Top 106 security-scanner open source projects

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

OWASP ZAP Add-ons

Security scanner coordinator

NodeJS Simple Network Scanner

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

cwe_checker finds vulnerable patterns in binary executables

Solhint is an open source project created by https://protofire.io. Its goal is to provide a linting utility for Solidity code.

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Web application vulnerability scanner

Secure, Unified, Powerful and Extensible Rust Android Analyzer

🔎 shodansploit > v1.3.0

DNS Subdomain● Brute force ● Web Spider ● Nmap Scan ● etc

💡 A hinting engine for the web

A friendly car security exploration tool for the CAN bus

Bandit is a tool designed to find common security issues in Python code.

Web Scan Lazy Tools - Python Package

[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

Kubernetes RBAC static Analysis & visualisation tool

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

dawg the hallway monitor - monitor operating system changes and analyze introduced attack surface when installing software

Different utility scripts for pentesting and hacking.

🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.

A simple tool to detect outdated shared libraries

Nmap and NSE command line wrapper in the style of Metasploit

⚡️ Docker official image for Wallarm Node. API security platform agent.

A distributed peer to peer list of bad actor IP addresses and phone numbers collected via a SIP Honeypot.

Scan for and exploit Consul agents

Powerful Shodan API client using RxJava and Retrofit

Network Security Vulnerability Scanner

Improve your code security by running different security checks/validation in a simple way.

A humble, and fast, security-oriented HTTP headers analyzer

Tool for scan vulnerabilities in Moodle platforms

A fast TCP port scanner

Tool for breaking into web applications.

A tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.

Sandfly Security Agentless Compromise and Intrusion Detection System For Linux

收集网络上公开的漏洞扫描器的白皮书。

This is the new version of dirb in python

Jxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).

Vilicus is an open source tool that orchestrates security scans of container images(docker/oci) and centralizes all results into a database for further analysis and metrics.

三方依赖库扫描系统

Ninjaberry: Raspberry Pi UI for @bettercap

A Python library for the MythX smart contract security analysis platform