395 Open source projects that are alternatives of or similar to Drek

Bandit is a tool designed to find common security issues in Python code.

YAWAST ...where a pentest starts. Security Toolkit for Web-based Applications

Kubernetes object analysis with recommendations for improved reliability and security

A collection of public security audits.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

scalastyle

A simple tool for interacting with OWASP ZAP from the commandline.

🐘 SonarPHP: PHP static analyzer for SonarQube & SonarLint

Advanced vulnerability scanning with Nmap NSE

VOIP Security Audit Framework

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

NebulousAD automated credential auditing tool.

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

🎯 Server Side Template Injection Payloads

A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead

🕵️‍♀️ MixAudit provides a mix deps.audit task to scan a project Mix dependencies for known Elixir security vulnerabilities

The official GitHub mirror of https://gitlab.com/pycqa/flake8

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

Chronos - A static race detector for the go language

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Web Application Security Scanner Framework

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

List of Maven examples

Powerful Visual Subdomain Enumeration at the Click of a Mouse

PHP Security Check List [ EN ] 🌋 ☣️

Send encrypted PGP messages with one click

A repository for using osquery for incident detection and response

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

AIL framework - Analysis Information Leak framework

Automate the creation of a lab environment complete with security tooling and logging best practices

Code Climate engine for code duplication analysis

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

Security Knowledge Framework (SKF) Python Flask / Angular project

Ansible role to apply a security baseline. Systemd edition.

A linter, formatter for finding and removing unused import statements.

Advanced and easy to use penetration testing framework 💣🔎

Unit testing framework for test driven security of AWS, GCP, Heroku and more.

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud review in case the security researcher compromised AWS Account Credentials.

Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

Next-gen phpDoc parser with support for intersection types and generics

Wireshark Cheat Sheet

This repo demonstrates how to work on CI/CD for Mobile Apps 📱 using Github Actions 💊 + Firebase Distribution 🎉

Wraps github api for openly available information about an organization, user, or repo

Asynchronous Python implementation of SlowLoris DoS attack

Enables and use of the concept of security in your Delphi applications

A Sniffer for Open-WLAN

Curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.

Find leaked secrets via github search

Passively scan for Bluetooth Low Energy devices and attempt to fingerprint them

IotShark - Monitoring and Analyzing IoT Traffic

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Static code analysis test source code