Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+135.65%)
KraneKubernetes RBAC static Analysis & visualisation tool
Stars: ✭ 254 (+17.59%)
SecurecodeboxsecureCodeBox (SCB) - continuous secure delivery out of the box
Stars: ✭ 279 (+29.17%)
HuskyciPerforming security tests inside your CI
Stars: ✭ 398 (+84.26%)
HabuHacking Toolkit
Stars: ✭ 635 (+193.98%)
ApplicationinspectorA source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Stars: ✭ 3,873 (+1693.06%)
AmdhAndroid Mobile Device Hardening
Stars: ✭ 95 (-56.02%)
Honggfuzz RsFuzz your Rust code with Google-developed Honggfuzz !
Stars: ✭ 222 (+2.78%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (+66.2%)
SalusSecurity scanner coordinator
Stars: ✭ 441 (+104.17%)
Vulny Code Static AnalysisPython script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: ✭ 207 (-4.17%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (+0%)
SquealerTelling tales on you for leaking secrets!
Stars: ✭ 97 (-55.09%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (+59.72%)
NerveNERVE Continuous Vulnerability Scanner
Stars: ✭ 267 (+23.61%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+2807.87%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (-40.74%)
Hackertarget🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯
Stars: ✭ 320 (+48.15%)
GosecGolang security checker
Stars: ✭ 5,694 (+2536.11%)
WssatWEB SERVICE SECURITY ASSESSMENT TOOL
Stars: ✭ 360 (+66.67%)
Apk Meditmemory search and patch tool on debuggable apk without root & ndk
Stars: ✭ 189 (-12.5%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-71.3%)
Jsprimea javascript static security analysis tool
Stars: ✭ 556 (+157.41%)
LibdiffuzzCustom memory allocator that helps discover reads from uninitialized memory
Stars: ✭ 147 (-31.94%)
Detect It EasyProgram for determining types of files for Windows, Linux and MacOS.
Stars: ✭ 2,982 (+1280.56%)
BellybuttonCustom Python linting through AST expressions
Stars: ✭ 196 (-9.26%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-13.43%)
Attack monitorEndpoint detection & Malware analysis software
Stars: ✭ 186 (-13.89%)
LimitrrLight NodeJS rate limiting and response delaying using Redis - including Express middleware.
Stars: ✭ 203 (-6.02%)
ReplicaGhidra Analysis Enhancer 🐉
Stars: ✭ 194 (-10.19%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+1176.85%)
Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (-15.28%)
DiktatStrict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs
Stars: ✭ 196 (-9.26%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-15.74%)
BodycloseAnalyzer: checks whether HTTP response body is closed and a re-use of TCP connection is not blocked.
Stars: ✭ 181 (-16.2%)
Bundler AuditPatch-level verification for Bundler
Stars: ✭ 2,393 (+1007.87%)
CheckovPrevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+1553.7%)
Unwebpack SourcemapExtract uncompiled, uncompressed SPA code from Webpack source maps.
Stars: ✭ 176 (-18.52%)
SyntFind similar functions and classes in your JavaScript/TypeScript code
Stars: ✭ 178 (-17.59%)
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (-12.04%)
DufflebagSearch exposed EBS volumes for secrets
Stars: ✭ 177 (-18.06%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-18.06%)
PwnbackBurp Extender plugin that generates a sitemap of a website using Wayback Machine
Stars: ✭ 203 (-6.02%)
PypowershellxrayPython script to decode common encoded PowerShell scripts
Stars: ✭ 192 (-11.11%)
Securify[DEPRECATED] Security Scanner for Ethereum Smart Contracts
Stars: ✭ 177 (-18.06%)
StegcloakHide secrets with invisible characters in plain text securely using passwords 🧙🏻♂️⭐
Stars: ✭ 2,379 (+1001.39%)
Aws Auto RemediateOpen source application to instantly remediate common security issues through the use of AWS Config
Stars: ✭ 191 (-11.57%)
Rubysonaran advanced semantic indexer for Ruby
Stars: ✭ 175 (-18.98%)
CrepeDatalog compiler in Rust as a procedural macro
Stars: ✭ 175 (-18.98%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (+0%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+1247.69%)
Zbn安全编排与自动化响应平台
Stars: ✭ 201 (-6.94%)
Woke✊ Detect non-inclusive language in your source code.
Stars: ✭ 190 (-12.04%)
Dnxfirewalldnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.
Stars: ✭ 174 (-19.44%)
PytA Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Stars: ✭ 2,061 (+854.17%)