515 Open source projects that are alternatives of or similar to Linux Secureboot Kit

Drone pentesting framework console

Enables and use of the concept of security in your Delphi applications

The Cyber Security Platform MeliCERTes is part of the European Strategy for Cyber Security. MeliCERTes is a network for establishing confidence and trust among the national Computer Security Incident Response Teams (CSIRTs) of the Member States and for promoting swift and effective operational cooperation.

PoC code from DEF CON 25 presentation

Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.

A Virtual environment for Pentesting IoT Devices

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

Awesome Java Security Resources 🕶☕🔐

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Linux命令转发记录

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Attack surface mapping

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

Patch-level verification for Bundler

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

A tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.

ContainerSSH: Launch containers on demand

Alcide Kubernetes Audit Log Analyzer - Alcide kAudit

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

一键提取安卓应用中可能存在的敏感信息。

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

🤖 The Modern Port Scanner 🤖

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

A simple Security Camera example which detects motion and perform face recognition

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Store data in a simple and secure way

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Automated Mass Exploiter

Create complex tools execution Workflows for working together

Search exposed EBS volumes for secrets

A checklist for staying safe on the internet

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

Secure-by-default HTTP servers in Go.

Firmware Analysis and Comparison Tool

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

Remove code signatures from OSX Mach-O binaries (note: unsigned binaries cannot currently be re-codesign'ed. Patches welcome!)

A ZigBee hacking toolkit by Bishop Fox

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

A Go implementation of dirsearch.

WEB SERVICE SECURITY ASSESSMENT TOOL

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Wazuh - Puppet module

Golang安全资源合集

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Attack Surface Management Platform | Sn1perSecurity LLC

GitHub Advance Security Compliance Action

Exein core for Linux based firmware

Find secrets and passwords in container images and file systems

Vulnerability assessment and penetration testing automation and reporting platform for teams.

A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.

A "SIP Torture" (RFC 4475) testing suite.

⚡️ Docker official image for Wallarm Node. API security platform agent.

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Automation and Scaling of Digital Forensics Tools

A terraform module to create a VPC with secure default configurations.