1205 Open source projects that are alternatives of or similar to Applicationinspector

Kubernetes RBAC static Analysis & visualisation tool

Security scanner coordinator

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

a javascript static security analysis tool

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

WEB SERVICE SECURITY ASSESSMENT TOOL

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Official Black Hat Arsenal Security Tools Repository

Performing security tests inside your CI

Golang安全资源合集

Canary: Input Detection and Response

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Application and Service Fingerprinting

Awesome Python Security resources 🕶🐍🔐

🐞 Primitive Erlang Security Tool

Telling tales on you for leaking secrets!

nodejsscan is a static security code scanner for Node.js applications.

Awesome Golang Security resources 🕶🔐

Semgrep rules registry

Awesome Java Security Resources 🕶☕🔐

Simple Golang HTTPS/TLS Examples

A default credential scanner.

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Web application vulnerability scanner

A Machine Learning approach for classifying a file as Malicious or Legitimate

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Generalized proof of concept tool which can be used for drop-in bruteforce protection when needed.

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Source Code Security Audit (源代码安全审计)

Open-Source Security Architecture | 开源安全架构

A static analysis security vulnerability scanner for Ruby on Rails applications

Android Mobile Device Hardening

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Secure, Unified, Powerful and Extensible Rust Android Analyzer

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

Chronos - A static race detector for the go language

Bandit is a tool designed to find common security issues in Python code.

🔎 shodansploit > v1.3.0

Web Scan Lazy Tools - Python Package

Awesome .NET Security Resources

🆕 The Multi-Tool Web Vulnerability Scanner.

Enumeration sub domains(枚举子域名)

Golang security checker

LibScout: Third-party library detector for Java/Android apps

DNS Subdomain● Brute force ● Web Spider ● Nmap Scan ● etc

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform