144 Open source projects that are alternatives of or similar to WebSecurityScannerWhitePaper

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

a javascript static security analysis tool

批量漏洞扫描框架

OWASP ZAP Add-ons

A Python library for the MythX smart contract security analysis platform

NodeJS Simple Network Scanner

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

A handy systems and security-focused tool, Port Authority is a very fast Android port scanner. Port Authority also allows you to quickly discover hosts on your network and will display useful network information about your device and other hosts.

Solhint is an open source project created by https://protofire.io. Its goal is to provide a linting utility for Solidity code.

Passively scan for Bluetooth Low Energy devices and attempt to fingerprint them

Web application vulnerability scanner

Jxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).

🔎 shodansploit > v1.3.0

🐞 Primitive Erlang Security Tool

💡 A hinting engine for the web

Advanced vulnerability scanning with Nmap NSE

Bandit is a tool designed to find common security issues in Python code.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

Kubernetes RBAC static Analysis & visualisation tool

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

🆕 The Multi-Tool Web Vulnerability Scanner.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Different utility scripts for pentesting and hacking.

Security tool to trace URL's jumps across the rel links to obtain the last URL

A simple tool to detect outdated shared libraries

🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐

⚡️ Docker official image for Wallarm Node. API security platform agent.

Application Layer DoS attack simulator

Scan for and exploit Consul agents

Semgrep rules registry

Network Security Vulnerability Scanner

A Machine Learning approach for classifying a file as Malicious or Legitimate

A humble, and fast, security-oriented HTTP headers analyzer

Official Black Hat Arsenal Security Tools Repository

A fast TCP port scanner

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

A tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.

nodejsscan is a static security code scanner for Node.js applications.

🐛 A multi threads web application source leak scanner

Simple Golang HTTPS/TLS Examples

🎯 RFI/LFI Payload List

三方依赖库扫描系统

备考 OSCP 的各种干货资料/渗透测试干货资料

A default credential scanner.

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

A tool to test security of json web token

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Modern Web Firewall: stop account takeovers, weak passwords, cloud IPs, DoS attacks, disposable emails

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

Open-Source Security Architecture | 开源安全架构

a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.

This is the new version of dirb in python

Ninjaberry: Raspberry Pi UI for @bettercap

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

InQL - A Burp Extension for GraphQL Security Testing