HuskyciPerforming security tests inside your CI
Stars: ✭ 398 (+92.27%)
SalusSecurity scanner coordinator
Stars: ✭ 441 (+113.04%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (+284.54%)
SuperSecure, Unified, Powerful and Extensible Rust Android Analyzer
Stars: ✭ 340 (+64.25%)
WssatWEB SERVICE SECURITY ASSESSMENT TOOL
Stars: ✭ 360 (+73.91%)
KraneKubernetes RBAC static Analysis & visualisation tool
Stars: ✭ 254 (+22.71%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+2934.3%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+274.4%)
HorusecHorusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Stars: ✭ 311 (+50.24%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+4172.46%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (+4.35%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+75.36%)
ApplicationinspectorA source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Stars: ✭ 3,873 (+1771.01%)
Jsprimea javascript static security analysis tool
Stars: ✭ 556 (+168.6%)
EsdEnumeration sub domains(枚举子域名)
Stars: ✭ 785 (+279.23%)
Dagdaa tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
Stars: ✭ 820 (+296.14%)
XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+333.33%)
ChangemeA default credential scanner.
Stars: ✭ 928 (+348.31%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+365.7%)
Terraform Security ScanRun a security scan on your terraform with the very nice https://github.com/liamg/tfsec
Stars: ✭ 64 (-69.08%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+4314.01%)
ZaproxyThe OWASP ZAP core project
Stars: ✭ 9,078 (+4285.51%)
Dependency spyFind known vulnerabilities in your dependencies
Stars: ✭ 87 (-57.97%)
Pentest ChainsawScrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product
Stars: ✭ 36 (-82.61%)
Intrigue IdentApplication and Service Fingerprinting
Stars: ✭ 70 (-66.18%)
AmdhAndroid Mobile Device Hardening
Stars: ✭ 95 (-54.11%)
SquealerTelling tales on you for leaking secrets!
Stars: ✭ 97 (-53.14%)
Golang TlsSimple Golang HTTPS/TLS Examples
Stars: ✭ 857 (+314.01%)
TrivyScanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
Stars: ✭ 9,673 (+4572.95%)
Doublepulsar Detection ScriptA python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
Stars: ✭ 977 (+371.98%)
InqlInQL - A Burp Extension for GraphQL Security Testing
Stars: ✭ 715 (+245.41%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+421.26%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+418.36%)
ClairVulnerability Static Analysis for Containers
Stars: ✭ 8,356 (+3936.71%)
PbscanFaster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.
Stars: ✭ 122 (-41.06%)
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (-61.84%)
Anchore EngineA service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification
Stars: ✭ 1,192 (+475.85%)
Phpstan DrupalExtension for PHPStan to allow analysis of Drupal code.
Stars: ✭ 97 (-53.14%)
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (+173.43%)
NosqliNoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
Stars: ✭ 120 (-42.03%)
Config LintCommand line tool to validate configuration files
Stars: ✭ 118 (-43%)
AbaplintStandalone linter for ABAP
Stars: ✭ 111 (-46.38%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (-38.16%)
Find Sec BugsThe SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Stars: ✭ 1,748 (+744.44%)
Vuln Web AppsA curated list of vulnerable web applications.
Stars: ✭ 128 (-38.16%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+831.4%)
Awesome VulnerableA curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Stars: ✭ 133 (-35.75%)
Nodejsscannodejsscan is a static security code scanner for Node.js applications.
Stars: ✭ 1,874 (+805.31%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-49.28%)
GsilGitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
Stars: ✭ 1,764 (+752.17%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+781.16%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+921.26%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-21.74%)
Web ShellsSome of the best web shells that you might need!
Stars: ✭ 162 (-21.74%)
PolarisValidation of best practices in your Kubernetes clusters
Stars: ✭ 2,397 (+1057.97%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-9.66%)