ModlishkaModlishka. Reverse Proxy.
Stars: ✭ 3,634 (+414%)
IosMost usable tools for iOS penetration testing
Stars: ✭ 563 (-20.37%)
jt toolsRuby on Rails Continuous Deployment Ecosystem to maintain Healthy Stable Development
Stars: ✭ 13 (-98.16%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (-82.6%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+873.41%)
Terraform Aws Secure BaselineTerraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Stars: ✭ 596 (-15.7%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (-30.41%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (-47.67%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-93.92%)
Jasmin-RansomwareJasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Stars: ✭ 84 (-88.12%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-56.15%)
Standard🌟 JavaScript Style Guide, with linter & automatic code fixer
Stars: ✭ 26,433 (+3638.76%)
Sub-DrillA very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (-90.1%)
HettyHetty is an HTTP toolkit for security research.
Stars: ✭ 3,596 (+408.63%)
goverviewgoverview - Get an overview of the list of URLs
Stars: ✭ 93 (-86.85%)
EvilscanNodeJS Simple Network Scanner
Stars: ✭ 428 (-39.46%)
SDR-DetectorGSM Scanner, RTL-SDR, StingWatch, Meteor
Stars: ✭ 56 (-92.08%)
PolichombrCollaborative malware analysis framework
Stars: ✭ 307 (-56.58%)
powerauth-mobile-sdkPowerAuth Mobile SDK for adds capability for authentication and transaction signing into the mobile apps (ios, watchos, android).
Stars: ✭ 27 (-96.18%)
Jsprimea javascript static security analysis tool
Stars: ✭ 556 (-21.36%)
unimportunimport is a Go static analysis tool to find unnecessary import aliases.
Stars: ✭ 64 (-90.95%)
rubocop-graphqlRubocop extension for enforcing graphql-ruby best practices
Stars: ✭ 143 (-79.77%)
doraFind exposed API keys based on RegEx and get exploitation methods for some of keys that are found
Stars: ✭ 229 (-67.61%)
Reviewdog🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
Stars: ✭ 4,541 (+542.29%)
Awesome StandardDocumenting the explosion of packages in the standard ecosystem!
Stars: ✭ 300 (-57.57%)
BurpSQLTruncSannerMessy BurpSuite plugin for SQL Truncation vulnerabilities.
Stars: ✭ 53 (-92.5%)
SouffleSoufflé is a variant of Datalog for tool designers crafting analyses in Horn clauses. Soufflé synthesizes a native parallel C++ program from a logic specification.
Stars: ✭ 426 (-39.75%)
DotdotslashSearch for Directory Traversal Vulnerabilities
Stars: ✭ 297 (-57.99%)
vulntestStatic code analysis test source code
Stars: ✭ 24 (-96.61%)
Security Code ScanVulnerability Patterns Detector for C# and VB.NET
Stars: ✭ 550 (-22.21%)
codecatCodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules. Beta version.
Stars: ✭ 265 (-62.52%)
SteadyAnalyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
Stars: ✭ 423 (-40.17%)
HeraldingCredentials catching honeypot
Stars: ✭ 297 (-57.99%)
FastLint-IssuesFastLint finds & fixes bugs in your commits
Stars: ✭ 123 (-82.6%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (-4.38%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-95.62%)
RmiscoutRMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
Stars: ✭ 296 (-58.13%)
bhedakA replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.
Stars: ✭ 77 (-89.11%)
Preallocprealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.
Stars: ✭ 419 (-40.74%)
micro-sentryTiny Sentry client with idiomatic wrapper for Angular
Stars: ✭ 100 (-85.86%)
WsltoolsWeb Scan Lazy Tools - Python Package
Stars: ✭ 288 (-59.26%)
eclipse-pmdeclipse-pmd has been moved to
Stars: ✭ 20 (-97.17%)
Pep8speaksA GitHub app to automatically review Python code style over Pull Requests
Stars: ✭ 546 (-22.77%)
AndroidSecNotesAn actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentesters, reverse engineer, and redteamers.
Stars: ✭ 140 (-80.2%)
W5Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Stars: ✭ 367 (-48.09%)
static-code-analysis-pluginA plugin to simplify Static Code Analysis on Gradle. Not restricted to, but specially useful, in Android projects, by making sure all analysis can access the SDK classes.
Stars: ✭ 36 (-94.91%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-96.61%)
SpicypassA light-weight password manager with a focus on simplicity and security
Stars: ✭ 367 (-48.09%)
powerauth-cryptoPowerAuth - Open-source solution for authentication, secure data storage and transport security in mobile banking.
Stars: ✭ 48 (-93.21%)