.svg){kind=icon}
#1 Active Directory security assessment community tool
Active Directory, Azure AD (now called Entra ID), and Okta vulnerabilities can give attackers virtually unrestricted access to your organization’s network and resources. Semperis built Purple Knight—a free AD, Azure AD, and Okta security assessment tool—to help you discover indicators of exposure (IoEs) and indicators of compromise (IoCs) in your hybrid AD environment. Download Purple Knight and dramatically reduce your AD attack surface today.
A vulnerability scanner for container images and filesystems.
Get Active Directory Security at 80% in 20% of the time.
PingCastle is an Active Directory vunerability and misconfiguration scanner.
Community Powered Vulnerability Scanner
Vulnerability scanner written in Go which uses the data provided by https://osv.dev.
Use OSV-Scanner to find existing vulnerabilities affecting your project's dependencies.
OSV-Scanner provides an officially supported frontend to the OSV database that connects a project’s list of dependencies with the vulnerabilities that affect them.
Trivy (pronunciation) is a comprehensive and versatile security scanner. Trivy has scanners that look for security issues, and targets where it can find those issues.
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more.
An Effortless Vulnerability Scanner.
Find your weaknesses, before the hackers do.
Intruder is an online vulnerability scanner that finds cyber security weaknesses in your digital infrastructure, to avoid costly data breaches.
AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.
The world's most widely used web app scanner. Free and open source. Actively maintained by a dedicated international team of volunteers.
The world's most advanced Open Source vulnerability scanner and manager
OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.
Nikto web server scanner.
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers.
It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.