Open Source Linux Vulnerability Scanners
Sort By:
Vulnerability Scanners for Linux
View 23 business solutionsBrowse free open source Vulnerability Scanners and projects for Linux below. Use the toggles on the left to filter open source Vulnerability Scanners by OS, license, language, programming language, and project status.
-
Your top-rated shield against malware and online scams | Avast Free AntivirusOur antivirus software scans for security and performance issues and helps you to fix them instantly. It also protects you in real time by analyzing unknown files before they reach your desktop PC or laptop — all for free.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
1
syft
CLI tool and library for generating a Software Bill of Materials
CLI tool and library for generating a Software Bill of Materials from container images and filesystems. syft is a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for vulnerability detection when used with a scanner like Grype. Generates SBOMs for container images, filesystems, archives, and more to discover packages and libraries. Supports OCI, Docker and Singularity image formats. Linux distribution identification. Works seamlessly with Grype (a fast, modern vulnerability scanner). Able to create signed SBOM attestations using the in-toto specification. Convert between SBOM formats, such as CycloneDX, SPDX, and Syft's own format. -
2
Docker Scout CLI
Docker Scout CLI
Designed to identify security issues, outdated packages, and potential compliance problems within container images, Docker Scout surfaces dependency vulnerabilities so you're protected. Docker Scout enhances your development process with detailed image analysis and proactive remediation tools. It integrates seamlessly with Docker Desktop and Docker Hub to improve your security and efficiency. Docker Scout’s local vulnerability analysis scans your images for potential security issues before they reach production. By detecting vulnerabilities early, it helps you ensure safer deployments and reduce the risk of security breaches in your applications. -
3
grype
A vulnerability scanner for container images and filesystems
A vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Works with Syft, the powerful SBOM (software bill of materials) tool for container images and filesystems. Scan the contents of a container image or filesystem to find known vulnerabilities. Find vulnerabilities for major operating system packages. Find vulnerabilities for language-specific packages. You can also choose another destination directory and release version for the installation. The destination directory doesn't need to be /usr/local/bin, it just needs to be a location found in the user's PATH and writable by the user that's installing Grype. If you're using GitHub Actions, you can simply use our Grype-based action to run vulnerability scans on your code or container images during your CI workflows. -
4
Nikto
Web server vulnerability scanner for security assessments
Nikto is an open-source web server scanner that performs comprehensive tests to detect potentially dangerous files, outdated server software, and configuration issues. It’s widely used by penetration testers and security professionals for auditing web applications and infrastructure. Nikto supports multiple output formats and can integrate with other tools for automated scanning workflows. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
tfsec
Security scanner for your Terraform code
tfsec is a static analysis security scanner for your Terraform code. Designed to run locally and in your CI pipelines, developer-friendly output and fully documented checks mean detection and remediation can take place as quickly and efficiently as possible. tfsec takes a developer-first approach to scanning your Terraform templates; using static analysis and deep integration with the official HCL parser it ensures that security issues can be detected before your infrastructure changes take effect. Checks for misconfigurations across all major (and some minor) cloud providers. Applies (and embellishes) user-defined Rego policies. Supports multiple output formats: CLI, JSON, SARIF, CSV, CheckStyle, and JUnit. Configurable (via CLI flags and/or config file). Very fast, capable of quickly scanning huge repositories. Plugins for popular IDEs available (JetBrains, VSCode and Vim). -
6
Vuls
Agentless vulnerability scanner for Linux/FreeBSD
Vuls is open-source, agent-less vulnerability scanner based on information from NVD, OVAL, etc. Vuls uses multiple vulnerability databases NVD, JVN, OVAL, RHSA/ALAS/ELSA/FreeBSD-SA and Changelog. Vuls v0.5.0 now possible to detect vulnerabilities that patches have not been published from distributors. Remote scan mode is required to only setup one machine that is connected to other scan target servers via SSH. If you don't want the central Vuls server to connect to each server by SSH, you can use Vuls in the Local Scan mode. Fast scan mode scans without root privilege, no internet access, almost no load on the scan target server. Deep scan mode scans in more detail. It is possible to acquire the state of the server executing some commands. Vuls v0.5.0 warns not-restarting-processes which updated before but not restarting yet. And detect processes affecting software update in advance. -
7
Wapiti
Wapiti is a web-application vulnerability scanner
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language. -
8
Brakeman
A static analysis security vulnerability scanner for Ruby on Rails app
Brakeman is a free vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development. Brakeman now uses the parallel gem to read and parse files in parallel. By default, parallel will split the reading/parsing into a number of separate processes based on number of CPUs. In testing, this has dramatically improved speed for large code bases, around 35% reduction in overall scan time. Brakeman will now track and return very simple literal values (e.g. strings, hashes of literals, arrays of literals) from very simple class methods (e.g. single line). Since ActiveRecord enums essentially generate some class (and instance) methods that return fixed literal values, the above class method return values is also used to support enum. -
9
garak
Developers and anyone seeking an LLM solution to scan for vulnerabilit
garak checks if an LLM can be made to fail in a way we don't want. garak probes for hallucination, data leakage, prompt injection, misinformation, toxicity generation, jailbreaks, and many other weaknesses. garak's a free tool, we love developing it and are always interested in adding functionality to support applications. garak is a command-line tool, it's developed in Linux and OSX. Just grab it from PyPI and you should be good to go. The standard pip version of garak is updated periodically. garak has its own dependencies, you can to install garak in its own Conda environment. garak needs to know what model to scan, and by default, it'll try all the probes it knows on that model, using the vulnerability detectors recommended by each probe. For each probe loaded, garak will print a progress bar as it generates. Once the generation is complete, a row evaluating the probe's results on each detector is given. -
Picsart Enterprise Background Removal API for Stunning eCommerce VisualsWith our Remove Background API tool, you can access the transformative capabilities of automation , which will allow you to turn any photo asset into compelling product imagery. With elevated visuals quality on your digital platforms, you can captivate your audience, and therefore achieve higher engagement and sales.
