812 Open source projects that are alternatives of or similar to Awesome Java Security

Awesome .NET Security Resources

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Awesome Python Security resources 🕶🐍🔐

Kubernetes RBAC static Analysis & visualisation tool

secureCodeBox (SCB) - continuous secure delivery out of the box

Performing security tests inside your CI

Hacking Toolkit

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

Android Mobile Device Hardening

Fuzz your Rust code with Google-developed Honggfuzz !

Web application vulnerability scanner

Security scanner coordinator

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

Telling tales on you for leaking secrets!

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

NERVE Continuous Vulnerability Scanner

A static analysis security vulnerability scanner for Ruby on Rails applications

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯

🔎 shodansploit > v1.3.0

Golang security checker

WEB SERVICE SECURITY ASSESSMENT TOOL

memory search and patch tool on debuggable apk without root & ndk

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

a javascript static security analysis tool

Awesome Golang Security resources 🕶🔐

Custom memory allocator that helps discover reads from uninitialized memory

Program for determining types of files for Windows, Linux and MacOS.

Custom Python linting through AST expressions

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Endpoint detection & Malware analysis software

Light NodeJS rate limiting and response delaying using Redis - including Express middleware.

Ghidra Analysis Enhancer 🐉

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Advanced and easy to use penetration testing framework 💣🔎

Strict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Analyzer: checks whether HTTP response body is closed and a re-use of TCP connection is not blocked.

Official Black Hat Arsenal Security Tools Repository

Patch-level verification for Bundler

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

Extract uncompiled, uncompressed SPA code from Webpack source maps.

Find similar functions and classes in your JavaScript/TypeScript code

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Search exposed EBS volumes for secrets

Intelligence and Reconnaissance Package/Bundle installer.

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

Python script to decode common encoded PowerShell scripts

[DEPRECATED] Security Scanner for Ethereum Smart Contracts

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

Open source application to instantly remediate common security issues through the use of AWS Config

an advanced semantic indexer for Ruby

Datalog compiler in Rust as a procedural macro

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

安全编排与自动化响应平台

✊ Detect non-inclusive language in your source code.

dnxfirewall (dad's next-gen firewall), a pure Python next generation firewall built on top of Linux kernel/netfilter.

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications