Trending repositories for topic security-audit
TangGo测试平台是无糖信息技术有限公司集多年渗透测试实战经验设计和开发的国产化综合性测试平台,为软件测试、网络安全从业人员提供强大且易用的测试工具及多人协同的工作环境,主要用于Web站点的功能测试、安全测试和安全评估。
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. ...
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leakin...
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Automated NoSQL database enumeration and web application exploitation tool.
This repo contains a comprehensive list of smart contract auditor tools and techniques that can be utilized by both smart contract auditors and blockchain developers for developing secure smart contra...
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
TangGo测试平台是无糖信息技术有限公司集多年渗透测试实战经验设计和开发的国产化综合性测试平台,为软件测试、网络安全从业人员提供强大且易用的测试工具及多人协同的工作环境,主要用于Web站点的功能测试、安全测试和安全评估。
Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets
I developed a rigorous cybersecurity project portfolio on mock clients covering NIST, audits, Linux, SQL, assets, threats, vulnerabilities, detection, incident response, escalation, Wireshark, tcpdump...
This repo contains a comprehensive list of smart contract auditor tools and techniques that can be utilized by both smart contract auditors and blockchain developers for developing secure smart contra...
Corax for Java: A general static analysis framework for java code checking.
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
Automated NoSQL database enumeration and web application exploitation tool.
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Repository with the scripts that I have used in my blogs on https://powershellisfun.com. If you like these, please sponsor this project using the Sponsor button below or buy me a coffee :) https://ww...
the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leakin...
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. ...
Audits Python environments, requirements files and dependency trees for known security vulnerabilities, and can automatically fix them
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. ...
TangGo测试平台是无糖信息技术有限公司集多年渗透测试实战经验设计和开发的国产化综合性测试平台,为软件测试、网络安全从业人员提供强大且易用的测试工具及多人协同的工作环境,主要用于Web站点的功能测试、安全测试和安全评估。
the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leakin...
Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
Automated NoSQL database enumeration and web application exploitation tool.
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
This repo contains a comprehensive list of smart contract auditor tools and techniques that can be utilized by both smart contract auditors and blockchain developers for developing secure smart contra...
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
TangGo测试平台是无糖信息技术有限公司集多年渗透测试实战经验设计和开发的国产化综合性测试平台,为软件测试、网络安全从业人员提供强大且易用的测试工具及多人协同的工作环境,主要用于Web站点的功能测试、安全测试和安全评估。
I developed a rigorous cybersecurity project portfolio on mock clients covering NIST, audits, Linux, SQL, assets, threats, vulnerabilities, detection, incident response, escalation, Wireshark, tcpdump...
Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets
This repo contains a comprehensive list of smart contract auditor tools and techniques that can be utilized by both smart contract auditors and blockchain developers for developing secure smart contra...
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & ...
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Corax for Java: A general static analysis framework for java code checking.
the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leakin...
Automated NoSQL database enumeration and web application exploitation tool.
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. ...
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
TangGo测试平台是无糖信息技术有限公司集多年渗透测试实战经验设计和开发的国产化综合性测试平台,为软件测试、网络安全从业人员提供强大且易用的测试工具及多人协同的工作环境,主要用于Web站点的功能测试、安全测试和安全评估。
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leakin...
Automated NoSQL database enumeration and web application exploitation tool.
Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets
TangGo测试平台是无糖信息技术有限公司集多年渗透测试实战经验设计和开发的国产化综合性测试平台,为软件测试、网络安全从业人员提供强大且易用的测试工具及多人协同的工作环境,主要用于Web站点的功能测试、安全测试和安全评估。
I developed a rigorous cybersecurity project portfolio on mock clients covering NIST, audits, Linux, SQL, assets, threats, vulnerabilities, detection, incident response, escalation, Wireshark, tcpdump...
Repository containing source code of MixewayFlow service that is Swiss army knife for DevSecOps Teams
Labsecurity is a tool that bundles ethical hacking python scripts into a single tool with cli interface.
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
Repository with the scripts that I have used in my blogs on https://powershellisfun.com. If you like these, please sponsor this project using the Sponsor button below or buy me a coffee :) https://ww...
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & ...
Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets
RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and add reviewers. RedFlag's flexible configuration makes it valua...
Contains a collection of Bash scripts designed for comprehensive security audits and network mapping of Active Directory (AD) environments. The scripts automate various tasks including LDAP querying, ...
TangGo测试平台是无糖信息技术有限公司集多年渗透测试实战经验设计和开发的国产化综合性测试平台,为软件测试、网络安全从业人员提供强大且易用的测试工具及多人协同的工作环境,主要用于Web站点的功能测试、安全测试和安全评估。
A Golang package for scanning private and public IPs for open TCP ports 👁️
Learn to audit Solana programs and help secure the ecosystem. Take your security practices to the next level and get certified by Ackee Blockchain Security. It's free, too.
I developed a rigorous cybersecurity project portfolio on mock clients covering NIST, audits, Linux, SQL, assets, threats, vulnerabilities, detection, incident response, escalation, Wireshark, tcpdump...
Repository containing source code of MixewayFlow service that is Swiss army knife for DevSecOps Teams
Scan your web apps for vulnerabilities, misconfigurations, and other security issues with the Pentest-Tools.com command-line program.
Checklist for security audit of ZKP projects by @positivesecurity
Bulk Scanning Tool for OpenSSH CVE-2024-6387, CVE-2006-5051 , CVE-2008-4109 and others.
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. ...
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container ima...
the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leakin...
Learn to audit Solana programs and help secure the ecosystem. Take your security practices to the next level and get certified by Ackee Blockchain Security. It's free, too.
Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets
Pen Test Report Generation and Assessment Collaboration
A WiFi security auditing software mainly based on aircrack-ng tools suite
Identify hardcoded secrets in static structured text (version 2)
Application Portfolio Auditor is a tool assessing cloud readiness, quality, and security of large sets of apps. It gathers and aggregates insights of multiple software analyzers.
Awesome links to automate your cybersecurity checks
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container ima...
SMBScan is a tool to enumerate file shares on an internal network.
Welcome Cybersecurity's World. An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Re...
Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
Nmap script that scans for probable vulnerabilities based on services discovered in open ports.
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.