security-automation

There are 145 repositories under security-automation topic.

• wazuh / wazuh

  Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

  securitycompliancelog-analysisvulnerability-detectioncybersecurityfile-integrity-monitoringinfosecmalware-detectioncloud-securitycontainer-securitysecurity-automationsecurity-toolssiemxdrconfiguration-assessementincident-responsepci-dsssecurity-auditsecurity-hardeningwazuh
  Language:C 13479

• future-architect / vuls

  Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

  vulsvulnerability-scannersgolanggolinuxfreebsdvulnerability-detectionsecuritysecurity-toolscybersecuritysecurity-vulnerabilitysecurity-scannersecurity-hardeningsecurity-automationsecurity-auditvulnerability-assessmentvulnerability-managementvulnerability-scannervulnerabilitiesadministrator
  Language:Go 11739
• xonsh

  xonsh / xonsh

  :shell: Python-powered shell. Full-featured and cross-platform.

  pythonxonshshellclicommand-lineconsolebashdevopsfishzshiterm2data-sciencedata-engineeringsecurity-automationraspberry-piartificial-intelligence
  Language:Python 8971
• Scanners-Box

  We5ter / Scanners-Box

  A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

  pentesting-toolshacker-toolsvulnerability-scannersinformation-securityredteam-toolspenetration-testingdevsecopssecurity-automationsmart-contractsprivacy-complianceapk-analysisbinary-analysisexploitation-frameworkmalware-analysissecurity-auditcode-analyzerstatic-analysiswifi-hackingwifi-security
  8642

• securego / gosec

  Go security checker

  golangsecuritysecurity-toolssecurity-automationstatic-analysisstatic-code-analysis
  Language:Go 8441
• monkey

  guardicore / monkey

  Infection Monkey - An open-source adversary emulation platform

  adversary-emulationinfection-monkeypenetration-testingsecurity-automationsecurity-tools
  Language:Python 6774
• caldera

  mitre / caldera

  Automated Adversary Emulation Platform

  adversary-emulationcalderacybersecurityhackingmitremitre-attackmitre-corporationred-teamsecurity-automationsecurity-testing
  Language:Python 6420

• infobyte / faraday

  Open Source Vulnerability Management Platform

  devopspenetration-testingvulnerabilityvulnerability-scannerssecuritysecurity-auditpentestingcontinuous-scanninginfosecvulnerability-managementcollaborationburpsuitenessusnmapdevsecopssecurity-automationorchestrationcveappseccybersecurity
  Language:Python 5941

• DefectDojo / django-DefectDojo

  Open-Source Unified Vulnerability Management, DevSecOps & ASPM

  pythonvulnerability-databasesdjangosecurityowaspanalyticsvulnerability-managementautomationsecurity-automationsecurity-orchestrationdevsecopsvulnerability-correlationkuberneteshacktoberfestappsec
  Language:HTML 4201

• builtbybel / privatezilla

  👀👮🐢🔥Performs a privacy & security check of Windows 10

  windows-10privacyprivacy-protectiontelemetrysecuritysecurity-automationpowershelldebloat
  Language:C# 3723
• dependency-track

  DependencyTrack / dependency-track

  Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

  owaspappsecsecuritybomvulnerabilitiescomponent-analysisnvdsoftware-securitysoftware-composition-analysisscabill-of-materialspackage-urlpurlvulnerability-detectionossindexsbomdevsecopssecurity-automationcyclonedxhacktoberfest
  Language:Java 3230

• Yamato-Security / hayabusa

  Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

  dfirthreathuntingwindowseventlogsrustsigmadetectionattackforensicsincidentresponsehayabusayamatosecuritycybersecurityincident-responsesecurity-automationthreat-hunting
  Language:Rust 2828

• flipkart-incubator / Astra

  Automated Security Testing For REST API's

  securityrestapiautomationpythonowasppenetration-testing-frameworkpostman-collectionci-cdsdlcpenetration-testingsecurity-automation
  Language:Python 2611

• ComplianceAsCode / content

  Security automation content in SCAP, Bash, Ansible, and other formats

  securitycompliancescapxccdfovalcpecceusgcbpci-dssosppstigapplication-securitysecurity-toolssecurity-hardeningsecurity-automationsecurity-profilehardeninginformation-securitycybersecurityansible
  Language:Shell 2531
• bearer

  Bearer / bearer

  Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

  appseccompliancedevsecopsdevsecops-toolssecuritysecurity-toolsdataflowgdprprivacysaststatic-code-analysisvulnerabilitysecurity-auditsecurity-scannervulnerabilitiescode-qualitystatic-analysissecurity-automationowasp
  Language:Go 2398

• cisagov / ScubaGear

  Automation to assess the state of your M365 tenant against CISA's baselines

  assessment-toolcisacybersecuritym365open-policy-agentopen-sourcepowershellregoscubasecuritysecurity-automationcontributions-welcomescubaconnect
  Language:PowerShell 2296

• aress31 / burpgpt

  A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.

  aiburp-extensionsburpsuitecybersecuritygptopenaipentestingsecuritysecurity-automationwebappburp-pluginburpsuite-extendergpt-3openai-api
  Language:Java 2212

• hisxo / gitGraber

  gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

  security-toolsmonitorbugbountysecurity-automationosintredteamrealtimeleaks
  Language:Python 2191

