Automatic SQL injection and database takeover tool

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Automated All-in-One OS Command Injection Exploitation Tool.

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

A Security Tool for Bug Bounty, Pentest and Red Teaming.

A high performance offensive security tool for reconnaissance and vulnerability scanning

File upload vulnerability scanner and exploitation tool.

A powerful browser crawler for web vulnerability scanners

EMBA - The firmware security analyzer

利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework

🆕 The Multi-Tool Web Vulnerability Scanner.

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

BinAbsInspector: Vulnerability Scanner for Binaries

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

CORS Misconfiguration Scanner