Hourly updated database of exploit and exploitation reports

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!

Vulnerable API for educational purposes

Report writing and vulnerability management platform.

A CLI tool to scan and fix your project's open-source vulnerabilities using Seal packages.

Snyk CLI scans and monitors your projects for security vulnerabilities.

CVE.ICU code.

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

OSS-Fuzz - continuous fuzzing for open source software.

Pentest Report Generator

Gather and update all available and newest CVEs with their PoC.

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

It's a Docker Environment for Pentesting which having all the required tool for VAPT.

Anchore container analysis and scan provided as a GitHub Action

Command line interface for the Phylum API