610 Open source projects that are alternatives of or similar to Cobra

Open-Source Security Architecture | 开源安全架构

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

kube-scan: Octarine k8s cluster risk assessment tool

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Web Scan Lazy Tools - Python Package

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

Secure, Unified, Powerful and Extensible Rust Android Analyzer

Simple Golang HTTPS/TLS Examples

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Web application vulnerability scanner

InQL - A Burp Extension for GraphQL Security Testing

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

A Blazing fast Security Auditing tool for Kubernetes

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

A default credential scanner.

System Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems

Golang安全资源合集

Ghidra Analysis Enhancer 🐉

Linux命令转发记录

Scripts to gather system configuration information for offline/remote auditing

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

🐞 Primitive Erlang Security Tool

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

Passively scan for Bluetooth Low Energy devices and attempt to fingerprint them

Semi-automatic OSINT framework and package manager

Patch-level verification for Bundler

Enumeration sub domains(枚举子域名)

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

🆕 The Multi-Tool Web Vulnerability Scanner.

Security tool to trace URL's jumps across the rel links to obtain the last URL

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

A Machine Learning approach for classifying a file as Malicious or Legitimate

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

All-in-one tool for managing vulnerability reports from AppSec pipelines

Application and Service Fingerprinting

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Set of tools to audit SIP based VoIP Systems

VOIP Security Audit Framework

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

This ansible role gets information from an AWS VPC and generate a graphical representation of security groups

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Automated NoSQL database enumeration and web application exploitation tool.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

YAWAST ...where a pentest starts. Security Toolkit for Web-based Applications

A Go implementation of dirsearch.

NebulousAD automated credential auditing tool.

Advanced vulnerability scanning with Nmap NSE

Official Black Hat Arsenal Security Tools Repository

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0