bloodzer0 / Ossa
Open-Source Security Architecture | 开源安全架构
Stars: ✭ 796
Labels
Projects that are alternatives of or similar to Ossa
Vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+1011.06%)
Mutual labels: security-tools, security-audit, vulnerabilities, vulnerability-scanners, security-scanner, security-vulnerability
Lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+1047.86%)
Mutual labels: security-tools, security-audit, vulnerability-scanners, security-scanner, security-vulnerability
Rapidscan
🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (-2.64%)
Mutual labels: security-tools, vulnerabilities, vulnerability-scanners, security-scanner
Brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+689.07%)
Mutual labels: security-tools, security-audit, vulnerabilities, security-vulnerability
Patrowlmanager
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (-54.4%)
Mutual labels: security-tools, vulnerabilities, vulnerability-scanners, security-scanner
Taipan
Web application vulnerability scanner
Stars: ✭ 359 (-54.9%)
Mutual labels: security-tools, security-audit, security-scanner, application-security
Salt Scanner
Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (-67.21%)
Mutual labels: security-tools, security-audit, vulnerability-scanners, security-scanner
Super
Secure, Unified, Powerful and Extensible Rust Android Analyzer
Stars: ✭ 340 (-57.29%)
Mutual labels: security-tools, security-audit, vulnerabilities, security-scanner
Jackhammer
Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (-20.48%)
Mutual labels: vulnerability-scanners, security-scanner, application-security
Wsltools
Web Scan Lazy Tools - Python Package
Stars: ✭ 288 (-63.82%)
Mutual labels: security-tools, security-audit, security-scanner
Kube Scan
kube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (-28.89%)
Mutual labels: security-tools, security-audit, security-scanner
Cobra
Source Code Security Audit (源代码安全审计)
Stars: ✭ 2,802 (+252.01%)
Mutual labels: security-tools, security-audit, security-scanner
Raptor
Web-based Source Code Vulnerability Scanner
Stars: ✭ 314 (-60.55%)
Mutual labels: security-tools, security-audit, vulnerability-scanners
Jok3r
Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (-18.97%)
Mutual labels: security-tools, security-audit, vulnerability-scanners
OpenVAS-Docker
A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)
Stars: ✭ 16 (-97.99%)
Mutual labels: vulnerabilities, vulnerability-scanners, security-tools
jawfish
Tool for breaking into web applications.
Stars: ✭ 84 (-89.45%)
Mutual labels: application-security, vulnerabilities, security-scanner
Inql
InQL - A Burp Extension for GraphQL Security Testing
Stars: ✭ 715 (-10.18%)
Mutual labels: security-tools, security-audit, security-scanner
Hacking
hacker, ready for more of our story ! 🚀
Stars: ✭ 413 (-48.12%)
Mutual labels: vulnerabilities, vulnerability-scanners, security-vulnerability
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-77.14%)
Mutual labels: security-tools, security-audit, security-vulnerability
Vulny Code Static Analysis
Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: ✭ 207 (-73.99%)
Mutual labels: security-tools, vulnerabilities, security-scanner
ossa(open-source security architecture)
如果愿意分享或者想给我一些更多的意见,欢迎加我微信:Lzero2012
致过去
本项目从2018-10-08号开始创建,截止目前2个月多一点,star目前在400+,很感谢大家的支持,写东西一直是一件很累的事情,但是我一直在努力下去。
过去的2个月写了很多开源安全工具的安装与使用,也有很多人提出了质疑"不应该把项目写成了工具文章",套用前几天看到的一句话:"安装与使用我不会去看官方文档嘛"。这里给自己解释一下,一开始我的方向就是利用开源工具来建设中小型企业的安全,这类型的很多公司可能没有专业的安全,或者是一个人的安全部,所以我在第一阶段就是哪些安全隐患我们可以使用什么样的工具来解决。从第二阶段到第三阶段将会是这些工具在企业的落地经验(一个人的经验始终是有限的,我有时间也会去找一些甲方的朋友来碰撞思路整理以后发出来)。
2018/10/12-2018/12/07
- 初始版本整体架构安排;
- V1.0版本目录重构;
- 应用安全基础知识:安全测试、扫描等;
- DoS/DDoS/CC、入侵检测与防御;
- 主机入侵检测、日志分析;
- 主机入侵检测、日志分析、蜜罐、登录登录认证;
- 日志分析踩坑、蜜罐MHN、jumpserver;
- LDAP+Cas身份与访问安全;
- 钓鱼平台gophish;
Now
第一阶段持续了2个多月,本以为这个时间会更长一些,看来自己还是真的很拼了(写工具安装使用其实是一个体力活,脑力活更多体现在对工具的思考与踩坑)。目前原项目被我删除了,从明天开始项目会出现一些变化,很多子项目将会以如何在企业中落地的形式展现给大家,希望大家能给我更多的意见。
2018-12-16:安全测试概述、漏洞管理概述、安全扫描概述
感谢
排名不分前后,非常谢谢大家伙的支持!
atiger77 bsmali4 cf_hb hblf hiw0rld ourren Rozero Sophone 千域千寻
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].