395 Open source projects that are alternatives of or similar to Drek

🐞 Primitive Erlang Security Tool

Identify hardcoded secrets and dangerous behaviours

CodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules. Beta version.

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments

iOS/macOS/Linux Remote Administration Tool

Scripts to gather system configuration information for offline/remote auditing

pentest framework

Security tool to trace URL's jumps across the rel links to obtain the last URL

CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys

Potiron - Normalize, Index and Visualize Network Capture

🔑 Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)

The Hy Transformer

This ansible role gets information from an AWS VPC and generate a graphical representation of security groups

A static code analyzer for C++, C#, Lua

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

Linux命令转发记录

Cloud Security Posture Management (CSPM)

A linter that replay your developing style

Functional, composable, asynchronous, type-safe Python.

Every programmer needs a rubberduck. COM add-in for the VBA & VB6 IDE (VBE).

cfmt is a tool to wrap Go comments over a certain length to a new line.

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

Simple Golang HTTPS/TLS Examples

Check read, write permissions on S3 buckets in your account

A command line security audit tool for Amazon Web Services

The Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.

⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.

Java library for parsing report files from static code analysis.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

CodeCharta visualizes multiple code metrics using 3D tree maps.

Kubernetes object analysis with recommendations for improved reliability and security

VOIP Security Audit Framework

The official GitHub mirror of https://gitlab.com/pycqa/flake8

List of Maven examples

AIL framework - Analysis Information Leak framework

Unit testing framework for test driven security of AWS, GCP, Heroku and more.

Asynchronous Python implementation of SlowLoris DoS attack

ESLint Shareable Config for JSX support in JavaScript Standard Style

F# analyzer that provides embedded SQL syntax analysis, type-checking for parameters and result sets and nullable column detection when writing queries using Npgsql.FSharp.

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

A Python SDK for Tufin Orchestration Suite

A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

A RuboCop extension focused on enforcing upstream best practices and coding conventions.

🔭 A modern, async Ruby gem for Shodan, the world's first search engine for Internet-connected devices.

A Ruby framework designed to aid in the penetration testing of WordPress systems.

A linter, formatter for finding and removing unused import statements.

ESLint configurations and additional rules for me

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

System Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems

Collection of the most common vulnerabilities found in iOS applications

Semi-automatic OSINT framework and package manager

All-in-one tool for managing vulnerability reports from AppSec pipelines

A Sniffer for Open-WLAN

Curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.

Find leaked secrets via github search