reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Stars: ✭ 974 (+170.56%)

Mutual labels: scanner, xss, vulnerabilities

Vuls

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Stars: ✭ 8,844 (+2356.67%)

Mutual labels: security-tools, vulnerabilities

Shellshockhunter

It's a simple tool for test vulnerability shellshock

Stars: ✭ 52 (-85.56%)

Mutual labels: security-tools, scanner

Recsech

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

Stars: ✭ 173 (-51.94%)

Mutual labels: security-tools, scanner

Rengine

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Stars: ✭ 3,439 (+855.28%)

Mutual labels: security-tools, scanner

Reconnoitre

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Stars: ✭ 1,824 (+406.67%)

Mutual labels: security-tools, scanner

Docker Ssllabs Scan

Qualys sslabs-scan utility in a tiny docker image

Stars: ✭ 85 (-76.39%)

Mutual labels: security-tools, scanner

Salus

Security scanner coordinator

Stars: ✭ 441 (+22.5%)

Mutual labels: static-analysis, security-tools

Security Code Scan

Vulnerability Patterns Detector for C# and VB.NET

Stars: ✭ 550 (+52.78%)

Mutual labels: static-analysis, scanner

Jsprime

a javascript static security analysis tool

Stars: ✭ 556 (+54.44%)

Mutual labels: static-analysis, security-tools

Awesome Dotnet Security

Awesome .NET Security Resources

Stars: ✭ 325 (-9.72%)

Mutual labels: static-analysis, security-tools

Grype

A vulnerability scanner for container images and filesystems

Stars: ✭ 362 (+0.56%)

Mutual labels: static-analysis, vulnerabilities

Kubei

Kubei is a flexible Kubernetes runtime scanner, scanning images of worker and Kubernetes nodes providing accurate vulnerabilities assessment, for more information checkout:

Stars: ✭ 353 (-1.94%)

Mutual labels: scanner, vulnerabilities

Dagda

a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities

Stars: ✭ 820 (+127.78%)

Mutual labels: static-analysis, vulnerabilities

Super

Secure, Unified, Powerful and Extensible Rust Android Analyzer

Stars: ✭ 340 (-5.56%)

Mutual labels: security-tools, vulnerabilities

Awesome Golang Security

Awesome Golang Security resources 🕶🔐

Stars: ✭ 1,355 (+276.39%)

Mutual labels: static-analysis, security-tools

Njsscan

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

Stars: ✭ 128 (-64.44%)

Mutual labels: static-analysis, security-tools

Sbt Dependency Check

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Stars: ✭ 187 (-48.06%)

Mutual labels: static-analysis, vulnerabilities

Xattacker

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Stars: ✭ 897 (+149.17%)

Mutual labels: security-tools, scanner

Ossa

Open-Source Security Architecture | 开源安全架构

Stars: ✭ 796 (+121.11%)

Mutual labels: security-tools, vulnerabilities

flask-vuln

Pretty vulnerable flask app..

Stars: ✭ 23 (-93.61%)

Mutual labels: xss, vulnerabilities

Nosqlmap

Automated NoSQL database enumeration and web application exploitation tool.

Stars: ✭ 1,928 (+435.56%)

Mutual labels: security-tools, scanner

Nimscan

🚀 Fast Port Scanner 🚀

Stars: ✭ 134 (-62.78%)

Mutual labels: security-tools, scanner

Ladon

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Stars: ✭ 2,911 (+708.61%)

Mutual labels: security-tools, scanner

Vhostscan

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Stars: ✭ 767 (+113.06%)

Mutual labels: security-tools, scanner

Gosec

Golang security checker

Stars: ✭ 5,694 (+1481.67%)

Mutual labels: static-analysis, security-tools

Awesome Java Security

Awesome Java Security Resources 🕶☕🔐

Stars: ✭ 216 (-40%)

Mutual labels: static-analysis, security-tools

polscan

Zero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities

Stars: ✭ 57 (-84.17%)

Mutual labels: scanner, vulnerabilities

intercept

INTERCEPT / Policy as Code Static Analysis Auditing / SAST

Stars: ✭ 54 (-85%)

Mutual labels: scanner, static-analysis

Applicationinspector

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

Stars: ✭ 3,873 (+975.83%)

Mutual labels: static-analysis, security-tools

Awesome Web Hacking

A list of web application security

Stars: ✭ 3,760 (+944.44%)

Mutual labels: scanner, vulnerabilities

Awesome Python Security

Awesome Python Security resources 🕶🐍🔐

Stars: ✭ 738 (+105%)

Mutual labels: static-analysis, security-tools

Jok3r

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Stars: ✭ 645 (+79.17%)

Mutual labels: security-tools, scanner

Squealer

Telling tales on you for leaking secrets!

Stars: ✭ 97 (-73.06%)

Mutual labels: static-analysis, security-tools

Amdh

Android Mobile Device Hardening

Stars: ✭ 95 (-73.61%)

Mutual labels: static-analysis, security-tools

Anchore Engine

A service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification

Stars: ✭ 1,192 (+231.11%)

Mutual labels: static-analysis, vulnerabilities

vulnerabilities

List of every possible vulnerabilities in computer security.

Stars: ✭ 14 (-96.11%)

Mutual labels: xss, vulnerabilities

Insider

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

Stars: ✭ 216 (-40%)

Mutual labels: static-analysis, security-tools

Tfsec

Security scanner for your Terraform code

Stars: ✭ 3,622 (+906.11%)

Mutual labels: static-analysis, scanner

Terraform Security Scan

Run a security scan on your terraform with the very nice https://github.com/liamg/tfsec

Stars: ✭ 64 (-82.22%)

Mutual labels: static-analysis, scanner

Krane

Kubernetes RBAC static Analysis & visualisation tool