WynisAudit Windows Security with best Practice
Stars: ✭ 116 (+510.53%)
Gcp AuditA tool for auditing security properties of GCP projects.
Stars: ✭ 140 (+636.84%)
Github DorksFind leaked secrets via github search
Stars: ✭ 1,332 (+6910.53%)
Nndefacctsnnposter's alternate fingerprint dataset for Nmap script http-default-accounts
Stars: ✭ 180 (+847.37%)
WhispersIdentify hardcoded secrets and dangerous behaviours
Stars: ✭ 66 (+247.37%)
Gda Android Reversing ToolGDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…
Stars: ✭ 2,332 (+12173.68%)
Striptlsproxy poc implementation of STARTTLS stripping attacks
Stars: ✭ 163 (+757.89%)
LibdiffuzzCustom memory allocator that helps discover reads from uninitialized memory
Stars: ✭ 147 (+673.68%)
Secure Ios App DevCollection of the most common vulnerabilities found in iOS applications
Stars: ✭ 1,288 (+6678.95%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+857.89%)
Roslyn Security GuardRoslyn analyzers that aim to help security audit on .NET applications.
Stars: ✭ 214 (+1026.32%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+10047.37%)
AnteaterAnteater - CI/CD Gate Check Framework
Stars: ✭ 174 (+815.79%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (+510.53%)
FilewatcherA simple auditing utility for macOS
Stars: ✭ 233 (+1126.32%)
KccssKubernetes Common Configuration Scoring System
Stars: ✭ 111 (+484.21%)
DirsearchA Go implementation of dirsearch.
Stars: ✭ 164 (+763.16%)
VsauditVOIP Security Audit Framework
Stars: ✭ 97 (+410.53%)
ReplicaGhidra Analysis Enhancer 🐉
Stars: ✭ 194 (+921.05%)
FrostUnit testing framework for test driven security of AWS, GCP, Heroku and more.
Stars: ✭ 91 (+378.95%)
HardentheworldHarden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.
Stars: ✭ 158 (+731.58%)
Ssti Payloads🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (+689.47%)
Btle SnifferPassively scan for Bluetooth Low Energy devices and attempt to fingerprint them
Stars: ✭ 87 (+357.89%)
Biu FrameworkBiu-framework🚀 Security Scan Framework For Enterprise Intranet Based Services(企业内网基础服务安全扫描框架)
Stars: ✭ 183 (+863.16%)
Mix audit🕵️♀️ MixAudit provides a mix deps.audit task to scan a project Mix dependencies for known Elixir security vulnerabilities
Stars: ✭ 146 (+668.42%)
Sec Admin分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
Stars: ✭ 222 (+1068.42%)
Sqlite LabThis code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
Stars: ✭ 140 (+636.84%)
YawastYAWAST ...where a pentest starts. Security Toolkit for Web-based Applications
Stars: ✭ 181 (+852.63%)
Edr Testing ScriptTest the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Stars: ✭ 136 (+615.79%)
CobraSource Code Security Audit (源代码安全审计)
Stars: ✭ 2,802 (+14647.37%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+9500%)
Find Sec BugsThe SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Stars: ✭ 1,748 (+9100%)
G ScoutGoogle Cloud Platform Security Tool
Stars: ✭ 210 (+1005.26%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (+531.58%)
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (+810.53%)
Encrypt.toSend encrypted PGP messages with one click
Stars: ✭ 116 (+510.53%)
DockleContainer Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Stars: ✭ 1,713 (+8915.79%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (+773.68%)
CatnipCat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Stars: ✭ 108 (+468.42%)
Bundler AuditPatch-level verification for Bundler
Stars: ✭ 2,393 (+12494.74%)
DrekA static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
Stars: ✭ 103 (+442.11%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+12031.58%)
CloudsploitCloud Security Posture Management (CSPM)
Stars: ✭ 1,338 (+6942.11%)
BettercapDEPRECATED, bettercap developement moved here: https://github.com/bettercap/bettercap
Stars: ✭ 2,518 (+13152.63%)
Aws Securitygroup GrapherThis ansible role gets information from an AWS VPC and generate a graphical representation of security groups
Stars: ✭ 93 (+389.47%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+752.63%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (+368.42%)
OpencspmOpen Cloud Security Posture Management Engine
Stars: ✭ 191 (+905.26%)
NebulousadNebulousAD automated credential auditing tool.
Stars: ✭ 158 (+731.58%)
prowlerProwler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+42247.37%)
RspetRSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Stars: ✭ 251 (+1221.05%)
KubestrikerA Blazing fast Security Auditing tool for Kubernetes
Stars: ✭ 213 (+1021.05%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+884.21%)
Git ScannerA tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Stars: ✭ 157 (+726.32%)