839 Open source projects that are alternatives of or similar to Jsprime

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

Kubernetes RBAC static Analysis & visualisation tool

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

Security scanner coordinator

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Application and Service Fingerprinting

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

Source Code Security Audit (源代码安全审计)

Awesome Python Security resources 🕶🐍🔐

A default credential scanner.

Simple Golang HTTPS/TLS Examples

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Official Black Hat Arsenal Security Tools Repository

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

nodejsscan is a static security code scanner for Node.js applications.

Semgrep rules registry

Awesome Java Security Resources 🕶☕🔐

Web Scan Lazy Tools - Python Package

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Open-Source Security Architecture | 开源安全架构

Golang安全资源合集

Enumeration sub domains(枚举子域名)

A Machine Learning approach for classifying a file as Malicious or Legitimate

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

🆕 The Multi-Tool Web Vulnerability Scanner.

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

Golang security checker

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

A static analysis security vulnerability scanner for Ruby on Rails applications

InQL - A Burp Extension for GraphQL Security Testing

NodeJS Simple Network Scanner

Awesome Golang Security resources 🕶🔐

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Telling tales on you for leaking secrets!

Secure, Unified, Powerful and Extensible Rust Android Analyzer

Web application vulnerability scanner

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Android Mobile Device Hardening

🔎 shodansploit > v1.3.0

Awesome .NET Security Resources

WEB SERVICE SECURITY ASSESSMENT TOOL

DNS Subdomain● Brute force ● Web Spider ● Nmap Scan ● etc

kube-scan: Octarine k8s cluster risk assessment tool

🐞 Primitive Erlang Security Tool

Bandit is a tool designed to find common security issues in Python code.

Performing security tests inside your CI

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Attack Surface Management Platform | Sn1perSecurity LLC