The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.

Automated point-in-time assessments across various platforms discover vulnerabilities, detecting defects, malware, and misconfigurations while employing scoring systems to help prioritize remediation efforts and providing tools for both experienced users and newcomers.

Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide.

SCAP is a line of standards managed by NIST. It was created to provide a standardized approach to maintaining the security of enterprise systems, such as automatically verifying the presence of patches, checking system security configuration settings, and examining systems for...

📈 Measure and control your application security state; 🔎 Scan your code, containers, web and mobile applications; 🔥 Remove duplicates, validate results, and create Jira tasks in seconds; 🕜 Save your engineers time and automate your processes; ? Self-hosted.

Dependency-Check is a utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities. Currently Java and .NET dependencies are supported.

The vFeed framework is an open source naming scheme concept that provides extra structured detailed third-party references and technical characteristics for a CVE entry through an extensible XML schema.

The goal of Retire.js is to help you detect use of a JavaScript library version with known vulnerabilities.

Intruder is a security monitoring platform for internet-facing systems.

Intruder provides an easy to use security solution which continually scans your digital assets, highlighting vulnerabilities and outlining remediation advice in simple terms.

Network Hotfix Scanner is a free advanced hotfix check utility that scans network computers for missing hotfixes and patches, and helps you download and install them. NetHotfixScanner gives you a quick look at the hotfixes and patches installed or missed on any remote computer...

The victims project provides a canonical database of known-vulnerable JAR files, along with tools to compare this database to Java applications in development, release and production environments.

TEQNIX is a platform with a number of tools and strategies for penetration testers, red teamers and secops. It promotes automation with scanners and utilities and also assist in a real-time attack situation.