395 Open source projects that are alternatives of or similar to Drek

The Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.

A static analysis security vulnerability scanner for Ruby on Rails applications

⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.

🔓Subdomain enumeration and information gathering tool

Java library for parsing report files from static code analysis.

Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

CodeCharta visualizes multiple code metrics using 3D tree maps.

SonarSource Static Analyzer for JavaScript and TypeScript

Kubernetes object analysis with recommendations for improved reliability and security

scalastyle

VOIP Security Audit Framework

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

The official GitHub mirror of https://gitlab.com/pycqa/flake8

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

List of Maven examples

A repository for using osquery for incident detection and response

AIL framework - Analysis Information Leak framework

Security Knowledge Framework (SKF) Python Flask / Angular project

Unit testing framework for test driven security of AWS, GCP, Heroku and more.

Next-gen phpDoc parser with support for intersection types and generics

Asynchronous Python implementation of SlowLoris DoS attack

Most usable tools for iOS penetration testing

ESLint Shareable Config for JSX support in JavaScript Standard Style

Vulnerability Patterns Detector for C# and VB.NET

pentest framework

F# analyzer that provides embedded SQL syntax analysis, type-checking for parameters and result sets and nullable column detection when writing queries using Npgsql.FSharp.

All-in-one tool for managing vulnerability reports from AppSec pipelines

Open-Source Security Architecture | 开源安全架构

🎖safely* install packages with npm or yarn by auditing them as part of your install process

A Python SDK for Tufin Orchestration Suite

Integration of Clair and Docker Registry

A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)

Code analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚

🔰渗透测试资源库🔰黑客工具🔰维基解密文件🔰木马免杀🔰信息安全🔰技能树🔰数据库泄露🔰

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

A RuboCop extension focused on enforcing Rails best practices and coding conventions.

A RuboCop extension focused on enforcing upstream best practices and coding conventions.

Soufflé is a variant of Datalog for tool designers crafting analyses in Horn clauses. Soufflé synthesizes a native parallel C++ program from a logic specification.

🔭 A modern, async Ruby gem for Shodan, the world's first search engine for Internet-connected devices.

prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.

A Ruby framework designed to aid in the penetration testing of WordPress systems.

Pentest Report Generator

A linter, formatter for finding and removing unused import statements.

ESLint Shareable Config for React/JSX support in JavaScript Standard Style

ESLint configurations and additional rules for me

My curated list of awesome links, resources and tools on infosec related topics

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

🌿 NodeJS PHP Parser - extract AST or tokens (PHP5 and PHP7)

System Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems

T.J. Watson Libraries for Analysis

Collection of the most common vulnerabilities found in iOS applications

Directory Services Internals (DSInternals) PowerShell Module and Framework

Semi-automatic OSINT framework and package manager

A Sniffer for Open-WLAN

Curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.

Find leaked secrets via github search

Passively scan for Bluetooth Low Energy devices and attempt to fingerprint them