2048 Open source projects that are alternatives of or similar to Lynis

Infrastructure monitoring framework turning DevOps runbooks into automated actions

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.

NodeJS Simple Network Scanner

Find secrets and passwords in container images and file systems

Collection of the most common vulnerabilities found in iOS applications

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

Enable Self-Service Operations: Give specific users access to your existing tools, services, and scripts

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

⭐️ A curated list of companies that offer their services for free to Open Source projects

Build and orchestrate your development environments with LXD - a.k.a. Vagrant is Too Heavy™

hacker, ready for more of our story ! 🚀

Security scanner coordinator

Reads from existing Cloud Providers (reverse Terraform) and generates your infrastructure as code on Terraform configuration

Quick and Easy server testing/validation

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies

This ansible role gets information from an AWS VPC and generate a graphical representation of security groups

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

Simplifying Seccomp enforcement in containerized or non-containerized apps

Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest!

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

Set of tools to audit SIP based VoIP Systems

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

The Correlated CVE Vulnerability And Threat Intelligence Database API

vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

🎖safely* install packages with npm or yarn by auditing them as part of your install process

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

A framework for gradual system automation

a javascript static security analysis tool

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

Ghidra Analysis Enhancer 🐉

Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark

A Mighty CLI for AWS

Security Knowledge Framework (SKF) Python Flask / Angular project

Compliance automation framework, focused on SOC2

Open-source tool to enforce privacy & security best-practices on Windows and macOS, because privacy is sexy 🍑🍆

A static analysis tool for security

HackerOne "in scope" domains

Azure-related repository

Azure PCI PaaS Reference Architecture

prometheus offline data recorder and backfiller

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

AWS bulk tagging tool

Hacking Toolkit

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

Validate infrastructure as code (IaC) and objects using PowerShell rules.

Forecast Lambda functions costs 💰

A collection of awesome security hardening guides, tools and other resources

Semi-automatic OSINT framework and package manager

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

A Binary Ninja plugin for vulnerability research.

🔎 Python framework to automatically discover and enumerate hosts from different back-end systems (Shodan, Censys)

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

Easily configure macOS security settings from the terminal.

Build powerful pipelines in any programming language.