503 Open source projects that are alternatives of or similar to H1domains

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies

Plugin to block compilation when unapproved dependencies are used or code styling does not comply.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

A tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.

Performing security tests inside your CI

Dashboard to collect, analyze, and respond to reported phishing emails.

Secure, Unified, Powerful and Extensible Rust Android Analyzer

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

A tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.

A static analysis security vulnerability scanner for Ruby on Rails applications

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

Trigram database written in C++, suited for malware indexing

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

🔎 shodansploit > v1.3.0

Identify vulnerabilities in running containers, images, hosts and repositories

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

Infection Monkey - An automated pentest tool

Hardening Ubuntu. Systemd edition.

Open-Source Security Architecture | 开源安全架构

NebulousAD automated credential auditing tool.

Tool for complete hardening of Linux boot chain with UEFI Secure Boot

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Explore Indicators of Compromise Automatically

安全编排与自动化响应平台

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

All-in-one tool for managing vulnerability reports from AppSec pipelines

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Vulnogram is a tool for creating and editing CVE information in CVE JSON format

Exploit Pack -The next generation exploit framework

Web Scan Lazy Tools - Python Package

secureCodeBox (SCB) - continuous secure delivery out of the box

syzkaller is an unsupervised coverage-guided kernel fuzzer

YARA malware query accelerator (web frontend)

Web application vulnerability scanner

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

Golang security checker

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

a tool to analyze filesystem images for security

Exploit management framework

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

Advanced and easy to use penetration testing framework 💣🔎

Extract uncompiled, uncompressed SPA code from Webpack source maps.

Bash script to audit and fix macOS Catalina (10.15.x) security settings

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Code from Blackhat Python book

☠️ Call of Duty - Vulnerabilities and proof-of-concepts

ContainerSSH: Launch containers on demand

Search exposed EBS volumes for secrets

Intelligence and Reconnaissance Package/Bundle installer.

AWS Identity and Access Management Visualizer and Anomaly Finder

The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account, multi-region AWS environments on an ongoing basis. The power of the solution is the configuration file which enables the completely automated deployment of customizable architectures within AWS without changing a single line of code.

Ghidra Analysis Enhancer 🐉

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