465 Open source projects that are alternatives of or similar to Audit Check

Audit tool to find common vulnerabilities in PHP source code

Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

A Visual Studio Extension for Web accessibility

Create actionable data from your Vulnerability Scans

A sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)

MrsPicky - An IDAPython decompiler script that helps auditing calls to the memcpy() and memmove() functions.

Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)

A curated list of awesome baseband research resources

An MSBuildTask that checks for known vulnerabilities. Inspired by OWASP SafeNuGet.

Git Webhook client, in rust.

Algorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

DevSec SSL/TLS Baseline - InSpec Profile

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

It's a simple tool for test vulnerability shellshock

DevSec Nginx Baseline - InSpec Profile

The Grails Audit Logging Plugin

Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.

EntityFramework extensions

Flexible and rock solid audit log tracking for CakePHP 3

Run Lighthouse analysis over multiple sites in a single command

Exploiting Edge's read:// urlhandler

With the hope that someone finds the data useful, we periodically publish an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also https://github.com/CERTCC/Vulnerability-Data-Archive-Tools

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Penetration Testing Platform

Google Performance Tools runner using Puppeteer

Publisher Ads Lighthouse Plugin is a tool to improve ad speed and overall quality through a series of automated audits. This tool will aid in resolving discovered problems, providing a tool to be used to evaluate effectiveness of iterative changes while suggesting actionable feedback.

Reverse Shell as a Service

A code coverage tool for Rust projects

This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

Cargo subcommand for contributing to your dependencies

cargo subcommand to compile rust projects remotely

Handle Cargo dependencies like a Rustavimean.

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Asynchronous Python implementation of SlowLoris DoS attack

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

A system information fetcher, with a focus on performance and minimalism.

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

The Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.

PoC exploit for CVE-2016-4622

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Distutils helpers for rust Python extensions

Vulnerability Labs for security analysis

Huorong Internet Security vulnerabilities 火绒安全软件漏洞

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

nat - the 'ls' replacement you never knew you needed

Poc Collected for study and develop

✨ Purpose only! The dangers of Bluetooth Low Energy（BLE）implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.

Modèles de documents dans le cadre du RGAA

ssh rdp vnc telnet sftp bastion/jump web putty xshell terminal jumpserver audit realtime monitor rz/sz 堡垒机 云桌面 linux devops sftp websocket file management rz/sz otp 自动化运维 审计 录像 文件管理 sftp上传 实时监控 录像回放 网页版rz/sz上传下载/动态口令 django

使用docker快速搭建各大漏洞靶场，目前可以一键搭建17个靶场。

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

The sysroot manager that lets you build and customize `std`

SQL Vulnerability Scanner

drydock provides a flexible way of assessing the security of your Docker daemon configuration and containers using editable audit templates

溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）

Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber