ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+8585.71%)
ad-privileged-auditProvides various Windows Server Active Directory (AD) security-focused reports.
Stars: ✭ 42 (+100%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+9080.95%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+43409.52%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (+471.43%)
Gscan本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
Stars: ✭ 1,177 (+5504.76%)
Enum4linux NgA next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Stars: ✭ 349 (+1561.9%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+766.67%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (+1880.95%)
FilewatcherA simple auditing utility for macOS
Stars: ✭ 233 (+1009.52%)
DirstalkModern alternative to dirbuster/dirb
Stars: ✭ 210 (+900%)
DirsearchA Go implementation of dirsearch.
Stars: ✭ 164 (+680.95%)
CagCrypto Audit Guidelines
Stars: ✭ 115 (+447.62%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (+414.29%)
Entityframework.commontoolsExtensions, Auditing, Concurrency Checks, JSON properties and Transaction Logs for EntityFramework and EFCore
Stars: ✭ 82 (+290.48%)
auditA common audit framework for java application
Stars: ✭ 28 (+33.33%)
dep-scanFully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (+1547.62%)
Office365 Audit Log CollectorCollector script for retrieving audit logs from the Office 365 API with file or network/graylog output.
Stars: ✭ 39 (+85.71%)
wordlistsAggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.
Stars: ✭ 94 (+347.62%)
Ssh AuditorThe best way to scan for weak ssh passwords on your network
Stars: ✭ 516 (+2357.14%)
roboxtractorExtract endpoints marked as disallow in robots files to generate wordlists.
Stars: ✭ 40 (+90.48%)
findcdnfindCDN is a tool created to help accurately identify what CDN a domain is using.
Stars: ✭ 64 (+204.76%)
SshpiperThe missing reverse proxy for ssh scp
Stars: ✭ 489 (+2228.57%)
MaplesyrupAssesses CPU security of embedded devices. #nsacyber
Stars: ✭ 121 (+476.19%)
burp-aem-scannerBurp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.
Stars: ✭ 60 (+185.71%)
Daudit🌲 Configuration flaws detector for Hadoop, MongoDB, MySQL, and more!
Stars: ✭ 108 (+414.29%)
Cheat-Sheet---Active-DirectoryThis cheat sheet contains common enumeration and attack methods for Windows Active Directory with the use of powershell.
Stars: ✭ 154 (+633.33%)
Windows Secure Host BaselineConfiguration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber
Stars: ✭ 1,288 (+6033.33%)
enum-phpEnumeration implementation for PHP
Stars: ✭ 45 (+114.29%)
Prox5🧮 SOCKS5/4/4a 🌾 validating proxy pool and upstream SOCKS5 server for 🤽 LOLXDsoRANDum connections 🎋
Stars: ✭ 39 (+85.71%)
Parse AuditorAudit module for Parse Platform
Stars: ✭ 19 (-9.52%)
php-enumerationImplementation of enumeration classes in PHP. The better alternative for enums
Stars: ✭ 54 (+157.14%)
TwaA tiny web auditor with strong opinions.
Stars: ✭ 549 (+2514.29%)
CrumbleMenu driven wordlist generator in C++
Stars: ✭ 19 (-9.52%)
CEHExam Prep for the Ec-council Certified Ethical Hacker 312-50
Stars: ✭ 71 (+238.1%)
Commit WatcherFind interesting and potentially hazardous commits in git projects
Stars: ✭ 345 (+1542.86%)
Django AuditlogA Django app that keeps a log of changes made to an object.
Stars: ✭ 412 (+1861.9%)
reosploitA Tool that Finds, Enumerates, and Exploits Reolink Cameras.
Stars: ✭ 89 (+323.81%)
JxnetJxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).
Stars: ✭ 26 (+23.81%)
AuditFor auditing what collaborators, hooks, and deploy keys you have added on all your GitHub repositories.
Stars: ✭ 335 (+1495.24%)
prowlerProwler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+38214.29%)
RudderContinuous Auditing & Configuration
Stars: ✭ 314 (+1395.24%)
Django Easy AuditYet another Django audit log app, hopefully the simplest one.
Stars: ✭ 289 (+1276.19%)
ScoutsuiteMulti-Cloud Security Auditing Tool
Stars: ✭ 3,803 (+18009.52%)
PlatenumThe PHP enumeration type library
Stars: ✭ 34 (+61.9%)
LogESPOpen Source SIEM (Security Information and Event Management system).
Stars: ✭ 162 (+671.43%)
AndroticklerPenetration testing and auditing toolkit for Android apps.
Stars: ✭ 225 (+971.43%)
pg-audit-jsonSimple, easily customised trigger-based auditing for PostgreSQL (Postgres). See also pgaudit.
Stars: ✭ 34 (+61.9%)
Tracker Enabled DbcontextTracker-enabled DbContext offers you to implement full auditing in your database
Stars: ✭ 210 (+900%)
sledgehammer🔨 📶 WiFi-Jammer/DoS toolset
Stars: ✭ 34 (+61.9%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (+7385.71%)
interceptINTERCEPT / Policy as Code Static Analysis Auditing / SAST
Stars: ✭ 54 (+157.14%)