.svg){kind=icon}
Over 100 forks of deliberately vulnerable web applications and APIs.
The World’s First Truly Open Threat Intelligence Community
BinDiff is a comparison tool for binary files, that assists vulnerability researchers and engineers to quickly find differences and similarities in disassembled code.
With BinDiff you can identify and isolate fixes for vulnerabilities in vendor-supplied patches. You can also port symbols and comments between disassemblies of multiple versions of the same binary or use BinDiff to gather evidence for code theft or patent infringement.
Vulnerable REST API with OWASP top 10 vulnerabilities for security testing.
VAmPI is a vulnerable API made with Flask and it includes vulnerabilities from the OWASP top 10 vulnerabilities for APIs. It was created as I wanted a vulnerable API to evaluate the efficiency of tools used to detect security issues in APIs. It includes a switch on/off to allow the API to be vulnerable or not while testing. This allows to cover better the cases for false positives/negatives. VAmPI can also be used for learning/teaching purposes. You can find a bit more details about the vulnerabilities in erev0s.com.
Protect your business, scale your security. Open Source Vulnerability Management Platform.
Security has two difficult tasks: designing smart ways of getting new information, and keeping track of findings to improve remediation efforts. With Faraday, you may focus on discovering vulnerabilities while we help you with the rest. Just use it in your terminal and get your work organized on the run. Faraday was made to let you take advantage of the available tools in the community in a truly multiuser way.
Faraday aggregates and normalizes the data you load, allowing exploring it into different visualizations that are useful to managers and analysts alike.
Lfi Scan Tool.
LFI Space is a robust and efficient tool designed to detect Local File Inclusion (LFI) vulnerabilities in web applications. This tool simplifies the process of identifying potential security flaws by leveraging two distinct scanning methods: Google Dork Search and Targeted URL Scan. With its comprehensive approach, LFI Space assists security professionals, penetration testers, and ethical hackers in assessing the security posture of web applications.
A distributed vulnerability database for Open Source.
An open, precise, and distributed approach to producing and consuming vulnerability information for open source.
Depuis 1999, l'équipe Vigil@nce veille les vulnérabilités publiques qui affectent votre parc informatique, puis propose des correctifs sécurité, une base et des outils pour y remédier.
Chaque personne du SOC choisit la liste des logiciels à surveiller. Dès que Vigil@nce publie une alerte pour l'un de ses logiciels, la personne reçoit un bulletin de vigilance, contenant une explication simple de la faille, ses correctifs et ses contre-mesures.
Vulnerability Database and Search Engine