SourcecodesnifferThe Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Stars: ✭ 87 (-15.53%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+5998.06%)
Static Analysis⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.
Stars: ✭ 9,310 (+8938.83%)
Anubis🔓Subdomain enumeration and information gathering tool
Stars: ✭ 722 (+600.97%)
Violations LibJava library for parsing report files from static code analysis.
Stars: ✭ 94 (-8.74%)
CheckstyleCheckstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
Stars: ✭ 6,481 (+6192.23%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+8770.87%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (+586.41%)
CodechartaCodeCharta visualizes multiple code metrics using 3D tree maps.
Stars: ✭ 85 (-17.48%)
SonarjsSonarSource Static Analyzer for JavaScript and TypeScript
Stars: ✭ 696 (+575.73%)
Kube ScoreKubernetes object analysis with recommendations for improved reliability and security
Stars: ✭ 1,128 (+995.15%)
VsauditVOIP Security Audit Framework
Stars: ✭ 97 (-5.83%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (+526.21%)
Flake8The official GitHub mirror of https://gitlab.com/pycqa/flake8
Stars: ✭ 1,112 (+979.61%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (+514.56%)
Osquery ConfigurationA repository for using osquery for incident detection and response
Stars: ✭ 618 (+500%)
Ail FrameworkAIL framework - Analysis Information Leak framework
Stars: ✭ 1,091 (+959.22%)
Skf FlaskSecurity Knowledge Framework (SKF) Python Flask / Angular project
Stars: ✭ 573 (+456.31%)
FrostUnit testing framework for test driven security of AWS, GCP, Heroku and more.
Stars: ✭ 91 (-11.65%)
Phpdoc ParserNext-gen phpDoc parser with support for intersection types and generics
Stars: ✭ 569 (+452.43%)
SlowlorisAsynchronous Python implementation of SlowLoris DoS attack
Stars: ✭ 51 (-50.49%)
IosMost usable tools for iOS penetration testing
Stars: ✭ 563 (+446.6%)
Security Code ScanVulnerability Patterns Detector for C# and VB.NET
Stars: ✭ 550 (+433.98%)
Pythempentest framework
Stars: ✭ 1,060 (+929.13%)
Npgsql.fsharp.analyzerF# analyzer that provides embedded SQL syntax analysis, type-checking for parameters and result sets and nullable column detection when writing queries using Npgsql.FSharp.
Stars: ✭ 103 (+0%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-30.1%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (+672.82%)
Npq🎖safely* install packages with npm or yarn by auditing them as part of your install process
Stars: ✭ 513 (+398.06%)
PytosA Python SDK for Tufin Orchestration Suite
Stars: ✭ 49 (-52.43%)
KlarIntegration of Clair and Docker Registry
Stars: ✭ 480 (+366.02%)
PhpinspectionseaA Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)
Stars: ✭ 1,211 (+1075.73%)
Sonar DotnetCode analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html
Stars: ✭ 466 (+352.43%)
Hack🔰渗透测试资源库🔰黑客工具🔰维基解密文件🔰木马免杀🔰信息安全🔰技能树🔰数据库泄露🔰
Stars: ✭ 460 (+346.6%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-13.59%)
Rubocop RailsA RuboCop extension focused on enforcing Rails best practices and coding conventions.
Stars: ✭ 433 (+320.39%)
Rubocop PackagingA RuboCop extension focused on enforcing upstream best practices and coding conventions.
Stars: ✭ 29 (-71.84%)
SouffleSoufflé is a variant of Datalog for tool designers crafting analyses in Horn clauses. Soufflé synthesizes a native parallel C++ program from a logic specification.
Stars: ✭ 426 (+313.59%)
Shodanz🔭 A modern, async Ruby gem for Shodan, the world's first search engine for Internet-connected devices.
Stars: ✭ 74 (-28.16%)
Preallocprealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.
Stars: ✭ 419 (+306.8%)
PwndocPentest Report Generator
Stars: ✭ 417 (+304.85%)
UnimportA linter, formatter for finding and removing unused import statements.
Stars: ✭ 96 (-6.8%)
Eslint PluginESLint configurations and additional rules for me
Stars: ✭ 19 (-81.55%)
My Infosec AwesomeMy curated list of awesome links, resources and tools on infosec related topics
Stars: ✭ 412 (+300%)
Gscan本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
Stars: ✭ 1,177 (+1042.72%)
Php Parser🌿 NodeJS PHP Parser - extract AST or tokens (PHP5 and PHP7)
Stars: ✭ 400 (+288.35%)
MarsnakeSystem Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems
Stars: ✭ 16 (-84.47%)
WalaT.J. Watson Libraries for Analysis
Stars: ✭ 395 (+283.5%)
Secure Ios App DevCollection of the most common vulnerabilities found in iOS applications
Stars: ✭ 1,288 (+1150.49%)
Dsinternals Directory Services Internals (DSInternals) PowerShell Module and Framework
Stars: ✭ 776 (+653.4%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+690.29%)
SnifferA Sniffer for Open-WLAN
Stars: ✭ 103 (+0%)
Awesome Cloud SecurityCurated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
Stars: ✭ 98 (-4.85%)
Github DorksFind leaked secrets via github search
Stars: ✭ 1,332 (+1193.2%)
Btle SnifferPassively scan for Bluetooth Low Energy devices and attempt to fingerprint them
Stars: ✭ 87 (-15.53%)