640 Open source projects that are alternatives of or similar to Progpilot

vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...

Advanced and easy to use penetration testing framework 💣🔎

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

Find secrets and passwords in container images and file systems

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

All-in-one tool for managing vulnerability reports from AppSec pipelines

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

OSS Vulnerability Scanner for Windows Platform

红队综合渗透框架

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

NERVE Continuous Vulnerability Scanner

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

Open-Source Security Architecture | 开源安全架构

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Bandit is a tool designed to find common security issues in Python code.

Web-based Source Code Vulnerability Scanner

A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑

Golang security checker

🆕 The Multi-Tool Web Vulnerability Scanner.

Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Python script to decode common encoded PowerShell scripts

Open source application to instantly remediate common security issues through the use of AWS Config

Security scanner for your Terraform code

🔎 Python framework to automatically discover and enumerate hosts from different back-end systems (Shodan, Censys)

Ansible role to apply a security baseline. Systemd edition.

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Linux post exploitation privilege escalation enumeration

Reverse shell generator written in Python 3.

Code Climate CLI

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

AWS Identity and Access Management Visualizer and Anomaly Finder

Official Black Hat Arsenal Security Tools Repository

Static code review for your Gerrit patchsets. Runs Checkstyle, PMD, FindBugs, Scalastyle, CodeNarc, JSLint for you!

memory search and patch tool on debuggable apk without root & ndk

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

A Virtual environment for Pentesting IoT Devices

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Endpoint detection & Malware analysis software

Identify hardcoded secrets and dangerous behaviours

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

⚗️ Adds code analysis to Laravel improving developer productivity and code quality.

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

Static analysis for Angular projects.

Light NodeJS rate limiting and response delaying using Redis - including Express middleware.

Shodanwave is a tool for exploring and obtaining information from Netwave IP Camera.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Patch-level verification for Bundler

Extract uncompiled, uncompressed SPA code from Webpack source maps.

ESLint Config for JavaScript Standard Style