Top 654 security-tools open source projects

Converts characters from one encoding to another using a transformation.

Protecting Red Team infrastructure with cyber shield blocking AWS/AZURE/IBM/Digital Ocean/TOR/AV IP/ETC. ranges

A CAT called tabby ( Code Analysis Tool )

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

A U-Boot hacking toolkit for security researchers and tinkerers

Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules

🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline

dawg the hallway monitor - monitor operating system changes and analyze introduced attack surface when installing software

gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/

Botnet targeting Windows machines written entirely in Python & open source security project.

Different utility scripts for pentesting and hacking.

Automate creating resilient, disposable, secure and agile infrastructure for Red Teams

Simple but sharp ransomware

The port forwarding tool developed by Golang solves the problem that the internal and external networks cannot communicate in certain scenarios

http://testssl.sh/ in a tiny docker container

A Tool for Domain Flyovers

一款适用于红蓝对抗中的仿真钓鱼系统

EKOLABS esta dedicada para investigadores independientes y para la comunidad del Software Libre. Vamos a proveer de stands completos con monitor, alimentacion de energia y acceso a internet por cable, y vos vas a traer tu maquina para mostrar tu trabajo y responder preguntas de los participantes de Ekoparty Security Conference

A tool for fuzzing for ports that allow outgoing connections

OSSEC server docker image

Dorothy is a tool to test security monitoring and detection for Okta environments

Packet communication investigator

Security, Compliance and Informational Dashboard System

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.

All things GitHub Universe 2021!

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

A simple tool to detect outdated shared libraries

Simple script to unlock your Linux based Computer using a Bluetooth device when nearby

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

👻Behold3r -- 收集指定网站的子域名，并可监控指定网站的子域名更新情况，发送变更报告至指定邮箱

Dockerfiles for security tools

Create complex tools execution Workflows for working together

Store sensitive data such as API tokens

🌸花密，不一样的密码管理器

Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation

2FA (Two-Factor Authentication) application for CLI terminal with support to import/export andOTP files.

Making CoreOS' Clair easily work in CI/CD pipelines

Data Obfuscation for C/C++ Code Based on Residue Number Coding (RNC)

A terminal emulator with remote shell for non-jailbroken iOS devices

log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

Kong API Manager with Prometheus And Graylog

Identity & Access Management simplified and secure.

Better PHP rate limiting using Redis.

This Repository contains the stable beta preview of the next major secureCodeBox (SCB) release v2.0.0.

A powerful tool for using AWS SSO for the CLI and web console.

TCP over HTTP. 隐藏网站的管理服务

Execute ELF files without dropping them on disk

Framework for Testing WAFs (FTW!)

Very basic CLI SIEM (Security Information and Event Management system).

🏵 Gee is tool of stdin to each files and stdout. It is similar to the tee command, but there are more functions for convenience. In addition, it was written as go

This script will pull and analyze syscalls in given application(s) allowing for easier security research purposes

Cryptanalysis and attack library

OWASP Dependency Track API client for intergration into CI/CD pipeline

Scripts for hacking through wireless network [WiFi]

🍪 A CLI tool and library allowing to simply decode all kind of BigIP cookies.

A Python3 powered bash script written to slightly automate the tool installation process of the Hacker Playbook Book (http://thehackerplaybook.com).

Express security essentials deployment for Linux Servers

Nmap and NSE command line wrapper in the style of Metasploit

PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicyShards which are always Allow, never Deny.