1136 Open source projects that are alternatives of or similar to Vehicle-Security-Toolkit

Quality Police for Java projects

Web application that allows to load a Trivy report in json format and displays the vulnerabilities of a single target in an interactive data table.

An open source script to perform malware static analysis on Portable Executable

Ruby library for interacting with Bugcrowd's VRT

PHPUnit extensions and rules for PHPStan

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

Read-only mirror of the Klever Git repository

DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover

Sturdy is a library for developing sound static analyses in Haskell.

Jenkins Warnings Plugin - Next Generation

[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.

Tool that generates unit test by C/C++ source code, trying to reach all branches and maximize code coverage

The modern Java bytecode editor

Detect uses of legacy Java APIs

Pentest: Subdomains enumeration tool for penetration testers.

🖖 Fast, modern, easy-to-use network scanner

Inline syscalls made easy for windows on clang

🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint

Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!

A PHP parser written in PHP

A set of utilities for checking Go sources. This repository has migrated to https://gitlab.com/opennota/check

DoS PoC's for SAP products

Python subsets

NTP Doser is a NTP Amplification DoS/DDoS attack tool for penttesting

Generate MS Word template-based reports with HP WebInspect / Burp Suite Pro input, own custom data and knowledge base.

The CodeQL extractor and libraries for Go.

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

generates weak passwords based on current date

Swiss-army knife for D source code

A plug-in for Google's Protocol Buffers (protobufs) compiler to lint .proto files for style violations.

Go static program analyser

Adobe Experience Manager Vulnerability Scanner

Security scanner for your Terraform code

A reviewed list of useful PHP static analysis tools

Efficient and Precise Pointer-Tracking Data-Flow Framework

Bolt is a language with in-built data-race freedom!

LibScout: Third-party library detector for Java/Android apps

Static and dynamic Android application security analysis

JavaFuzz 4 Android

Retro Text Editor is a simple text file editor.

Policeman's Forbidden API Checker

Awesome Java Security Resources 🕶☕🔐

A repository for scripting a mobile attack toolchain

Intellisense for PHP

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.

A simple Java command-line utility to mirror the entire contents of VulnDB.

SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

Hourly updated database of exploit and exploitation reports

Custom Python linting through AST expressions

Strict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs

A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs

WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.

Type-safe Lua IDE Plugin for IntelliJ IDEA

A static analysis and linter tool for Lua

Extensions for PHPStan

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

✊ Detect non-inclusive language in your source code.

A set of opinionated and useful lint checks