830 Open source projects that are alternatives of or similar to Canary

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

Open-source tool to enforce privacy & security best-practices on Windows and macOS, because privacy is sexy 🍑🍆

🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.

Ladon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

Simple Golang HTTPS/TLS Examples

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Simplifying Seccomp enforcement in containerized or non-containerized apps

Ansible role to apply a security baseline. Systemd edition.

Generalized proof of concept tool which can be used for drop-in bruteforce protection when needed.

System Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

Tool for complete hardening of Linux boot chain with UEFI Secure Boot

Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

Scripts to gather system configuration information for offline/remote auditing

Kubernetes RBAC static Analysis & visualisation tool

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

A collection of awesome security hardening guides, tools and other resources

Hardening Ubuntu. Systemd edition.

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

Alcide Kubernetes Audit Log Analyzer - Alcide kAudit

Open-Source Security Architecture | 开源安全架构

Enumeration sub domains(枚举子域名)

Easily configure macOS security settings from the terminal.

Command line password manager for Unix-like operating systems

Safety helmet wearing detect dataset, with pretrained model

Trainable models and NN optimization tools

Find exploit tool

The Medical Detection Toolkit contains 2D + 3D implementations of prevalent object detectors such as Mask R-CNN, Retina Net, Retina U-Net, as well as a training and inference framework focused on dealing with medical images.

SIPCheck is a tool that watch the authentication of users of Asterisk and bans automatically if some user (or bot) try to register o make calls using wrong passwords.

Awesome Object Detection based on handong1587 github: https://handong1587.github.io/deep_learning/2015/10/09/object-detection.html

A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

🆕 The Multi-Tool Web Vulnerability Scanner.

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

A checklist for staying safe on the internet

Tensorflow implementation of YOLO, including training and test phase.

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Wazuh - Chef cookbooks

FastER RCNN built on tensorflow

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.

grep rough audit - source code auditing tool

ESLint security plugin for Node.js

📇 Detect which Linux distro or BSD a system is running

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

Find secrets and passwords in container images and file systems

Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.

An Active Defense and EDR software to empower Blue Teams

OWASP Threat Dragon with Gitlab Integration

Awesome Python Security resources 🕶🐍🔐

A static analysis security vulnerability scanner for Ruby on Rails applications

Seamlessly encrypt/decrypt/edit your rails Dotenv files with the help of the Sekrets gem

A set of functions implemented using lambda-cfn to monitor an organization's AWS infrastructure for best practices, security and compliance.

A python library built to empower developers to build applications and systems with self-contained Computer Vision capabilities

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)