VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+49033.33%)
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (+100%)
WsltoolsWeb Scan Lazy Tools - Python Package
Stars: ✭ 288 (+1500%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (+1894.44%)
SuperSecure, Unified, Powerful and Extensible Rust Android Analyzer
Stars: ✭ 340 (+1788.89%)
NosqliNoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
Stars: ✭ 120 (+566.67%)
secure-pipeline-advisorImprove your code security by running different security checks/validation in a simple way.
Stars: ✭ 25 (+38.89%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (+1100%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+17666.67%)
sandfly-setupSandfly Security Agentless Compromise and Intrusion Detection System For Linux
Stars: ✭ 45 (+150%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+938.89%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (+483.33%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+1916.67%)
NetworkAlarmA tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.
Stars: ✭ 17 (-5.56%)
Wafw00fWAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
Stars: ✭ 2,983 (+16472.22%)
Salt ScannerLinux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (+1350%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+50661.11%)
InqlInQL - A Burp Extension for GraphQL Security Testing
Stars: ✭ 715 (+3872.22%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (+4322.22%)
Golang TlsSimple Golang HTTPS/TLS Examples
Stars: ✭ 857 (+4661.11%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (+300%)
HoperSecurity tool to trace URL's jumps across the rel links to obtain the last URL
Stars: ✭ 50 (+177.78%)
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (+338.89%)
assimilation-officialThis is the official main repository for the Assimilation project
Stars: ✭ 47 (+161.11%)
NebulousadNebulousAD automated credential auditing tool.
Stars: ✭ 158 (+777.78%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+800%)
xssmapIntelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
Stars: ✭ 107 (+494.44%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (+2772.22%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (+2272.22%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (+800%)
Btle SnifferPassively scan for Bluetooth Low Energy devices and attempt to fingerprint them
Stars: ✭ 87 (+383.33%)
humbleA humble, and fast, security-oriented HTTP headers analyzer
Stars: ✭ 17 (-5.56%)
WhatwafDetect and bypass web application firewalls and protection systems
Stars: ✭ 1,881 (+10350%)
kcare-ucheckerA simple tool to detect outdated shared libraries
Stars: ✭ 174 (+866.67%)
Awesome Waf🔥 Everything about web-application firewalls (WAF).
Stars: ✭ 4,047 (+22383.33%)
django-security-checkHelps you continuously monitor and fix common security vulnerabilities in your Django application.
Stars: ✭ 69 (+283.33%)
Security4DelphiEnables and use of the concept of security in your Delphi applications
Stars: ✭ 39 (+116.67%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+12705.56%)
YawastYAWAST ...where a pentest starts. Security Toolkit for Web-based Applications
Stars: ✭ 181 (+905.56%)
CobraSource Code Security Audit (源代码安全审计)
Stars: ✭ 2,802 (+15466.67%)
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (+3044.44%)
Fwanalyzera tool to analyze filesystem images for security
Stars: ✭ 382 (+2022.22%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+4422.22%)
W5Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Stars: ✭ 367 (+1938.89%)
default-http-login-hunterLogin hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: ✭ 285 (+1483.33%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+10033.33%)
burp-aem-scannerBurp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.
Stars: ✭ 60 (+233.33%)
JxnetJxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).
Stars: ✭ 26 (+44.44%)
netscanA fast TCP port scanner
Stars: ✭ 63 (+250%)
security-reviewsA community collection of security reviews of open source software components.
Stars: ✭ 67 (+272.22%)
wafbypasserNo description or website provided.
Stars: ✭ 73 (+305.56%)
pyFireEyePython API bindings for FireEye Products
Stars: ✭ 12 (-33.33%)
roxy-wiWeb interface for managing Haproxy, Nginx, Apache and Keepalived servers
Stars: ✭ 1,109 (+6061.11%)
RFMapRFMap - Radio Frequency Mapper
Stars: ✭ 23 (+27.78%)
atlasSecure Distributed Thanos Deployment using an Observability Cluster
Stars: ✭ 39 (+116.67%)
apiclarityReconstruct Open API Specifications from real-time workload traffic seamlessly.
Stars: ✭ 290 (+1511.11%)