lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+2765.91%)
DependencycheckOWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Stars: ✭ 3,571 (+8015.91%)
Find Sec BugsThe SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Stars: ✭ 1,748 (+3872.73%)
Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+7015.91%)
cpan-auditCheck CPAN modules for known security vulnerabilities
Stars: ✭ 27 (-38.64%)
npmdcruby gem to check for missed NPM dependencies
Stars: ✭ 38 (-13.64%)
CIS-Ubuntu-20.04-AnsibleAnsible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
Stars: ✭ 150 (+240.91%)
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (+79.55%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+5138.64%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+6586.36%)
Grauditgrep rough audit - source code auditing tool
Stars: ✭ 747 (+1597.73%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+20665.91%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+325%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (+277.27%)
MarsnakeSystem Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems
Stars: ✭ 16 (-63.64%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+1531.82%)
dep-scanFully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (+686.36%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (+759.09%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+838.64%)
Cve Searchcve-search - a tool to perform local searches for known vulnerabilities
Stars: ✭ 1,765 (+3911.36%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+20000%)
assimilation-officialThis is the official main repository for the Assimilation project
Stars: ✭ 47 (+6.82%)
dependency-track-maven-pluginMaven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable dependencies are found.
Stars: ✭ 28 (-36.36%)
reactBasic Primitives Diagrams for React. Data visualization components library that implements organizational chart and multi-parent dependency diagrams.
Stars: ✭ 15 (-65.91%)
poc-jwtPOC about usage of JSON Web Tokens (JWT) in a secure way.
Stars: ✭ 18 (-59.09%)
FUNDED NISLFUNDED is a novel learning framework for building vulnerability detection models.
Stars: ✭ 49 (+11.36%)
ftwFramework for Testing WAFs (FTW!)
Stars: ✭ 106 (+140.91%)
cyclonedx-php-composerCreate CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Stars: ✭ 20 (-54.55%)
pciPacket communication investigator
Stars: ✭ 82 (+86.36%)
fillinfill-in your command and execute
Stars: ✭ 140 (+218.18%)
containers-security-projectA place for documenting threats and mitigations related to containers orchestrators (Kubernetes, Swarm etc)
Stars: ✭ 25 (-43.18%)
dtrack-auditOWASP Dependency Track API client for intergration into CI/CD pipeline
Stars: ✭ 30 (-31.82%)
owtf-dockerDocker repository for OWTF (64-bit Kali)
Stars: ✭ 32 (-27.27%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-45.45%)
PyCPUCentral Processing Unit Information Gathering Tool
Stars: ✭ 19 (-56.82%)
SpydanA web spider for shodan.io without using the Developer API.
Stars: ✭ 30 (-31.82%)
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Stars: ✭ 28 (-36.36%)
clair-cicdMaking CoreOS' Clair easily work in CI/CD pipelines
Stars: ✭ 27 (-38.64%)
vapivAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (+1431.82%)
cwe-sdk-javascriptA Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
Stars: ✭ 18 (-59.09%)
kcare-ucheckerA simple tool to detect outdated shared libraries
Stars: ✭ 174 (+295.45%)
tell-me-your-secretsFind secrets on any machine from over 120 Different Signatures.
Stars: ✭ 31 (-29.55%)
docker-wallarm-node⚡️ Docker official image for Wallarm Node. API security platform agent.
Stars: ✭ 18 (-59.09%)
owasp-zap-jwt-addonOWASP ZAP addon for finding vulnerabilities in JWT Implementations
Stars: ✭ 23 (-47.73%)
ehidsA Linux Host-based Intrusion Detection System based on eBPF.
Stars: ✭ 210 (+377.27%)
vsauditVOIP Security Audit Framework
Stars: ✭ 104 (+136.36%)
OpossumUIA light-weight app to audit and inventory large codebases for open source license compliance.
Stars: ✭ 32 (-27.27%)
GNNSCVulDetectorSmart Contract Vulnerability Detection Using Graph Neural Networks (IJCAI-20 Accepted)
Stars: ✭ 42 (-4.55%)
merge-confidenceThe home of WhiteSource's Merge Confidence feature, for Renovate and WhiteSource Remediate
Stars: ✭ 41 (-6.82%)
vulnerablecodeA free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
Stars: ✭ 269 (+511.36%)
efdaEvaluation Framework for Dependency Analysis (EFDA)
Stars: ✭ 34 (-22.73%)
dotnet-security-unit-testsA web application that contains several unit tests for the purpose of .NET security
Stars: ✭ 25 (-43.18%)
phan-taint-check-pluginGithub mirror of "mediawiki/tools/phan/SecurityCheckPlugin" - our actual code is hosted with Gerrit (please see https://www.mediawiki.org/wiki/Developer_access for contributing)
Stars: ✭ 21 (-52.27%)
erebusErebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.
Stars: ✭ 72 (+63.64%)
cyclonedx-pythonCreates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.
Stars: ✭ 78 (+77.27%)
dr checker 4 linuxPort of "DR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers" to Clang/LLVM 10 and Linux Kernel
Stars: ✭ 34 (-22.73%)