• danieldurnea / FBI-tools

  🕵️ OSINT Tools for gathering information and actions forensics 🕵️

  forensicsosintcybersecurityhackingsecurity-automationsecurity-toolsinfosecawesome-listincident-responsepenetration-testingreconnaissancesecurityawesomepentestingbug-bounty
  2089
• fixinventory

  someengineering / fixinventory

  Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.

  awsgcpinfrastructure-as-codedigitaloceansecuritysecurity-automationcnappcspmcybersecuritypolicy-as-codesecurity-audit
  Language:Python 2032
• Shuffle

  Shuffle / Shuffle

  Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

  agplv3automationcybersecuritydiscordhacktoberfestintegrationsmitre-attackopenapiorchestrationorchestratororchestrator-guisecuritysecurity-automationsecurity-orchestratorshufflesoarworkflow-editor
  Language:Shell 1902
• SubDomainizer

  nsonaniya2010 / SubDomainizer

  A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

  python3security-toolssecurity-automationsecuritysubdomain-scannersubdomain-enumerations3-bucketfind-subdomainscloud-storage-servicesexternal-javascriptssecretssecretfinderbugbountyfind-secretss3-bucketsbug-bountymadeinindia
  Language:Python 1829
• w5

  w5teams / w5

  Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

  soarhackingw5w5soartoolshacksecuritysecurity-toolssecurity-automationhackerpython3automationpython-scriptsecurity-auditdevopsshufflewalkoff
  Language:Python 1532

• GreenmaskIO / greenmask

  PostgreSQL database anonymization and synthetic data generation tool

  golangobfuscationpostgresqlsecuritysecurity-toolsstaginganonymizationsynthetic-dataaigopgsecurity-automationtesting-toolsqadbafakerdatabaseautomationtransformersdata-masking
  Language:Go 1528

• intel / cve-bin-tool

  The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

  cvecvssdevsecopshacktoberfestpythonsbomsbom-toolsecuritysecurity-automationsecurity-toolsswreposystem-toolsvulnerabilitiesvulnerability
  Language:Python 1502

• konstruktoid / hardening

  Hardening Ubuntu. Systemd edition.

  ubuntuubuntu-servershellhardeningsecuritysecurity-hardeningsystemdsecurity-toolssecurity-automationsecurity-complianceinformation-securityhacktoberfest
  Language:Shell 1483
• Sooty

  TheresAFewConors / Sooty

  The SOC Analysts all-in-one CLI tool to automate and speed up workflow.

  pythonsocsecuritysecurity-automationanalystsautomationreputation-checkurlscanproofpoint-decoderphishinganalysisdnsworkflowsoc-analystshashcybersecurity
  Language:Python 1426

• fkie-cad / FACT_core

  Firmware Analysis and Comparison Tool

  firmware-toolsfirmware-analysissecurity-automationsecurity
  Language:Python 1371
• pacbot

  tmobile / pacbot

  PacBot (Policy as Code Bot)

  cloud-securitysecurityawscontinous-compliancecloud-auditingpolicy-as-codecloudsecurity-automationaws-securityjavaangularjscloud-compliance-reportingcloud-nativespring-boot
  Language:Java 1297
• cfn_nag

  stelligent / cfn_nag

  Linting tool for CloudFormation templates

  continuous-testingunit-testingcloudformationawsdevopsiam-rulescloudformation-templatescfn-nagopen-sourcestatic-analysisstelligentcfnlintlintingamazonsecuritysecurity-automationcloudformation-securityhacktoberfestcompliance
  Language:Ruby 1290
• APTRS

  APTRS / APTRS

  Automated pentest reporting with custom templates, project tracking, customer dashboard and client management tools. Streamline your security workflows effortlessly!

  infosecpenetration-testingpentestpentest-reportpentestingsecuritysecurity-automation
  Language:TypeScript 1045

• bitquark / shortscan

  An IIS short filename enumeration tool

  bugbountysecuritysecurity-auditsecurity-scannersecurity-toolsiisiis-serverpentestingpentesting-toolsvulnerability-detectionvulnerability-scannersiis-securityredteamredteam-toolssecurity-automationbugbounty-tool
  Language:Go 1000

• dropbox / securitybot

  Distributed alerting for the masses!

  botduoslacksecurity-automation
  Language:Python 995
• secureCodeBox

  secureCodeBox / secureCodeBox

  secureCodeBox (SCB) - continuous secure delivery out of the box

  securitysecurity-automationsecurity-toolssecurity-testingsecurecodeboxdevsecopskuberneteskubernetes-operatorowaspowasp-zaphacktoberfest
  Language:JavaScript 875
• betterscan

  tcosolutions / betterscan

  Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan

  sastcode-qualitycode-quality-analyzerstatic-analysisstatic-code-analysisstatic-analyzersdevsecopssonarqubecompliancedevopsdevops-toolsgdprowaspsecurity-auditsecurity-automationsecurity-scannersecurity-toolsvulnerabilityvulnerability-scannersecurity-orchestration
  Language:Python 856

• DataDog / KubeHound

  Tool for building Kubernetes attack paths

  adversary-emulationattack-graphattack-pathscloud-native-securityexploitkuberneteskubernetes-securitymitre-attackpurple-teamred-teamsecurity-auditsecurity-automationsecurity-tools
  Language:Go 844