security-tools

There are 226 repositories under security-tools topic.

aquasecurity / trivy
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets
containers devsecops docker go golang hacktoberfest iac infrastructure-as-code kubernetes misconfiguration security security-tools vulnerability vulnerability-detection vulnerability-scanners
Language:Go 12624
zricethezav / gitleaks
Protect and discover secrets using Gitleaks 🔑
security security-tools git golang go secret gitleaks devsecops
Language:Go 9979
CISOfy / lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
shell linux pci-dss compliance security-audit security-hardening security-scanner security-vulnerability hipaa unix vulnerability-detection vulnerability-scanners vulnerability-assessment devops devops-tools system-hardening hardening auditing gdpr security-tools
Language:Shell 9775
future-architect / vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
vuls vulnerability-scanners golang go linux freebsd vulnerability-detection security security-tools cybersecurity security-vulnerability security-scanner security-hardening security-automation security-audit vulnerability-assessment vulnerability-management vulnerability-scanner vulnerabilities administrator
Language:Go 9312
zinclabs / zinc
ZincSearch. A lightweight alternative to elasticsearch that requires minimal resources, written in Go.
elasticsearch go golang log-analytics logging logs modern opensearch search searchengine security-tools vuejs
Language:Go 9237
social-analyzer
qeeqbox / social-analyzer
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
osint social-media analyzer username profile reconnaissance pentest information-gathering pentesting social-analyzer person-profile javascript nodejs python security-tools analysis nodejs-cli cli sosint
Language:JavaScript 9056
personal-security-checklist
Lissy93 / personal-security-checklist
🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2022
awesome awesome-list censorship checklist cybersecurity defense open-source privacy privacy-protection protection security security-tools surveillance web-browsing
8405
spiderfoot
smicallef / spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
attack-surface attacksurface cti cybersecurity footprinting hacking information-gathering infosec intelligence-gathering osint osint-framework osint-reconnaissance osint-tool pentest pentesting python reconnaissance security-tools threat-intelligence threatintel
Language:Python 8082
secdev / scapy
Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.
hacktoberfest network network-analysis network-discovery network-security network-visualization packet-analyser packet-capture packet-crafting packet-sniffer pcap python python2 python3 scapy security security-tools
Language:Python 7685
fail2ban / fail2ban
Daemon to ban hosts that cause multiple authentication errors
anti-bot attack-prevention ban-hosts ban-management bsd fail2ban gplv2 hids ids intrusion-detection intrusion-prevention ips linux loganalyzer macos monitoring python security security-tools
Language:Python 7232
toniblyx / my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
auditing aws-infrastructure aws-inventory aws-lambda cloud cloudtrail dfir iam incident-response security security-tools
Language:Shell 7204
RustScan
RustScan / RustScan
🤖 The Modern Port Scanner 🤖
docker hacking hacktoberfest networking nmap pentesting port rust scanning security security-tools
Language:Rust 6494
brakeman
presidentbeef / brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
ruby rails security static-analysis vulnerabilities brakeman security-vulnerability security-tools security-audit
Language:Ruby 6424
securego / gosec
Golang security checker
golang security security-automation security-tools static-analysis static-code-analysis
Language:Go 6122
prowler
prowler-cloud / prowler
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
assessment aws aws-auditing aws-cli cis cis-benchmark cloud cloudtrail compliance devsecops forensics gdpr hacktoberfest hardening hipaa security security-audit security-hardening security-tools well-architected
Language:Shell 5932
monkey
guardicore / monkey
Infection Monkey - An automated pentest tool
infection-monkey penetration-testing security-automation security-tools
Language:Python 5840
Sn1per
1N3 / Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
attack-surface attacksurface bugbounty-platform bugbounty-tool cybersecurity hacking-tools osint-framework osint-tool penetration-testing pentest-scripts pentest-tool pentest-tools pentesting pentesting-tools redteam-tools security-tools sn1per sn1per-professional sn1persecurity
Language:Shell 5342
traitor
liamg / traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
