186 Open source projects that are alternatives of or similar to Mix_audit

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

Integration of Clair and Docker Registry

A command line security audit tool for Amazon Web Services

An NFC research toolkit application for Android

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

Pentest Report Generator

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.

Security advisory database for Rust crates published through crates.io

Scripts to gather system configuration information for offline/remote auditing

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

pentest framework

Tracking CVEs for the linux Kernel

Cloud Security Posture Management (CSPM)

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

A Python SDK for Tufin Orchestration Suite

ssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Technical details that a programmer of a web application should consider before making the site public.

CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

This ansible role gets information from an AWS VPC and generate a graphical representation of security groups

Web Scan Lazy Tools - Python Package

Simple Golang HTTPS/TLS Examples

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

Web Application Security Scanner Framework

System Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems

PHP Security Check List [ EN ] 🌋 ☣️

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

Semi-automatic OSINT framework and package manager

Helps you continuously monitor and fix common security vulnerabilities in your Django application.

Send encrypted PGP messages with one click

A toolbox to enforce firewall rules across multiple GCP projects.

Directory Services Internals (DSInternals) PowerShell Module and Framework

Enables and use of the concept of security in your Delphi applications

Passively scan for Bluetooth Low Energy devices and attempt to fingerprint them

Simple and scalable Linux tools for verifying TPM-based remote attestations 🔬⚖️🔐⛓📏📜

grep rough audit - source code auditing tool

Different utility scripts for pentesting and hacking.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Container Snitch checks running processes under the Docker Engine and alerts if any are found to be running as root

A static analysis security vulnerability scanner for Ruby on Rails applications

Misc. Public Reports of Penetration Testing and Security Audits.

The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments

Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation

InQL - A Burp Extension for GraphQL Security Testing

Find secrets on any machine from over 120 Different Signatures.

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

Automatic SQL injection with Charles and sqlmap api

A tool for auditing security properties of GCP projects.

Wordpress Vulnerability Scanner

Automated NoSQL database enumeration and web application exploitation tool.

Kubernetes Common Configuration Scoring System

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

Hacking Toolkit