interceptINTERCEPT / Policy as Code Static Analysis Auditing / SAST
Stars: ✭ 54 (-90.16%)
BlowholeDocker auditing and enumeration script.
Stars: ✭ 21 (-96.17%)
shellsumA defense tool - detect web shells in local directories via md5sum
Stars: ✭ 30 (-94.54%)
Virtual-HostModified Nuclei Templates Version to FUZZ Host Header
Stars: ✭ 38 (-93.08%)
WDIRGood resources about web security that I have read.
Stars: ✭ 14 (-97.45%)
guardrailsguardrails.cs.virginia.edu
Stars: ✭ 18 (-96.72%)
AuditFor auditing what collaborators, hooks, and deploy keys you have added on all your GitHub repositories.
Stars: ✭ 335 (-38.98%)
Blind-SSRFNuclei Templates to reproduce Cracking the lens's Research
Stars: ✭ 111 (-79.78%)
Learning-Node.js-SecurityA Collection of articles, videos, blogs, talks and other materials on Node.js Security
Stars: ✭ 25 (-95.45%)
firecrackerStop half-done API specifications! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by validating your API specifications.
Stars: ✭ 438 (-20.22%)
Lighthouse SecurityRuns the default Google Lighthouse tests with additional security tests
Stars: ✭ 190 (-65.39%)
sledgehammer🔨 📶 WiFi-Jammer/DoS toolset
Stars: ✭ 34 (-93.81%)
Ssrf vulnerable labThis Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
Stars: ✭ 361 (-34.24%)
knxmapKNXnet/IP scanning and auditing tool for KNX home automation installations.
Stars: ✭ 97 (-82.33%)
polscanZero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities
Stars: ✭ 57 (-89.62%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (-24.23%)
auditA common audit framework for java application
Stars: ✭ 28 (-94.9%)
sqlinjection-training-appA simple PHP application to learn SQL Injection detection and exploitation techniques.
Stars: ✭ 56 (-89.8%)
Log KillerClear all your logs in [linux/windows] servers 🛡️
Stars: ✭ 252 (-54.1%)
Awesome OcapAwesome Object Capabilities and Capability Security
Stars: ✭ 196 (-64.3%)
cyber-gymDeliberately vulnerable scripts for Web Security training
Stars: ✭ 19 (-96.54%)
requests-ip-rotatorA Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
Stars: ✭ 323 (-41.17%)
DomxssscannerDOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities
Stars: ✭ 181 (-67.03%)
Django Easy AuditYet another Django audit log app, hopefully the simplest one.
Stars: ✭ 289 (-47.36%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (-34.61%)
ScoutsuiteMulti-Cloud Security Auditing Tool
Stars: ✭ 3,803 (+592.71%)
ad-privileged-auditProvides various Windows Server Active Directory (AD) security-focused reports.
Stars: ✭ 42 (-92.35%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (-22.22%)
SQLPowerDocHopefully an up to date fork of SQL Power Doc. Newer PS versions and .NET levels. Maybe too ambitious. This repository was cloned from kendalvandyke, the original author of SQLPowerDoc. Codeplex is currently in the process of shutting down. I cloned this project (and its wiki) with the intention of preserving a wonderful tool that I recently dis…
Stars: ✭ 19 (-96.54%)
Raven-StormRaven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.
Stars: ✭ 235 (-57.19%)
visual-differA Node-based diffing tool to compare an array of URLs and flag differences between them
Stars: ✭ 18 (-96.72%)
Commit WatcherFind interesting and potentially hazardous commits in git projects
Stars: ✭ 345 (-37.16%)
CJ2018-Final-CTFCyber Jawara 2018 Final - Attack & Defense CTF services environments based on Docker.
Stars: ✭ 58 (-89.44%)
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-93.44%)
PTEyePhantom eye——A passive business logic vulnerability auditing tool
Stars: ✭ 55 (-89.98%)
Ssh AuditorThe best way to scan for weak ssh passwords on your network
Stars: ✭ 516 (-6.01%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+129.69%)
Javaidjava source code static code analysis and danger function identify prog
Stars: ✭ 327 (-40.44%)
pg-audit-jsonSimple, easily customised trigger-based auditing for PostgreSQL (Postgres). See also pgaudit.
Stars: ✭ 34 (-93.81%)
Scant3rScanT3r - Web Security Scanner
Stars: ✭ 248 (-54.83%)
Django AuditlogA Django app that keeps a log of changes made to an object.
Stars: ✭ 412 (-24.95%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-63.75%)
RudderContinuous Auditing & Configuration
Stars: ✭ 314 (-42.81%)
diwaA Deliberately Insecure Web Application
Stars: ✭ 32 (-94.17%)
Githacker🕷️ A Git source leak exploit tool that restores the entire Git repository, including data from stash, for white-box auditing and analysis of developers' mind
Stars: ✭ 524 (-4.55%)
SshpiperThe missing reverse proxy for ssh scp
Stars: ✭ 489 (-10.93%)
LookylooLookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.
Stars: ✭ 381 (-30.6%)
CtftoolsPersonal CTF Toolkit
Stars: ✭ 312 (-43.17%)