2048 Open source projects that are alternatives of or similar to Lynis

Set of tools to audit SIP based VoIP Systems

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Semi-automatic OSINT framework and package manager

Automated NoSQL database enumeration and web application exploitation tool.

🎖safely* install packages with npm or yarn by auditing them as part of your install process

A framework for gradual system automation

Scrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product

Easily configure macOS security settings from the terminal.

Security Knowledge Framework (SKF) Python Flask / Angular project

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

《白帽子讲Web扫描》书籍参考代码

An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

a javascript static security analysis tool

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

Compliance automation framework, focused on SOC2

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

Add public LoadBalancers to your local Kubernetes clusters

NodeJS Monitoring Agent

🎩 simple, fun and transparent SSH (and telnet) bastion server

Test-driven sysadmin.

distributed monitoring system

We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).

Interactive Pipe To: The Node.js cli interactive workflow

Docker Compose Templates

Advanced REST-wrapper for your SQL-queries (actually not only SQL)

运维管理平台(阿里云)，自动同步阿里云配置信息，堡垒机（容器），批量运维，Kubernetes，Zabbix管理等功能

Find exploit tool

monorepo for DepTrack

Agola: CI/CD Redefined

Directory Services Internals (DSInternals) PowerShell Module and Framework

This repository helps you to implement Infrastructure as Code best practices using Terraform and Microsoft Azure.

CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys

webhook is a lightweight incoming webhook server to run shell commands

ECS Reference Architecture for creating a flexible and scalable deployment pipeline to Amazon ECS using AWS CodePipeline

PoCC Burstcoin Reference Plotter

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

A memory-conscious alternative to os.fork() and subprocess.Popen().

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

An operating system project.

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

pentest framework

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Query, update and convert data structures from the command line. Comparable to jq/yq but supports JSON, TOML, YAML, XML and CSV with zero runtime dependencies.

Easy to use Kubernetes port forwarding manager

A multi-platform library for OpenGL, OpenGL ES, Vulkan, window and input

A curated list of Site Reliability and Production Engineering resources.

gathers Python stack for DevOps, these are usually my basic templates use for my implementations, so, feel free to use it and evolve it! Everything is Docker!

Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.

无状态子域名爆破工具

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!

All the UNIX and UNIX-Like: Linux, BSD, macOS, Illumos, 9front, and more.

NIST Certified SCAP 1.2 toolkit

This Ansible role provides numerous security-related ssh configurations, providing all-round base protection.

Yglu ᕄ !? - YAML glue for structural templating and processing

Exoframe is a self-hosted tool that allows simple one-command deployments using Docker