488 Open source projects that are alternatives of or similar to Openrasp Iast

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.

Git Anti-Virus Scan Action - Detect trojans, viruses, malware & other malicious threats.

Awesome Python Security resources 🕶🐍🔐

Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

.NET runtime inspector

InQL - A Burp Extension for GraphQL Security Testing

Username enumeration and password spraying tool aimed at Microsoft O365.

Trojan 🐍 (keylogger, take screenshots, open your webcam) 🔓

An OSINT Metadata analyzing tool that filters through tags and creates reports

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems

Linux privilege escalation auditing tool

Program to reverse Docker images into Dockerfiles

Disassemble ANY files including .so (NDK, JNI), Windows PE(EXE, DLL, SYS, etc), linux binaries, libraries, and any other files such as pictures, audios, etc(for fun)files on Android. Capstone-based disassembler application on android. 안드로이드 NDK 공유 라이브러리, Windows 바이너리, etc,... 리버싱 앱

A ZigBee hacking toolkit by Bishop Fox

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

La intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps …

Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Hacking Toolkit

A static analysis tool for security

Penetrum LLC opensource security tool list.

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

📚Translate the distinct technical blogs. Please star or watch. Welcome to join me.

Growing repository of Infrastructure as Code demos (initially created for DevOps Wall Street)

A web front-end for password cracking and analytics

一行代码检测XP/调试/多开/模拟器/root

HackerOne "in scope" domains

Most usable tools for iOS penetration testing

Powerful Visual Subdomain Enumeration at the Click of a Mouse

a javascript static security analysis tool

tfquery: Run SQL queries on your Terraform infrastructure. Query resources and analyze its configuration using a SQL-powered framework.

Open source incident management and response platform.

Cloud Discovery provides a point in time enumeration of all the cloud native platform services

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

Fuzz your Rust code with Google-developed Honggfuzz !

🎖safely* install packages with npm or yarn by auditing them as part of your install process

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Open Source Tripwire®

Big Bang is a declarative, continuous delivery tool for core DoD hardened and approved packages into a Kubernetes cluster.

👻Stowaway -- Multi-hop Proxy Tool for pentesters

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

红队综合渗透框架

AWS Identity and Access Management Visualizer and Anomaly Finder

Drone pentesting framework console

Awesome hacking is an awesome collection of hacking tools.

Automated Mass Exploiter

Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.

Collecting & Hunting for IOCs with gusto and style

Scripts to gather system configuration information for offline/remote auditing

The Swiss Army knife for automated Web Application Testing

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

Automated cacert.pem management for PHP projects

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

Maven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable dependencies are found.

Deploy, update, and stage your WAFs while managing them centrally via FMS.