security-audit
There are 124 repositories under security-audit topic.
gojue / ecapture
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
Language:C 13863CISOfy / lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Language:Shell 13762wazuh / wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Language:C++ 11591future-architect / vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Language:Go 11193- prowler
prowler-cloud / prowler
Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
Language:Python 11163 - Scanners-Box
We5ter / Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
- brakeman
presidentbeef / brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
Language:Ruby 7061 jeremylong / DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Language:Java 6664google / osv-scanner
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
Language:Go 6473- Language:Python 5175
charles2gan / GDA-android-reversing-Tool
the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc.
Language:Java 4304- Language:Ruby 3828
- Language:Python 3557
scipag / vulscan
Advanced vulnerability scanning with Nmap NSE
exploitlualua-scriptnmapnmap-scan-scriptnmap-scriptsnsensescriptpenetration-testingsecuritysecurity-auditsecurity-scannervulnerabilityvulnerability-assessmentvulnerability-database-entryvulnerability-databasesvulnerability-detectionvulnerability-identificationvulnerability-scannersvulnerability-scanningLanguage:Lua 3538aquasecurity / cloudsploit
Cloud Security Posture Management (CSPM)
Language:JavaScript 3417- Language:Python 3158
- Language:Python 2995
techgaun / github-dorks
Find leaked secrets via github search
Language:Python 2869goodwithtech / dockle
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Language:Go 2829rubysec / bundler-audit
Patch-level verification for Bundler
Language:Ruby 2695- Language:Python 2665
evilsocket / bettercap
DEPRECATED, bettercap developement moved here: https://github.com/bettercap/bettercap
- Language:JavaScript 2380
- find-sec-bugs
find-sec-bugs / find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Language:Java 2304 - little-rat
dnakov / little-rat
🐀 Small chrome extension to monitor (and optionally block) other extensions' network calls
Language:JavaScript 2167 - bearer
Bearer / bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Language:Go 2161 codingo / Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Language:Python 2132- sn0intLanguage:Rust 2127
OWASP / owasp-masvs
The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
Language:Python 2089m0nad / Diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
Language:C 1912- DSInternals
MichaelGrafnetter / DSInternals
Directory Services Internals (DSInternals) PowerShell Module and Framework
Language:C# 1677 - fixinventory
someengineering / fixinventory
Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.
Language:Python 1627 - sysreptor
Syslifters / sysreptor
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
Language:Python 1608 - inql
doyensec / inql
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
Language:Python 1578 - Language:Shell 1572
- w5
w5teams / w5
Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Language:Python 1504
