846 Open source projects that are alternatives of or similar to Stacoan

Symfony extension for PHPStan

Attack surface mapping

🔨 Manage your website via terminal

Infection Monkey - An automated pentest tool

👻Impost3r -- A linux password thief

Attack Surface Management Platform | Sn1perSecurity LLC

Droidefense: Advance Android Malware Analysis Framework

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

syzkaller is an unsupervised coverage-guided kernel fuzzer

Top disclosed reports from HackerOne

ssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation

Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.

Doctrine extensions for PHPStan

Security scanner coordinator

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

Simple script that checks a domain for email protections

An extensible multilanguage static code analyzer.

kube-scan: Octarine k8s cluster risk assessment tool

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

Read local Chrome cookies without root or decrypting

Some files for bruteforcing certain things.

A collection of awesome one-liner scripts especially for bug bounty tips.

🎖safely* install packages with npm or yarn by auditing them as part of your install process

network visualization & vulnerability management/reporting

🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯

A RuboCop extension focused on enforcing Rails best practices and coding conventions.

Most usable tools for iOS penetration testing

DNS Subdomain● Brute force ● Web Spider ● Nmap Scan ● etc

A fast DOM based XSS vulnerability scanner with simplicity.

🌟 JavaScript Style Guide, with linter & automatic code fixer

Hetty is an HTTP toolkit for security research.

NodeJS Simple Network Scanner

Collaborative malware analysis framework

a javascript static security analysis tool

🎯 XML External Entity (XXE) Injection Payload List

A Collection of Secure Mobile Development Best Practices

🐶 Automated code review tool integrated with any code analysis tools regardless of programming language

A collection of awesome security hardening guides, tools and other resources

Documenting the explosion of packages in the standard ecosystem!

Soufflé is a variant of Datalog for tool designers crafting analyses in Horn clauses. Soufflé synthesizes a native parallel C++ program from a logic specification.

Search for Directory Traversal Vulnerabilities

Vulnerability Patterns Detector for C# and VB.NET

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

a tool to analyze filesystem images for security

Credentials catching honeypot

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities

prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.

Web Scan Lazy Tools - Python Package

A GitHub app to automatically review Python code style over Pull Requests

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

scalastyle

Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

Open Source Tripwire®

Find and fix problems in your JavaScript code.

A tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.