BanditBandit is a tool designed to find common security issues in Python code.
Stars: ✭ 3,763 (+3553.4%)
YawastYAWAST ...where a pentest starts. Security Toolkit for Web-based Applications
Stars: ✭ 181 (+75.73%)
Kube ScoreKubernetes object analysis with recommendations for improved reliability and security
Stars: ✭ 1,128 (+995.15%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+3318.45%)
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (+67.96%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (+61.17%)
Sonar Php 🐘 SonarPHP: PHP static analyzer for SonarQube & SonarLint
Stars: ✭ 288 (+179.61%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+2137.86%)
VsauditVOIP Security Audit Framework
Stars: ✭ 97 (-5.83%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+57.28%)
Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+2939.81%)
NebulousadNebulousAD automated credential auditing tool.
Stars: ✭ 158 (+53.4%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (+526.21%)
Ssti Payloads🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (+45.63%)
NullawayA tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
Stars: ✭ 3,035 (+2846.6%)
Mix audit🕵️♀️ MixAudit provides a mix deps.audit task to scan a project Mix dependencies for known Elixir security vulnerabilities
Stars: ✭ 146 (+41.75%)
Flake8The official GitHub mirror of https://gitlab.com/pycqa/flake8
Stars: ✭ 1,112 (+979.61%)
Sqlite LabThis code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
Stars: ✭ 140 (+35.92%)
ChronosChronos - A static race detector for the go language
Stars: ✭ 272 (+164.08%)
Edr Testing ScriptTest the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Stars: ✭ 136 (+32.04%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (+514.56%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+1670.87%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+2756.31%)
Find Sec BugsThe SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Stars: ✭ 1,748 (+1597.09%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (+16.5%)
Encrypt.toSend encrypted PGP messages with one click
Stars: ✭ 116 (+12.62%)
Osquery ConfigurationA repository for using osquery for incident detection and response
Stars: ✭ 618 (+500%)
DockleContainer Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Stars: ✭ 1,713 (+1563.11%)
ElectriceyeContinuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: ✭ 255 (+147.57%)
CatnipCat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Stars: ✭ 108 (+4.85%)
Ail FrameworkAIL framework - Analysis Information Leak framework
Stars: ✭ 1,091 (+959.22%)
DetectionlabAutomate the creation of a lab environment complete with security tooling and logging best practices
Stars: ✭ 3,237 (+3042.72%)
Werdlists⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases
Stars: ✭ 216 (+109.71%)
Skf FlaskSecurity Knowledge Framework (SKF) Python Flask / Angular project
Stars: ✭ 573 (+456.31%)
unimportA linter, formatter for finding and removing unused import statements.
Stars: ✭ 119 (+15.53%)
Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (+77.67%)
FrostUnit testing framework for test driven security of AWS, GCP, Heroku and more.
Stars: ✭ 91 (-11.65%)
ScyllaThe Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Stars: ✭ 154 (+49.51%)
aws-enumeratorThe AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud review in case the security researcher compromised AWS Account Credentials.
Stars: ✭ 94 (-8.74%)
Docker MispAutomated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
Stars: ✭ 148 (+43.69%)
Phpdoc ParserNext-gen phpDoc parser with support for intersection types and generics
Stars: ✭ 569 (+452.43%)
Android-CICDThis repo demonstrates how to work on CI/CD for Mobile Apps 📱 using Github Actions 💊 + Firebase Distribution 🎉
Stars: ✭ 37 (-64.08%)
GiggityWraps github api for openly available information about an organization, user, or repo
Stars: ✭ 111 (+7.77%)
SlowlorisAsynchronous Python implementation of SlowLoris DoS attack
Stars: ✭ 51 (-50.49%)
Security4DelphiEnables and use of the concept of security in your Delphi applications
Stars: ✭ 39 (-62.14%)
SnifferA Sniffer for Open-WLAN
Stars: ✭ 103 (+0%)
Awesome Cloud SecurityCurated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
Stars: ✭ 98 (-4.85%)
Github DorksFind leaked secrets via github search
Stars: ✭ 1,332 (+1193.2%)
Btle SnifferPassively scan for Bluetooth Low Energy devices and attempt to fingerprint them
Stars: ✭ 87 (-15.53%)
IotsharkIotShark - Monitoring and Analyzing IoT Traffic
Stars: ✭ 69 (-33.01%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+644.66%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+3940.78%)
vulntestStatic code analysis test source code
Stars: ✭ 24 (-76.7%)