781 Open source projects that are alternatives of or similar to Awesome Golang Security

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

Security scanner coordinator

Awesome .NET Security Resources

WEB SERVICE SECURITY ASSESSMENT TOOL

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

Awesome Java Security Resources 🕶☕🔐

A static analysis security vulnerability scanner for Ruby on Rails applications

Golang security checker

Android Mobile Device Hardening

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

Telling tales on you for leaking secrets!

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Performing security tests inside your CI

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

Kubernetes RBAC static Analysis & visualisation tool

a javascript static security analysis tool

Awesome Python Security resources 🕶🐍🔐

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy

Securify v2.0

PHP_CodeSniffer is a set of two PHP scripts; the main phpcs script that tokenizes PHP, JavaScript and CSS files to detect violations of a defined coding standard, and a second phpcbf script to automatically correct coding standard violations. PHP_CodeSniffer is an essential development tool that ensures your code remains clean and consistent.

Various code metrics for Python code

A curated list of various bug bounty tools

A new context, field, and array-sensitive heap analysis for LLVM bitcode based on DSA.

PoC tool to demonstrate vulnerabilities in wireless input devices

Software tools for Nordic Semiconductor nRF24-based devices like wireless keyboards, mice, and presenters

The clever vulnerability dependency finder

KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.

A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)

A library to check for compromised passwords

A set of custom fixers for PHP CS Fixer

A security monitoring solution for Kubernetes

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Fast Static File Analysis Framework

A service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification

🔐 Open Source Python Keylogger Collection

Open Repository for the Open Security and Privacy Reference Architecture

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

🍿 The perfect Checklist Website for meticulous developers.

A linter, formatter for finding and removing unused import statements.

Explore Indicators of Compromise Automatically

Qualys sslabs-scan utility in a tiny docker image

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

Forseti Security

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

Pacman-inspired game, for teaching testing purposes.

Secure, human-friendly, cross-platform secrets and config.

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

📷 ViewFinder - NodeJS product to make the browser into a web app. WTF RBI. CBII. Remote browser isolation, embeddable browserview, secure chrome saas. Licenses, managed, self-hosted. Like S2, WebGap, Bromium, Authentic8, Menlo Security and Broadcom, but open source with free live demos available now! Also, integrated RBI/CDR with CDR from https://github.com/dosyago/p2%2e

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

Trigram database written in C++, suited for malware indexing

All-in-one tool for managing vulnerability reports from AppSec pipelines

Tools to automate and/or expedite response.

USB testing made easy

Friends don't let friends leak secrets on their terminal window 🙈

A set of recipes useful in pentesting and red teaming scenarios

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

Kali Linux 工具合集中文说明书

Extension for PHPStan to allow analysis of Drupal code.

This ansible role gets information from an AWS VPC and generate a graphical representation of security groups

A repository of sysmon configuration modules