1413 Open source projects that are alternatives of or similar to Wsltools

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Web application vulnerability scanner

Secure, Unified, Powerful and Extensible Rust Android Analyzer

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

Source Code Security Audit (源代码安全审计)

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

a tool to analyze filesystem images for security

NebulousAD automated credential auditing tool.

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Simple Golang HTTPS/TLS Examples

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

🔎 shodansploit > v1.3.0

Open-Source Security Architecture | 开源安全架构

InQL - A Burp Extension for GraphQL Security Testing

kube-scan: Octarine k8s cluster risk assessment tool

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

⚡️ Docker official image for Wallarm Node. API security platform agent.

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

All-in-one tool for managing vulnerability reports from AppSec pipelines

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

VOIP Security Audit Framework

This ansible role gets information from an AWS VPC and generate a graphical representation of security groups

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

Set of tools to audit SIP based VoIP Systems

YARA malware query accelerator (web frontend)

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Automated NoSQL database enumeration and web application exploitation tool.

Custom memory allocator that helps discover reads from uninitialized memory

A Go implementation of dirsearch.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

安全编排与自动化响应平台

Ghidra Analysis Enhancer 🐉

Patch-level verification for Bundler

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

secureCodeBox (SCB) - continuous secure delivery out of the box

A Blazing fast Security Auditing tool for Kubernetes

Dashboard to collect, analyze, and respond to reported phishing emails.

Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.

HackerOne "in scope" domains

Dark Web OSINT Tool

Kubernetes RBAC static Analysis & visualisation tool

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

Jxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).

Sandfly Security Agentless Compromise and Intrusion Detection System For Linux

This is the official main repository for the Assimilation project