Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-45.95%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+824.28%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+264.45%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+2540.75%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+19.36%)
ProwlerProwler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Stars: ✭ 4,561 (+1218.21%)
cyclonedx-dotnetCreates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
Stars: ✭ 110 (-68.21%)
specificationSoftware Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis
Stars: ✭ 129 (-62.72%)
cyclonedx-pythonCreates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.
Stars: ✭ 78 (-77.46%)
cdxgenCreates CycloneDX Software Bill-of-Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI//CD pipeline with automatic submission to Dependency Track server.
Stars: ✭ 75 (-78.32%)
cyclonedx-maven-pluginCreates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Stars: ✭ 103 (-70.23%)
TfsecSecurity scanner for your Terraform code
Stars: ✭ 3,622 (+946.82%)
cyclonedx-cliCycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Stars: ✭ 154 (-55.49%)
prowlerProwler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+2225.43%)
cyclonedx-php-composerCreate CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Stars: ✭ 20 (-94.22%)
ochrona-cliA command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs
Stars: ✭ 46 (-86.71%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-79.19%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (+86.42%)
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (+63.58%)
scancode.ioScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
Stars: ✭ 66 (-80.92%)
cyclonedx-node-modulecreates CycloneDX Software Bill of Materials (SBOM) from node-based projects
Stars: ✭ 104 (-69.94%)
vulnerability-dbVulnerability database and package search for sources such as OSV, NVD, GitHub and npm.
Stars: ✭ 36 (-89.6%)
vulnerablecodeA free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
Stars: ✭ 269 (-22.25%)
Sec Admin分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
Stars: ✭ 222 (-35.84%)
IvaIVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.
Stars: ✭ 49 (-85.84%)
interceptINTERCEPT / Policy as Code Static Analysis Auditing / SAST
Stars: ✭ 54 (-84.39%)
VfeedThe Correlated CVE Vulnerability And Threat Intelligence Database API
Stars: ✭ 826 (+138.73%)
inthewilddbHourly updated database of exploit and exploitation reports
Stars: ✭ 127 (-63.29%)
vulndb-data-mirrorA simple Java command-line utility to mirror the entire contents of VulnDB.
Stars: ✭ 36 (-89.6%)
WhispersIdentify hardcoded secrets and dangerous behaviours
Stars: ✭ 66 (-80.92%)
TrivyScanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
Stars: ✭ 9,673 (+2695.66%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+566.18%)
dependency-check-py🔐 Shim to easily install OWASP dependency-check-cli into Python projects
Stars: ✭ 44 (-87.28%)
django-security-checkHelps you continuously monitor and fix common security vulnerabilities in your Django application.
Stars: ✭ 69 (-80.06%)
cscannerAn open source, multi-cloud DevSecOps compliance checker
Stars: ✭ 19 (-94.51%)
havengrc☁️Haven GRC - easier governance, risk, and compliance 👨⚕️👮♀️🦸♀️🕵️♀️👩🔬
Stars: ✭ 83 (-76.01%)
Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+804.91%)
Salt ScannerLinux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (-24.57%)
RaptorWeb-based Source Code Vulnerability Scanner
Stars: ✭ 314 (-9.25%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (+130.06%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+2456.07%)
cyclonedx-gomodCreates CycloneDX Software Bill of Materials (SBOM) from Go modules
Stars: ✭ 27 (-92.2%)
CheckovPrevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+932.37%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (+9.25%)
Gda Android Reversing ToolGDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…
Stars: ✭ 2,332 (+573.99%)
KccssKubernetes Common Configuration Scoring System
Stars: ✭ 111 (-67.92%)
CobraSource Code Security Audit (源代码安全审计)
Stars: ✭ 2,802 (+709.83%)
AnteaterAnteater - CI/CD Gate Check Framework
Stars: ✭ 174 (-49.71%)
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (-50%)
cwe-toolA command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Stars: ✭ 40 (-88.44%)
FilewatcherA simple auditing utility for macOS
Stars: ✭ 233 (-32.66%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (-52.02%)
BettercapDEPRECATED, bettercap developement moved here: https://github.com/bettercap/bettercap
Stars: ✭ 2,518 (+627.75%)
DirsearchA Go implementation of dirsearch.
Stars: ✭ 164 (-52.6%)
DevSecOpsUltimate DevSecOps library
Stars: ✭ 4,450 (+1186.13%)