Grafana scanner with all public CVEs that I collected in one script to make grafana testing easier

Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.

Public testing data. Samples of log4j library versions to help log4j scanners / detectors improve their accuracy for detecting CVE-2021-45046 and CVE-2021-44228. TAG_TESTING, OWNER_KEN, DC_PUBLIC

This project is automate the reconnaissance process or process of information gathering about the target domain or company which host bug bounty program. You can run this whole Virtual Private Server but since i don't have any so i dig and found that GitHub will provide 2000 minute/month for running workflow in their virtual machine, they provide windows, mac and ubuntu as Linux distribution, for testing purpose of the development, so we integrate testing phase directly in development process, So i have create custom scripts and workflow file which run install all the necessary tools and run the appropriate scripts, the work is done by this workflow is subdomain enumeration, dns resolution, reverse-dns resolve, port-scanning of all the hosts,findig virtual hosts, fuzzing for content discovery, and run nuclei which is template based scanner by project discovery is to scan the host for any CVE and common vulnerabilities, you can add custom template and custom scripts, and finally Discord integration, so when some work is done it will send message to discord webhook url configure in it. For further details view Repository.

🔍 Next.js RCE Scanner (CVE-2025-55182) - Automated vulnerability scanner using Zoomeye search engine. Discovers targets via dorks and tests for CVE-2025-55182 with parallel scanning capabilities.

CVE-2025-55182 security test kit: CLI scanner + Chrome extension + Nuclei templates + Docker lab.

A scanner and testter of the CVE-2025-11001 of 7-zip

Vulnerable Docker images created in different ways to check Docker image CVE scanners

A modular, terminal-based Python framework for professional penetration testing — covering OSINT, DNS recon, network scanning, CVE intelligence, and automated report generation. python pentesting osint recon cve cli network-scanner security-tools dns-enumeration penetration

Advanced Web & API Vulnerability Scanner that detects XSS, SQLi, SSRF, IDOR, Command Injection, XXE, and more. Includes smart crawling, CVE detection, API testing, security header analysis, and generates HTML/JSON reports. Fast, automated, and ideal for bug bounty hunters and security professionals.

This little python pentesting script helps to find PoC Exploit code for CVEs. It's great for taking detections from vuln scanners like Nessus and actually finding something to testing the exploitability. It scrapes directly for NVD as well as providing GoogleDorks for possible github code.

Scanners List - Microsoft Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796)

CVE-Scanner A modular CVE (common vulnerabilities and rates) scanning tool designed for education, research, and authorized penetration testing. It provides real-time CVE queries via the NVD API, and service-free and information gathering capabilities using network tools such as nmap, shodan, whois, and traceroute. It offers a simple CLI İnterface

Nuclei is an open-source vulnerability scanner that automates security testing using customizable YAML-based templates. It efficiently detects CVEs, misconfigurations, and exposures in web apps, APIs, and networks, making it ideal for penetration testing, bug bounty hunting, and security automation.

Penetration testing toolkit — port scanner, cipher cracker, home lab exploits and CVE writeups

Commvault CVE-2025-34028 endpoint scanner using Nmap NSE. For ethical testing and configuration validation.

Lightweight Vulnerability / CVE Scanner built in Python using Nmap and CIRCL CVE API. Performs service detection, banner grabbing, CVE matching, and generates structured JSON vulnerability reports. Designed for educational and ethical security testing.

Python vulnerability and reconnaissance scanner that performs port scanning, banner grabbing, and CVE checks for educational and authorized testing.

A Python-based Joomla security scanner for plugin detection, template discovery, version check, CVE lookup, brute-force testing, and SQLi/LFI scanning.

MCP server security scanner — tests against clause-compliance vulnerabilities (arxiv 2603.10163), CVE-2026-26118, and common MCP security gaps

AI powered automated vulnerability scanner & penetration testing tool. Integrates OWASP ZAP, Nmap, Nuclei & on-device AI for risk analysis, CVE scoring, and professional PDF reports.

Advanced network vulnerability scanner — multi-threaded TCP port scanner, banner grabbing, 30+ service signatures, 22+ embedded CVEs, live NVD API integration, and auto-generated triage reports. Pure Python 3, zero dependencies. Educational & authorized testing only.

Educational Python vulnerability scanner with threaded port scanning, banner grabbing, HTTP checks, JWT analysis, and a local CVE database. Safe for learning and authorized testing only.

WP-Guardian is an advanced WordPress vulnerability scanner with live CVE data from NVD. It detects WordPress sites, maps real CVEs with severity scores, and provides a clean web interface for ethical security testing, research, and cybersecurity learning.

Python-based vulnerability scanner using Nmap and public CVE APIs to identify open ports, exposed services, and known vulnerabilities. Focused on ethical security testing, automation, and structured reporting.

⚠️ Explore a vulnerable environment to test security scanners against the CVE-2025-55182 RCE flaw in React Server Components and Next.js applications.

Open-source network vulnerability scanner in Rust — fast port scanning (AF_PACKET 1-5M pps), banner grabbing, CVE matching via NVD/CPE, active vulnerability testing. Alternative to Nmap + Nessus.

A fast, threaded port scanner built in Python featuring banner grabbing (with SSL), lightweight OS fingerprinting, and CVE detection for vulnerable services. Designed for educational and ethical penetration testing purposes.

🛡️ Test for the CVE-2025-55184 DoS vulnerability in React Server Components with this safe, non-destructive Python scanner to enhance your application's security.

SpringBoot Attack Surface Scanner – An interactive penetration testing tool that automatically discovers information leaks, actuator leaks, and modern CVE exploits in Spring-based applications through asynchronous scanning + FOFA/ZoomEye/Hunter integrations.