Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). π
Stars: β 187 (-94.15%)
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: β 242 (-92.43%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: β 72 (-97.75%)
Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: β 443 (-86.15%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: β 2,305 (-27.92%)
NmapIdiomatic nmap library for go developers
Stars: β 391 (-87.77%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: β 382 (-88.06%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: β 378 (-88.18%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: β 1,802 (-43.65%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: β 678 (-78.8%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: β 182 (-94.31%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: β 162 (-94.93%)
dep-scanFully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: β 346 (-89.18%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: β 62 (-98.06%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: β 413 (-87.09%)
PwndocPentest Report Generator
Stars: β 417 (-86.96%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: β 363 (-88.65%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: β 8,844 (+176.55%)
default-http-login-hunterLogin hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: β 285 (-91.09%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: β 105 (-96.72%)
H4ckerThis repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: β 10,451 (+226.8%)
Xunfengε·‘ι£ζ―δΈζ¬Ύιη¨δΊδΌδΈε
η½ηζΌζ΄εΏ«ιεΊζ₯οΌε·‘θͺζ«ζη³»η»γ
Stars: β 3,131 (-2.1%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: β 556 (-82.61%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: β 45 (-98.59%)
ArchstrikeAn Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Stars: β 401 (-87.46%)
HabuHacking Toolkit
Stars: β 635 (-80.14%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: β 847 (-73.51%)
Gourdscanv2θ’«ε¨εΌζΌζ΄ζ«ζη³»η»
Stars: β 740 (-76.86%)
DirsearchWeb path scanner
Stars: β 7,246 (+126.58%)
Salt ScannerLinux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: β 261 (-91.84%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: β 103 (-96.78%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: β 114 (-96.44%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: β 120 (-96.25%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: β 89 (-97.22%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: β 132 (-95.87%)
vulnerablecodeA free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
Stars: β 269 (-91.59%)
RedTeam toolkitRed Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
Stars: β 301 (-90.59%)
sec-scannodeSECεεΈεΌθ΅δΊ§ζ«ζη³»η»
Stars: β 8 (-99.75%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: β 4,162 (+30.14%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: β 68 (-97.87%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: β 166 (-94.81%)
Awesome Shodan Queriesπ A collection of interesting, funny, and depressing search queries to plug into shodan.io π©βπ»
Stars: β 2,758 (-13.76%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: β 267 (-91.65%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: β 427 (-86.65%)
ThreatmapperIdentify vulnerabilities in running containers, images, hosts and repositories
Stars: β 361 (-88.71%)
Detect-CVE-2017-15361-TPMDetects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber
Stars: β 34 (-98.94%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: β 2,775 (-13.23%)
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: β 566 (-82.3%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: β 24 (-99.25%)
WebmapA Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: β 188 (-94.12%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: β 9,137 (+185.71%)
KubestrikerA Blazing fast Security Auditing tool for Kubernetes
Stars: β 213 (-93.34%)
django-security-checkHelps you continuously monitor and fix common security vulnerabilities in your Django application.
Stars: β 69 (-97.84%)
FSEC-VMBackend logic implementation for Vulnerability Management System
Stars: β 19 (-99.41%)