOS devices.

sfuzz is a simple black box testing utility for fuzzing network services and protocols. It provides a flexible framework for generating and sending fuzz data to remote hosts.

SIP Army Knife is a fuzzer that searches for vulnerabilities in SIP systems. It detects cross-site scripting, SQL injection, log injection, format strings, buffer overflows, and more.

SIPPTS is a set of tools to audit SIP-based VoIP systems. It allows pentesters to check the security of VoIP servers using the SIP protocol.

SIPVicious is a suite of tools to audit SIP-based VoIP systems. It includes svmap for scanning SIP servers, svwar for identifying extensions, svcrack for password cracking, svreport for managing sessions, and svcrash for defense.

SlimToolkit optimizes containers by making them smaller, more secure, and providing advanced visibility. It offers commands like build, xray, and lint to simplify developer workflows with container images.

Spike is a network protocol fuzzer designed for analyzing new network protocols for buffer overflows and similar weaknesses. It is the professional tool of choice, producing unmatched results in the field.

SploitScan is a command-line tool to search for CVE information, fetch vulnerability data, and display public exploits for given CVE IDs. It supports exporting results to JSON, CSV, or HTML formats from major cybersecurity databases.

Tests SSL/TLS enabled services to discover supported cipher suites. Reports protocol versions, cipher suites, key exchanges, signature algorithms, and certificates to identify weak security parameters.

SSLyze is a fast and full-featured SSL/TLS scanner that analyzes server configurations by connecting to them. It helps identify misconfigurations affecting SSL servers.

CLI tool for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for vulnerability detection when used with a scanner like Grype.

Command line tool to check TLS/SSL ciphers, protocols and cryptographic flaws on servers. Checks support for TLS/SSL ciphers, protocols, recent cryptographic flaws and more.

THC-SSL-DOS is a stress tester for SSL handshake performance that exploits the asymmetric resource demands of SSL connections to overload servers.

Tiger is a set of Bourne shell scripts and C programs for security auditing and intrusion detection on Linux and Unix systems. It generates audit reports to identify ways the system's security can be compromised and supports periodic checks for deviations.

TLSSLed evaluates the security of target SSL/TLS (HTTPS) servers by checking for weak protocols, ciphers, and certificate issues. It is a shell script based on sslscan and openssl s_client.

Comprehensive and versatile security scanner for vulnerabilities, misconfigurations, secrets, and SBOM in containers, Kubernetes, code repositories, clouds, and more. Targets include container images, filesystems, Git repositories, virtual machine images, Kubernetes, and AWS.