5224 Open source projects that are alternatives of or similar to Vulny Code Static Analysis

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

Awesome Python Security resources 🕶🐍🔐

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.

Official Black Hat Arsenal Security Tools Repository

Android Mobile Device Hardening

Security scanner for your Terraform code

Tool for breaking into web applications.

Awesome Java Security Resources 🕶☕🔐

A Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

Extension for PHPStan to allow analysis of Drupal code.

💡 A hinting engine for the web

Bandit is a tool designed to find common security issues in Python code.

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

A curated list of vulnerable web applications.

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

Web Scan Lazy Tools - Python Package

Semgrep rules registry

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

DeimosC2 is a Golang command and control framework for post-exploitation.

Automated NoSQL database enumeration and web application exploitation tool.

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Pentest Report Generator

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities

Validation of best practices in your Kubernetes clusters

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

Enumeration sub domains(枚举子域名)

A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

Vulnerability Static Analysis for Containers

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

A service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

Command line tool to validate configuration files

Some of the best web shells that you might need!

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Code Climate CLI

Repository with some awesome Windows Terminals themes

A browser testing and web crawling library for PHP and Symfony

List of resources useful for learning Python 🐍

Twitch moderation bot

InSpec: Auditing and Testing Framework

All Algorithms implemented in Rust

Cucumber for the JVM

Busca por CEP integrado diretamente aos serviços dos Correios, ViaCEP e outros (Node.js e Browser)

Simple and Lightweight Auth System for CodeIgniter

Full reference of LinkedIn answers 2021 for skill assessments, LinkedIn test, questions and answers (aws-lambda, rest-api, javascript, react, git, html, jquery, mongodb, java, Go, python, machine-learning, power-point) linkedin excel test lösungen, linkedin machine learning test

Build smaller, faster, and more secure desktop applications with a web frontend.

A free, responsive, ready to use website ui kit, built with bootstrap 4.

This repository is for active development of the Azure SDK for .NET. For consumers of the SDK we recommend visiting our public developer docs at https://docs.microsoft.com/dotnet/azure/ or our versioned developer docs at https://azure.github.io/azure-sdk-for-net.

Desktop Application for modeling Zeebe Workflows with BPMN

📚 PDF viewer for React Native