All Projects → WhaleShark-Team → Cobra

WhaleShark-Team / Cobra

Licence: mit
Source Code Security Audit (源代码安全审计)

Programming Languages

python
139335 projects - #7 most used programming language
CSS
56736 projects
HTML
75241 projects
javascript
184084 projects - #8 most used programming language
java
68154 projects - #9 most used programming language
PHP
23972 projects - #3 most used programming language

Projects that are alternatives of or similar to Cobra

Minesweeper
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-94.22%)
Mutual labels:  security-tools, security-audit, security-scanner
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (-34.9%)
Mutual labels:  security-tools, security-audit, security-scanner
Salt Scanner
Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (-90.69%)
Mutual labels:  security-tools, security-audit, security-scanner
Wsltools
Web Scan Lazy Tools - Python Package
Stars: ✭ 288 (-89.72%)
Mutual labels:  security-tools, security-audit, security-scanner
Ossa
Open-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (-71.59%)
Mutual labels:  security-tools, security-audit, security-scanner
Taipan
Web application vulnerability scanner
Stars: ✭ 359 (-87.19%)
Mutual labels:  security-tools, security-audit, security-scanner
Super
Secure, Unified, Powerful and Extensible Rust Android Analyzer
Stars: ✭ 340 (-87.87%)
Mutual labels:  security-tools, security-audit, security-scanner
Lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+226.09%)
Mutual labels:  security-tools, security-audit, security-scanner
Inql
InQL - A Burp Extension for GraphQL Security Testing
Stars: ✭ 715 (-74.48%)
Mutual labels:  security-tools, security-audit, security-scanner
Kube Scan
kube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (-79.8%)
Mutual labels:  security-tools, security-audit, security-scanner
Golang Tls
Simple Golang HTTPS/TLS Examples
Stars: ✭ 857 (-69.41%)
Mutual labels:  security-tools, security-audit, security-scanner
Vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+215.63%)
Mutual labels:  security-tools, security-audit, security-scanner
Kubestriker
A Blazing fast Security Auditing tool for Kubernetes
Stars: ✭ 213 (-92.4%)
Mutual labels:  security-tools, security-audit
Nebulousad
NebulousAD automated credential auditing tool.
Stars: ✭ 158 (-94.36%)
Mutual labels:  security-tools, security-audit
Insider
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (-92.29%)
Mutual labels:  security-tools, security-scanner
Libdiffuzz
Custom memory allocator that helps discover reads from uninitialized memory
Stars: ✭ 147 (-94.75%)
Mutual labels:  security-tools, security-audit
Patrowlengines
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-94.22%)
Mutual labels:  security-tools, security-scanner
Vulscan
Advanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (-17.74%)
Mutual labels:  security-audit, security-scanner
Recsech
Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (-93.83%)
Mutual labels:  security-tools, security-audit
Yawast
YAWAST ...where a pentest starts. Security Toolkit for Web-based Applications
Stars: ✭ 181 (-93.54%)
Mutual labels:  security-audit, security-scanner

Cobra

Build Status Coverage Status GitHub (pre-)release license

asciicast

该项目设计已无法实现当前白盒扫描要求,已不在维护,仅做研究使用,请勿在生产环境使用

Introduction(介绍)

Cobra是一款源代码安全审计工具,支持检测多种开发语言源代码中的大部分显著的安全问题和漏洞。

Features(特点)

Multi-language Supported(支持多种开发语言)

支持PHP、Java等开发语言,并支持数十种类型文件。

Multi-Vulnerabilities Supported(支持多种漏洞类型)

首批开放数万条不安全的依赖检查规则和数十条代码安全扫描规则,后续将持续开放更多扫描规则。

GUI/CLI/API Mode(命令行模式和API模式)

提供本地Web Server服务,可使用GUI可视化操作,也可支持本地API接口,方便和其它系统(发布系统、CI等)对接扩展。

Screenshot(截图)

report01 report02

Contributors(贡献者)

项目由Feei发起并主导,核心开发者LiGhT1EsSBlBana40huobraveghz,也感谢其他贡献者,欢迎提交PR。

Links(链接)

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].