YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
SalusSecurity scanner coordinator
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
ApplicationinspectorA source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Cwe checkercwe_checker finds vulnerable patterns in binary executables
SolhintSolhint is an open source project created by https://protofire.io. Its goal is to provide a linting utility for Solidity code.
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
TaipanWeb application vulnerability scanner
SuperSecure, Unified, Powerful and Extensible Rust Android Analyzer
Hint💡 A hinting engine for the web
CaringcaribouA friendly car security exploration tool for the CAN bus
BanditBandit is a tool designed to find common security issues in Python code.
WsltoolsWeb Scan Lazy Tools - Python Package
Okadminfinder3[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻
Salt ScannerLinux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
KraneKubernetes RBAC static Analysis & visualisation tool
xssmapIntelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
dawgmondawg the hallway monitor - monitor operating system changes and analyze introduced attack surface when installing software
authz0🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
SentryPeerA distributed peer to peer list of bad actor IP addresses and phone numbers collected via a SIP Honeypot.
ConstoleScan for and exploit Consul agents
jshodanPowerful Shodan API client using RxJava and Retrofit
humbleA humble, and fast, security-oriented HTTP headers analyzer
moodlescanTool for scan vulnerabilities in Moodle platforms
jawfishTool for breaking into web applications.
NetworkAlarmA tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.
sandfly-setupSandfly Security Agentless Compromise and Intrusion Detection System For Linux
dirbpyThis is the new version of dirb in python
JxnetJxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).
vilicusVilicus is an open source tool that orchestrates security scans of container images(docker/oci) and centralizes all results into a database for further analysis and metrics.
ninjaberryNinjaberry: Raspberry Pi UI for @bettercap
pythxA Python library for the MythX smart contract security analysis platform