445 Open source projects that are alternatives of or similar to Owasp Orizon

Vulnerability Patterns Detector for C# and VB.NET

🐶 Automated code review tool integrated with any code analysis tools regardless of programming language

Automated Penetration Testing Framework

⚙️ Scan your Java, Kotlin, PHP, Python, JavaScript, TypeScript projects at GitHub with Qodana

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Web-based Source Code Vulnerability Scanner

A static analysis tool for security

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

FastLint finds & fixes bugs in your commits

OWASP Joomla Vulnerability Scanner Project

Feram finds & fixes bugs in your commits

A cryptographically verifiable code review system for the cargo (Rust) package manager.

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

Python2编写的struts2漏洞全版本检测和利用工具

Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

A regex based source code scanner.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

This is a curated list of resources about code reviews: articles, tools, trainings...

ESLint Shareable Config for JSX support in JavaScript Standard Style

F# analyzer that provides embedded SQL syntax analysis, type-checking for parameters and result sets and nullable column detection when writing queries using Npgsql.FSharp.

A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

a FindBugs/SpotBugs plugin for doing static code analysis for java code bases

OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development

A tool for running automated static analysis on code posted to a Review Board instance.

All-in-one tool for managing vulnerability reports from AppSec pipelines

The Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.

PHP Static Analysis Tool - discover bugs in your code without running it!

CodeCharta visualizes multiple code metrics using 3D tree maps.

PHP malware detector

A simple web app that helps developers understand the ASVS requirements.

GDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…

List of Maven examples

A collection of hacking / penetration testing resources to make you better!

Python3编写的CMS漏洞检测框架

A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.

🐞 Primitive Erlang Security Tool

XSSCon: Simple XSS Scanner tool

Functional, composable, asynchronous, type-safe Python.

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

A collection of electronic hacker magazines carefully curated over the years from multiple sources

A curated list of vulnerable web applications.

create fixup commits for topic branches

An extensible and friendly code review tool for projects and companies of all sizes.

Code review bot and CLA verifier

⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.

NsDepCop is a static code analysis tool that helps to enforce namespace dependency rules in C# projects. No more unplanned or unnoticed dependencies in your system.

A linter, formatter for finding and removing unused import statements.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

The OWASP ZAP core project

Hacking tools

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

The Hy Transformer

GitHub Pull Requests for Visual Studio Code

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

Java library for parsing report files from static code analysis.

Kubernetes object analysis with recommendations for improved reliability and security

OWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.