-
10
Uniscan is a simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner.
-
11
Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
Sn1per Professional is an all-in-one offensive security platform that provides a comprehensive view of your internal and external attack surface and offers an asset risk scoring system to prioritize, reduce, and manage risk. With Sn1per Professional, you can discover the attack surface and continuously monitor it for changes. It integrates with the leading open source and commercial security testing tools for a unified view of your data. -
12
wavsep
Web Application Vulnerability Scanner Evaluation Project
A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST) Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST) Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST) Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST) Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST) -
13
Gamja will find XSS(Cross site scripting) & SQL Injection weak point also URL parameter validation error. Who knows that which parameter is weak parameter? Gamja will be helpful for finding vulnerability[ XSS , Validation Error , SQL Injection].
-
14
Openvas Raspberry
Turnkey image for the Raspberry Pi running Openvas 7
OpenVAS is an open source remote security vulnerability scanner, designed to search for networked devices and computers, discover accessible ports and services, and to test for vulnerabilities on any such ports; plugins allow for further expansion. -
15
-
16
BlackBSD
BlackBSD
BlackBSD Is a NetBSD based LiveCD, with security tools on it, and fluxbox as a window manager. Beta Version 1.0 coming on soon. Packages on it. Nmap - port scanner http://nmap.org/ Nessus - Vulnerability detector http://www.tenable.com/products/nessus Air-Crack - Wireless Cracker http://www.aircrack-ng.org/ Ettercap - port sniffer http://ettercap.github.com/ettercap/ Iptraf - Network Monitor http://iptraf.seul.org/ Medusa - Login brute-forcer http://www.foofus.net/~jmk/medusa/medusa.html Snort - Intrucion Detection http://www.snort.org/ W3af - Web Application Attack http://w3af.org/ NetCat - networking utility http://netcat.sourceforge.net/ THC-Hydra - network logon cracker http://thc.org/thc-hydra/ Wapiti - Web application vulnerability scanner http://wapiti.sourceforge.net/ Rapid7 - http://www.rapid7.com/ -
17
L337 Scanner
Vulnerability Scanner
L337 Scanner is powerful vulnerability scanner.It has both community edition and professional edition. Community edition is free for all. Community edition has only sqli scanner. which means through community edition you can scan a target site for sql injection vulnerability or search google for sqli vulnerable site. Requirements : 1. Java 8 or higher (oracle recommanded) Rules : 1. Don't give trailing slash 2. Put link with protocol like http,https Test Example : 1. http://www.northernoutpost.com 2. http://www.pangang-titanium.com 3. http://www.interaliaproject.com 4. http://northeastnews.in 5. http://www.dias.net.in 5. http://www.realtymasters.co.in Report bug here : http://goo.gl/forms/j8LKR1vbYV -
18
PHP mini vulnerability suite
Multiple server/webapp vulnerability scanner
github: https://github.com/samedog/phpmvs -
19
RABBIT is a black-box vulnerability scanner framework. Designed to make it easy to program your own plugins in order to satisfy your scanning needs.
-
20
Reaver is a network vulnerability scanner built on top of Nessus with an easy to use "web front-end" and reporting system. Reaver will aid administrators in identifying, cataloguing and remediation of security vulnerability...DEV -missing web interface
-
21
Cake Fuzzer
Security testing tool for CakePHP based web applications
Cake Fuzzer is an open-source project meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives. Currently, it is implemented to support the Cake PHP framework. Cake Fuzzer is based on the concept of Interactive Application Security Testing (IAST). The goals of the project are: - create an automated process of discovering vulnerabilities in applications based on the CakePHP Framework; - no application knowledge requirement or pre-configuration of the web application; - result with minimal or close to 0 amount of false positives; - require minimal security knowledge to run the scanner. -
22
A web application penetration testing tool that can extract data from SQL Server, MySQL, DB2, Oracle, Sybase, Informix, and Postgres. Further, it can crawl a website as a vulnerability scanner looking for sql injection vulnerabilities.
-
23
This is a Java library for the Nussus vulnerability scanner. It has also been tested to work with the OpenVAS server.
-
24
-
25
PAVS
PHP Application Vulnerability Scanner
PAVS scans the PHP based web application source code and identifies the potential security problems in that application. PAVS also identifies the loop holes in PHP configuration file settings. Attacks addressed by PAVS are Cross-site Scripting SQL Injection File Manipulation File Inclusion Command Execution Code Evaluation
