203 Open source projects that are alternatives of or similar to LightVerifier

OpenEmbedded layer for the use cases on secure boot, integrity and encryption

A community collection of security reviews of open source software components.

Confidential Computing Zoo provides confidential computing solutions based on Intel SGX, TDX, HEXL, etc. technologies.

webxoss game logic

Public developer API documentation for Gods Unchained.

VOIP Security Audit Framework

Docker auditing and enumeration script.

Making CoreOS' Clair easily work in CI/CD pipelines

Provides various Windows Server Active Directory (AD) security-focused reports.

Jxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).

Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.

CodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules. Beta version.

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

ISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.

A simple tool to detect outdated shared libraries

A Github Repository Created to compliment a BSides Canberra 2018 talk on SharePoint Security.

SEC分布式资产扫描系统

📝 TMUX Configuration for nerds with tpm

Container Snitch checks running processes under the Docker Engine and alerts if any are found to be running as root

Audits Python environments and dependency trees for known vulnerabilities

A humble, and fast, security-oriented HTTP headers analyzer

Open Source SIEM (Security Information and Event Management system).

A Linux Host-based Intrusion Detection System based on eBPF.

Python source code auditing and static analysis on a large scale

Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!

Menu driven wordlist generator in C++

RFMap - Radio Frequency Mapper

A web spider for shodan.io without using the Developer API.

LIFARS Networking Security GNU/Linux distro

Misc. Public Reports of Penetration Testing and Security Audits.

Scan Singularity container images using a Clair server

⚡️ Docker official image for Wallarm Node. API security platform agent.

PKCS#11 library and tools for Linux. Includes tokens supporting TPM and IBM crypto hardware as well as a software token.

Check CPAN modules for known security vulnerabilities

RubySec Field Guide

Github mirror of "mediawiki/tools/phan/SecurityCheckPlugin" - our actual code is hosted with Gerrit (please see https://www.mediawiki.org/wiki/Developer_access for contributing)

Want to see how something like Internet Chemotherapy works without bricking your own vms? This is a jail to reduce the python runtime from doing bad things on the host when running untrusted code. Nerf what you do not need 👾 + 🐛 ⚽ 🏈 🐳

Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation

The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.

A curated list of security resources for a Ruby on Rails application

DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source

The ITP/IMA Code of Conduct is an evolving work-in-progress document that establishes and communicates the commitment of the ITP/IMA community to uphold a key set of standards and obligations that aim to make ITP/IMA an inclusive and welcoming environment.

A small subset of the submitted sample data from https://github.com/GrapheneOS/Auditor. It has a sample attestation certificate chain per device model (ro.product.model) along with a subset of the system properties from the sample as supplementary information.

Server code for use with the Auditor app: https://github.com/GrapheneOS/Auditor. It provides two services: submission of attestation data samples and a remote attestation implementation with email alerts to go along with the local implementation based on QR code scanning in the app.

TPM2 Access Broker & Resource Management Daemon implementing the TCG spec.

Find secrets on any machine from over 120 Different Signatures.

Server-side library to validate the authenticity of Apple App Attest artifacts, written in Kotlin.

Quickly find modifications in Magento 1 or Magento 2 core code

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.

Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber

Chat Bot Security Checklist

This is the official main repository for the Assimilation project

Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!

Python SDK for Magickartenmarkt API

🔐 Shim to easily install OWASP dependency-check-cli into Python projects

Different utility scripts for pentesting and hacking.

Packet communication investigator

Logmira by Blumira has been created by Amanda Berlin as a helpful download of Microsoft Windows Domain Group Policy Object settings.

(Android) Hide encrypted secret API keys in C/C++ code, retrieve and decrypt them via JNI. Google SafetyNet APIs example.