Security scanner for MCP servers

MCP-Shield scans your installed MCP (Model Context Protocol) servers and detects vulnerabilities like tool poisoning attacks, exfiltration channels and cross-origin escalations.

GLPI vulnerabilities checking tool.

glpwnme is a tool used to check for vulnerabilities on running instance of glpi.

Related contents:

• Lors de mes audits et tests d’intrusion, je tombe très souvent sur des environnements GLPI… et bien souvent, c’est mal géré ! @ Hamza Kondah's LinkedIn .

Fuzzowski-based OPCUA fuzzer.

Fuzzing should never be conducted on production equipment or systems. This testing technique can cause unexpected behavior, system crashes, data corruption, or security vulnerabilities. Always perform fuzzing in a controlled, isolated environment to ensure the safety and stability of production systems.

FuzzySully is an OPC UA fuzzer built upon Fuzzowski. It is a specialized testing tool designed to identify vulnerabilities and bugs in OPC UA (Open Platform Communications Unified Architecture) implementations. These fuzzers typically operate by generating and sending a large number of malformed or unexpected messages to an OPC UA server or client, with the goal of triggering unexpected behavior or crashes.

Related contents:

• L’ANSSI partage en open source un outil de test du protocole industriel OPC UA @ Agence nationale de la sécurité des systèmes d'information .

Ollama Automated Security Intelligence Scanner.

An AI-powered security auditing tool that leverages Ollama models to detect and analyze potential security vulnerabilities in your code.

Advanced code security analysis through the power of AI

Related contents:

• OASIS - Sécurisez votre code avec l'IA et Ollama @ Korben .

Validate the isolation posture of your container environment.

Am I Isolated is a security posture benchmarking tool.

It evaluates a given runtime environment and attempts to look for things which may be a security problem, as well as providing suggestions for solving the security problem.

the LLM vulnerability scanner. Generative AI Red-teaming & Assessment Kit

garak checks if an LLM can be made to fail in a way we don't want. garak probes for hallucination, data leakage, prompt injection, misinformation, toxicity generation, jailbreaks, and many other weaknesses. If you know nmap, it's nmap for LLMs.

AcSecurity is a Python module designed to scan applications for common security vulnerabilities. It checks for hardcoded secrets, dependency vulnerabilities, and code quality issues.

Security tool against dependency typosquatting attacks.

Twyn is a security tool that compares the name of your dependencies against a set of the most popular ones, in order to determine if there is any similarity between them, preventing you from using a potentially illegitimate one. In short, Twyn protects you against typosquatting attacks.

Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets .

sastsweep is a tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such as popularity and project size, enabling targeted vulnerability research. It automatically detects potential vulnerabilities using semgrep and provides a streamlined HTML report, allowing researchers to quickly drill down to the affected portion of the codebase.

A tool for finding security issues in GitHub Actions setups.

• zizmor @ GitHub.

Penelope Shell Handler.

Penelope is a shell handler designed to be easy to use and intended to replace netcat when exploiting RCE vulnerabilities. It is compatible with Linux and macOS and requires Python 3.6 or higher. It is a standalone script that does not require any installation or external dependencies, and it is intended to remain this way.

Zero shot vulnerability discovery using LLMs. A tool to identify remotely exploitable vulnerabilities using LLMs and static code analysis.

Vulnhuntr leverages the power of LLMs to automatically create and analyze entire code call chains starting from remote user input and ending at server output for detection of complex, multi-step, security-bypassing vulnerabilities that go far beyond what traditional static code analysis tools are capable of performing.

The firmware security analyzer.

EMBA is designed as the central firmware analysis and SBOM tool for penetration testers, product security teams, developers and responsible product managers. It supports the complete security analysis process starting with firmware extraction, doing static analysis and dynamic analysis via emulation, building the SBOM and finally generating a web report. EMBA automatically discovers possible weak spots and vulnerabilities in firmware. Examples are insecure binaries, old and outdated software components, potentially vulnerable scripts, or hard-coded passwords. EMBA is a command line tool with the possibility to generate an easy-to-use web report for further analysis.

API Security Vulnerability Scanner designed to help you secure your APIs.

Your First Line of Defense in API Security. Scan your APIs for vulnerabilities with VulnAPI.

Help developers and security professionals quickly and efficiently scan their APIs for security vulnerabilities and weaknesses.

• VulnAPI @ GitHub

Octoscan is a static vulnerability scanner for GitHub action workflows.

• action octoscan @ GitHub.

Free and open-source vulnerability scanner.

Mageni is an open source vulnerability management platform. Mageni provides a faster, enjoyable, and leaner vulnerability management experience for modern cybersecurity programs.

• Mageni @ GitHub.

A fast and customisable vulnerability scanner powered by simple YAML-based templates.

• Nuclei @ GitHub.
• Nuclei Templates homepage (Nuclei Templates @ GitHub).
• Nuclei: The Ultimate Guide to Fast and Customizable Vulnerability Scanning @ InfoSec Write-ups' Medium.
• Simplifying XSS Detection with Nuclei - A New Approach @ ProjectDiscovery Blog.

Check for free whether your Laravel website is safe or vulnerable before others do!

This is a free tool to all who wants to optimize and check the security on their Laravel website
While there are many security scanners out there, we thought that one was missing. That’s why we made this vulnerability scanner that focus specific on Laravel websites. We focused on known Laravel vulnerabilities, and made the scanner focus on them.

• In Depth: Pentesting Laravel part 1 - Passive Scans @ Securing Laravel.

Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.

Mantis is a command-line framework designed to automate the workflow of asset discovery, reconnaissance, and scanning. It takes the top-level domains as input, then seamlessly progresses to discovering corresponding assets, including subdomains and certificates. The tool performs reconnaissance on active assets and concludes with a comprehensive scan for vulnerabilities, secrets, misconfigurations and phishing domains - all powered by a blend of open-source and custom tools.

• Mantis @ GitHub.

The OSTE meta scanner is a comprehensive web vulnerability scanner that combines multiple DAST scanners, including Nikto Scanner, OWASP ZAP, Nuclei, SkipFish, and Wapiti.