gtfobins exploit privesc privilege-escalation hackthebox infosec redteam-tools security-tools cve-2021-3560 dirtypipe cve-2022-0847
Language:Go 5228
NullArray / AutoSploit
Automated Mass Exploiter
metasploit python exploit exploitation offsec automation security-tools security
Language:Python 4593
certificates
smallstep / certificates
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
acme acme-server ca certificate-authority certificates go pki security security-tools ssh tls x509
Language:Go 4433
PyCQA / bandit
Bandit is a tool designed to find common security issues in Python code.
linter bandit security-tools security-scanner security static-code-analysis python
Language:Python 4256
rengine
yogeshojha / rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
security-tools osint recon recon-engine reconnaissance scanner scanner-web rengine information-gathering bugbounty hacking scanning pentesting bug-bounty infosec penetration-testing
Language:JavaScript 4244
google / syzkaller
syzkaller is an unsupervised coverage-guided kernel fuzzer
linux kernel fuzz-testing fuzzing fuzzer testing security security-vulnerability security-tools
Language:Go 4206
microsoft / ApplicationInspector
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
application-inspector detection security-scanner security-tools software-characterization static-analysis
Language:C# 3956
drk1wi / Modlishka
Modlishka. Reverse Proxy.
mitm penetration-testing-tools phishing reverse-proxy security-tools
Language:Go 3926
j3ssie / osmedeus
A Workflow Engine for Offensive Security
scanning reconnaissance penetration-testing security-tools pentest-tool hacking-tool information-gathering hacking osint osmedeus bugbounty pentesting golang security go bug-bounty
Language:Go 3895
urbanadventurer / WhatWeb
Next generation web scanner
application-security appsec hacking hacking-tools kali-linux network-security owasp penetration-test penetration-testing penetration-testing-tools pentest pentesting pentesting-tools recon ruby scanner security security-tools web web-hacking
Language:Ruby 3880
Cheatsheet-God
OlivierLaflamme / Cheatsheet-God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
penetration-testing security hacking cheatsheet oscp information-security pentesting howto-tutorial refresher penetration-test cheatsheet-god oscp5 oscp-tools oscp-journey penetration security-tools security-vulnerability hacking-tool hacking-code awesome
3809
mzet- / linux-exploit-suggester
Linux privilege escalation auditing tool
exploits privilege-escalation-exploits kernel-exploitation applicable-exploits security-tools hacking-tool linux-exploits linux-kernel published-exploits
Language:Shell 3598
trimstray / htrace.sh
My simple Swiss Army knife for http/https troubleshooting and profiling.
https-troubleshoting http-requests httptracer redirect-urls testing-tools security-tools debugging-tools swissarmyknife mozilla-observatory ssllabs-scan nmap nmap-scripts testssl waf sublist3r
Language:Shell 3519
1earn
ffffffff0x / 1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
markdown-article linux-learning pentest study security collection blueteam redteam post-penetration ics-security writeup pentest-tool poc ctf security-tools infosec hacking
Language:C++ 3296
Ladon
k8gege / Ladon
大型内网渗透扫描器&Cobalt Strike，Ladon9.1.4内置150个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0
scanner portscan pentest hacking security security-tools security-scanner poc getshell brute-force password netscan tools hack exp ladon ipscanner exploit
Language:C# 3270
awesome-shodan-queries
jakejarvis / awesome-shodan-queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻
shodan infosec pentesting iot internet-of-things security awesome awesome-list hacking penetration-testing shodan-dorks dorks network-infrastructure security-tools security-scanner cloud
3137
terrascan
tenable / terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
architecture aws aws-security azure-security cloud-security cloudsecurity devops devsecops gcp-security iac infrastructure infrastructure-as-code kubernetes sast scans security security-tools security-violations terraform terrascan
Language:Go 3119
cve
trickest / cve
Gather and update all available and newest CVEs with their PoC.
poc cve cve-poc latest-cve vulnerability vulnerabilities software-vulnerabilities software-security exploit security infosec hacking pentesting penetration-testing red-team security-tools software-vulnerability
3067
BishopFox / sliver
Adversary Emulation Framework
security-tools implant golang dns-server http c2 command-and-control red-team red-teaming red-team-engagement adversarial-attacks adversary-simulation sliver gplv3 dns
Language:Go 3055

ezoic increase your site revenue

Related Topics

vue downloader php keras c