PbscanFaster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.
Stars: ✭ 122 (-35.11%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+870.21%)
WsltoolsWeb Scan Lazy Tools - Python Package
Stars: ✭ 288 (+53.19%)
ApplicationinspectorA source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Stars: ✭ 3,873 (+1960.11%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+1367.02%)
YawastYAWAST ...where a pentest starts. Security Toolkit for Web-based Applications
Stars: ✭ 181 (-3.72%)
KraneKubernetes RBAC static Analysis & visualisation tool
Stars: ✭ 254 (+35.11%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-13.83%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+2675.53%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+312.23%)
Golang TlsSimple Golang HTTPS/TLS Examples
Stars: ✭ 857 (+355.85%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+412.77%)
Vulny Code Static AnalysisPython script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: ✭ 207 (+10.11%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+1448.4%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+1126.06%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (+14.89%)
SuperSecure, Unified, Powerful and Extensible Rust Android Analyzer
Stars: ✭ 340 (+80.85%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (+90.96%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-13.83%)
BanditBandit is a tool designed to find common security issues in Python code.
Stars: ✭ 3,763 (+1901.6%)
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (+201.06%)
ServerscanServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
Stars: ✭ 674 (+258.51%)
ChangemeA default credential scanner.
Stars: ✭ 928 (+393.62%)
EsdEnumeration sub domains(枚举子域名)
Stars: ✭ 785 (+317.55%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+4604.26%)
Intrigue IdentApplication and Service Fingerprinting
Stars: ✭ 70 (-62.77%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-44.15%)
Grinder🔎 Python framework to automatically discover and enumerate hosts from different back-end systems (Shodan, Censys)
Stars: ✭ 209 (+11.17%)
ObsidianSailboatNmap and NSE command line wrapper in the style of Metasploit
Stars: ✭ 36 (-80.85%)
CobraSource Code Security Audit (源代码安全审计)
Stars: ✭ 2,802 (+1390.43%)
Salt ScannerLinux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Stars: ✭ 261 (+38.83%)
Pentest ChainsawScrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product
Stars: ✭ 36 (-80.85%)
Htrace.shMy simple Swiss Army knife for http/https troubleshooting and profiling.
Stars: ✭ 3,465 (+1743.09%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+93.09%)
Envizonnetwork visualization & vulnerability management/reporting
Stars: ✭ 382 (+103.19%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+103.19%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+119.68%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+4760.11%)
Jsprimea javascript static security analysis tool
Stars: ✭ 556 (+195.74%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (+175%)
InqlInQL - A Burp Extension for GraphQL Security Testing
Stars: ✭ 715 (+280.32%)
SalusSecurity scanner coordinator
Stars: ✭ 441 (+134.57%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+377.13%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (+323.4%)
EvilscanNodeJS Simple Network Scanner
Stars: ✭ 428 (+127.66%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (+127.13%)
Doublepulsar Detection ScriptA python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
Stars: ✭ 977 (+419.68%)
NosqliNoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
Stars: ✭ 120 (-36.17%)
GsilGitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
Stars: ✭ 1,764 (+838.3%)
Mutual Tls Ssl🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC examples are included
Stars: ✭ 163 (-13.3%)
CertCert is the Go tool to get TLS certificate information.
Stars: ✭ 166 (-11.7%)
Ip AttackAuto IP or Domain Attack Tool ( #1 )
Stars: ✭ 162 (-13.83%)
PortauthorityA handy systems and security-focused tool, Port Authority is a very fast Android port scanner. Port Authority also allows you to quickly discover hosts on your network and will display useful network information about your device and other hosts.
Stars: ✭ 174 (-7.45%)
DirsearchA Go implementation of dirsearch.
Stars: ✭ 164 (-12.77%)