CatnipCat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Stars: ✭ 108 (-26.03%)
KlarIntegration of Clair and Docker Registry
Stars: ✭ 480 (+228.77%)
Cloud Security AuditA command line security audit tool for Amazon Web Services
Stars: ✭ 68 (-53.42%)
NfcgateAn NFC research toolkit application for Android
Stars: ✭ 425 (+191.1%)
Find Sec BugsThe SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Stars: ✭ 1,748 (+1097.26%)
PwndocPentest Report Generator
Stars: ✭ 417 (+185.62%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+6158.22%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+182.88%)
DrekA static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
Stars: ✭ 103 (-29.45%)
Advisory DbSecurity advisory database for Rust crates published through crates.io
Stars: ✭ 396 (+171.23%)
Audit scriptsScripts to gather system configuration information for offline/remote auditing
Stars: ✭ 55 (-62.33%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (+158.9%)
Edr Testing ScriptTest the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Stars: ✭ 136 (-6.85%)
W5Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Stars: ✭ 367 (+151.37%)
Pythempentest framework
Stars: ✭ 1,060 (+626.03%)
CloudsploitCloud Security Posture Management (CSPM)
Stars: ✭ 1,338 (+816.44%)
Enum4linux NgA next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Stars: ✭ 349 (+139.04%)
PytosA Python SDK for Tufin Orchestration Suite
Stars: ✭ 49 (-66.44%)
Ssh Mitmssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation
Stars: ✭ 335 (+129.45%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-17.81%)
Webapp ChecklistTechnical details that a programmer of a web application should consider before making the site public.
Stars: ✭ 320 (+119.18%)
Repo Security ScannerCLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys
Stars: ✭ 977 (+569.18%)
ProwlerProwler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Stars: ✭ 4,561 (+3023.97%)
Aws Securitygroup GrapherThis ansible role gets information from an AWS VPC and generate a graphical representation of security groups
Stars: ✭ 93 (-36.3%)
WsltoolsWeb Scan Lazy Tools - Python Package
Stars: ✭ 288 (+97.26%)
Golang TlsSimple Golang HTTPS/TLS Examples
Stars: ✭ 857 (+486.99%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+2090.41%)
Sqlite LabThis code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
Stars: ✭ 140 (-4.11%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+1915.07%)
MarsnakeSystem Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems
Stars: ✭ 16 (-89.04%)
Pentest NotesCollection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
Stars: ✭ 89 (-39.04%)
ElectriceyeContinuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: ✭ 255 (+74.66%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+457.53%)
django-security-checkHelps you continuously monitor and fix common security vulnerabilities in your Django application.
Stars: ✭ 69 (-52.74%)
Encrypt.toSend encrypted PGP messages with one click
Stars: ✭ 116 (-20.55%)
gcp-firewall-enforcerA toolbox to enforce firewall rules across multiple GCP projects.
Stars: ✭ 77 (-47.26%)
Dsinternals Directory Services Internals (DSInternals) PowerShell Module and Framework
Stars: ✭ 776 (+431.51%)
Security4DelphiEnables and use of the concept of security in your Delphi applications
Stars: ✭ 39 (-73.29%)
Btle SnifferPassively scan for Bluetooth Low Energy devices and attempt to fingerprint them
Stars: ✭ 87 (-40.41%)
LightVerifierSimple and scalable Linux tools for verifying TPM-based remote attestations 🔬⚖️🔐⛓📏📜
Stars: ✭ 18 (-87.67%)
Grauditgrep rough audit - source code auditing tool
Stars: ✭ 747 (+411.64%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+1149.32%)
cnitchContainer Snitch checks running processes under the Docker Engine and alerts if any are found to be running as root
Stars: ✭ 68 (-53.42%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+4202.05%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-83.56%)
Web exploit detectorThe Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments
Stars: ✭ 81 (-44.52%)
CIS-Ubuntu-20.04-AnsibleAnsible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
Stars: ✭ 150 (+2.74%)
InqlInQL - A Burp Extension for GraphQL Security Testing
Stars: ✭ 715 (+389.73%)
tell-me-your-secretsFind secrets on any machine from over 120 Different Signatures.
Stars: ✭ 31 (-78.77%)
DockleContainer Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Stars: ✭ 1,713 (+1073.29%)
SqliscannerAutomatic SQL injection with Charles and sqlmap api
Stars: ✭ 674 (+361.64%)
Gcp AuditA tool for auditing security properties of GCP projects.
Stars: ✭ 140 (-4.11%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1220.55%)
KccssKubernetes Common Configuration Scoring System
Stars: ✭ 111 (-23.97%)
Gscan本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
Stars: ✭ 1,177 (+706.16%)
HabuHacking Toolkit
Stars: ✭ 635 (+334.93%)