OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (-71.59%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-94.22%)
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (-79.8%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+215.63%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (-34.9%)
WsltoolsWeb Scan Lazy Tools - Python Package
Stars: ✭ 288 (-89.72%)
Salt ScannerLinux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (-90.69%)
SuperSecure, Unified, Powerful and Extensible Rust Android Analyzer
Stars: ✭ 340 (-87.87%)
Golang TlsSimple Golang HTTPS/TLS Examples
Stars: ✭ 857 (-69.41%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+226.09%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (-87.19%)
InqlInQL - A Burp Extension for GraphQL Security Testing
Stars: ✭ 715 (-74.48%)
Cs SuiteCloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
Stars: ✭ 815 (-70.91%)
KubestrikerA Blazing fast Security Auditing tool for Kubernetes
Stars: ✭ 213 (-92.4%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (-92.29%)
ChangemeA default credential scanner.
Stars: ✭ 928 (-66.88%)
MarsnakeSystem Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems
Stars: ✭ 16 (-99.43%)
ReplicaGhidra Analysis Enhancer 🐉
Stars: ✭ 194 (-93.08%)
Audit scriptsScripts to gather system configuration information for offline/remote auditing
Stars: ✭ 55 (-98.04%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-97.79%)
Gscan本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
Stars: ✭ 1,177 (-57.99%)
Doublepulsar Detection ScriptA python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
Stars: ✭ 977 (-65.13%)
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (-97.18%)
NotrulerThe opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.
Stars: ✭ 72 (-97.43%)
Btle SnifferPassively scan for Bluetooth Low Energy devices and attempt to fingerprint them
Stars: ✭ 87 (-96.9%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (-70.95%)
Bundler AuditPatch-level verification for Bundler
Stars: ✭ 2,393 (-14.6%)
EsdEnumeration sub domains(枚举子域名)
Stars: ✭ 785 (-71.98%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (-67.99%)
CatnipCat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Stars: ✭ 108 (-96.15%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (-65.6%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (-72.34%)
HoperSecurity tool to trace URL's jumps across the rel links to obtain the last URL
Stars: ✭ 50 (-98.22%)
Pentest ChainsawScrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product
Stars: ✭ 36 (-98.72%)
DockleContainer Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Stars: ✭ 1,713 (-38.87%)
NosqliNoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
Stars: ✭ 120 (-95.72%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-97.43%)
Intrigue IdentApplication and Service Fingerprinting
Stars: ✭ 70 (-97.5%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (-72.63%)
Security ScriptsA collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)
Stars: ✭ 188 (-93.29%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-96.25%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-95.86%)
VsauditVOIP Security Audit Framework
Stars: ✭ 97 (-96.54%)
PbscanFaster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.
Stars: ✭ 122 (-95.65%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (-1.57%)
GsilGitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
Stars: ✭ 1,764 (-37.04%)
Aws Securitygroup GrapherThis ansible role gets information from an AWS VPC and generate a graphical representation of security groups
Stars: ✭ 93 (-96.68%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-95.72%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (-31.19%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-93.5%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-94.22%)
YawastYAWAST ...where a pentest starts. Security Toolkit for Web-based Applications
Stars: ✭ 181 (-93.54%)
DirsearchA Go implementation of dirsearch.
Stars: ✭ 164 (-94.15%)
NebulousadNebulousAD automated credential auditing tool.
Stars: ✭ 158 (-94.36%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (-17.74%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+3.89%)