Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (+115.04%)
Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (-19.03%)
TrivyScanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
Stars: ✭ 9,673 (+4180.09%)
SecretscannerFind secrets and passwords in container images and file systems
Stars: ✭ 895 (+296.02%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (+212.83%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+60.62%)
OpenVAS-DockerA Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)
Stars: ✭ 16 (-92.92%)
Jok3rJok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Stars: ✭ 645 (+185.4%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+82.74%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (+180.09%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-68.14%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-53.54%)
DetexploitOSS Vulnerability Scanner for Windows Platform
Stars: ✭ 146 (-35.4%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+3813.27%)
NerveNERVE Continuous Vulnerability Scanner
Stars: ✭ 267 (+18.14%)
Salt ScannerLinux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (+15.49%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (+252.21%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+3942.92%)
BanditBandit is a tool designed to find common security issues in Python code.
Stars: ✭ 3,763 (+1565.04%)
RaptorWeb-based Source Code Vulnerability Scanner
Stars: ✭ 314 (+38.94%)
Scanners BoxA powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Stars: ✭ 5,590 (+2373.45%)
GosecGolang security checker
Stars: ✭ 5,694 (+2419.47%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+242.92%)
Owasp OrizonOwasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
Stars: ✭ 130 (-42.48%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-28.32%)
Angularjs Csti ScannerAutomated client-side template injection (sandbox escape/bypass) detection for AngularJS.
Stars: ✭ 214 (-5.31%)
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (-15.93%)
PypowershellxrayPython script to decode common encoded PowerShell scripts
Stars: ✭ 192 (-15.04%)
Aws Auto RemediateOpen source application to instantly remediate common security issues through the use of AWS Config
Stars: ✭ 191 (-15.49%)
TfsecSecurity scanner for your Terraform code
Stars: ✭ 3,622 (+1502.65%)
Grinder🔎 Python framework to automatically discover and enumerate hosts from different back-end systems (Shodan, Censys)
Stars: ✭ 209 (-7.52%)
Fudgec2FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Stars: ✭ 191 (-15.49%)
EnumyLinux post exploitation privilege escalation enumeration
Stars: ✭ 210 (-7.08%)
RevshellgenReverse shell generator written in Python 3.
Stars: ✭ 190 (-15.93%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (-4.42%)
AaiaAWS Identity and Access Management Visualizer and Anomaly Finder
Stars: ✭ 218 (-3.54%)
SputnikStatic code review for your Gerrit patchsets. Runs Checkstyle, PMD, FindBugs, Scalastyle, CodeNarc, JSLint for you!
Stars: ✭ 189 (-16.37%)
Apk Meditmemory search and patch tool on debuggable apk without root & ndk
Stars: ✭ 189 (-16.37%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+1188.05%)
Security ScriptsA collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)
Stars: ✭ 188 (-16.81%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-17.26%)
Iot PtA Virtual environment for Pentesting IoT Devices
Stars: ✭ 218 (-3.54%)
Vulny Code Static AnalysisPython script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: ✭ 207 (-8.41%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-17.26%)
Attack monitorEndpoint detection & Malware analysis software
Stars: ✭ 186 (-17.7%)
WhispersIdentify hardcoded secrets and dangerous behaviours
Stars: ✭ 66 (-70.8%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+1120.35%)
Larastan⚗️ Adds code analysis to Laravel improving developer productivity and code quality.
Stars: ✭ 3,554 (+1472.57%)
Sec Admin分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
Stars: ✭ 222 (-1.77%)
CodelyzerStatic analysis for Angular projects.
Stars: ✭ 2,436 (+977.88%)
LimitrrLight NodeJS rate limiting and response delaying using Redis - including Express middleware.
Stars: ✭ 203 (-10.18%)
ShodanwaveShodanwave is a tool for exploring and obtaining information from Netwave IP Camera.
Stars: ✭ 183 (-19.03%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-19.47%)
Bundler AuditPatch-level verification for Bundler
Stars: ✭ 2,393 (+958.85%)
Unwebpack SourcemapExtract uncompiled, uncompressed SPA code from Webpack source maps.
Stars: ✭ 176 (-22.12%)