962 Open source projects that are alternatives of or similar to Fwanalyzer

All-in-one tool for managing vulnerability reports from AppSec pipelines

Web application vulnerability scanner

NebulousAD automated credential auditing tool.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Secure, Unified, Powerful and Extensible Rust Android Analyzer

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

Web Scan Lazy Tools - Python Package

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

Custom memory allocator that helps discover reads from uninitialized memory

Explore Indicators of Compromise Automatically

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies

🔎 shodansploit > v1.3.0

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Automated NoSQL database enumeration and web application exploitation tool.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

A Go implementation of dirsearch.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

Ghidra Analysis Enhancer 🐉

Source Code Security Audit (源代码安全审计)

Dashboard to collect, analyze, and respond to reported phishing emails.

A simple auditing utility for macOS

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.

This is the official main repository for the Assimilation project

一键提取安卓应用中可能存在的敏感信息。

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

VOIP Security Audit Framework

This ansible role gets information from an AWS VPC and generate a graphical representation of security groups

ssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation

Trigram database written in C++, suited for malware indexing

Powerful Visual Subdomain Enumeration at the Click of a Mouse

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

Set of tools to audit SIP based VoIP Systems

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

A Blazing fast Security Auditing tool for Kubernetes

HackerOne "in scope" domains

This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

Web-based Source Code Vulnerability Scanner

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.

⚡️ Docker official image for Wallarm Node. API security platform agent.

Patch-level verification for Bundler

Plugin to block compilation when unapproved dependencies are used or code styling does not comply.

Helps you continuously monitor and fix common security vulnerabilities in your Django application.

Enables and use of the concept of security in your Delphi applications

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

YARA malware query accelerator (web frontend)

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

安全编排与自动化响应平台

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

secureCodeBox (SCB) - continuous secure delivery out of the box