There are 74 repositories under security-scanner topic.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Fast and customizable vulnerability scanner based on simple YAML based DSL.
The OWASP ZAP core project
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites.
Bandit is a tool designed to find common security issues in Python code.
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Ladon modular hacking framework penetration scanner & Cobalt strike, Ladon 9.2.1 has 171 built-in modules, including information collection / surviving host / port scanning / service identification / password blasting / vulnerability detection / vulnerability utilization. Vulnerability detection includes ms17010 / smbghost / Weblogic / ActiveMQ / Tomcat / Struts2, password and password blasting (MySQL / Oracle / MSSQL) / ftp / SSH (Linux) / VNC / windows (IPC / WMI / SMB / NetBIOS / LDAP / smbhash / wmihash / winrm), remote execution of commands (smbexec / wmieexe / psexec / atexec / sshexec / webshell), lowering and lifting of rights runas, getsystem, POC / exploit, support for global strike 3.x-4.0
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
💡 A hinting engine for the web
Official Black Hat Arsenal Security Tools Repository
Source Code Security Audit (源代码安全审计)
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
Advanced vulnerability scanning with Nmap NSE
A high performance offensive security tool for reconnaissance and vulnerability scanning
nodejsscan is a static security code scanner for Node.js applications.
GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Kubernetes object analysis with recommendations for improved reliability and security
EMBA - The firmware security analyzer
Semi-automatic OSINT framework and package manager
:new: The Multi-Tool Web Vulnerability Scanner.
Application Layer DoS attack simulator
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Discover Your Attack Surface!
A default credential scanner.
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Simple Golang HTTPS/TLS Examples
InQL - A Burp Extension for GraphQL Security Testing
A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
Enumeration sub domains(枚举子域名)
Open-Source Security Architecture | 开源安全架构
Solhint is an open source project created by https://protofire.io. Its goal is to provide a linting utility for Solidity code.
cwe_checker finds vulnerable patterns in binary executables