Awesome Open Source
Awesome Open Source

This repository is a collection of hacker tools, resources, and links for vulnerability analysis. Most tools are UNIX-compliant, free, and open source.

🔭 OSINT:

Open-source intelligence (OSINT) is intelligence collected from publicly available sources.


🔨 SecAnalysisTools:

Vulnerability Analysis Software.

Software Category Update Last 6 mouth
hydra Password-cracker ✔️
Archerysec Vulnerability Assessment and Management ✔️
Vuls Vulnerability Assessment and Management ✔️
Metasploit Exploit Framework ✔️
MobSF Exploit Framework (for Mobile) ✔️
git-secret Cryptography ✔️
truffleHog Secret finding
GitLeaks Secret finding ✔️
RedTeamScripts C# scripts ✔️
knock Subdomain Enumeration
SubDomainsBrute Subdomain Enumeration ✔️
SubDomain3 Subdomain Enumeration ✔️
domained Subdomain Enumeration ✔️
routerslpoit Exploit Framework
BeFF Exploit Framework ✔️

SAST:

Software Analyze Code Update Last 6 mouth
Insider Java, Kotlin, Swift, .NET, C#, Javascript ✔️
SpotBugs Java ✔️
PVS-Studio Multilanguage ✔️
PMD Multilanguage ✔️
PHPvulnhunter PHP
FindSecBug Java web, Andriod, Scala, Kotlin, Groovy ✔️
codechecker C/C++ ✔️
cppcheck C/C++ ✔️
cobra PHP,Java
brakeman Ruby on Rails ✔️
SecCodeScan C#, VB.NET ✔️
Cascade C#
Bandit Python ✔️
LLVM Clang C, Objective-C, C++ and Objective-C++ ✔️

DAST, IAST:

Software Description Update Last 6 mouth
Snyk Scanner Source Code ✔️
ScanOval Application Vulnerabilities in XML files ✔️
DefectDojo Scanner Django ✔️
Contrast Application Scanner Framework ✔️
CloudSploit Analyze Cloud Infrastructure ✔️
SonaQube Application Scanner Framework ✔️
WhiteSourceSoft Application Scanner Framework ✔️
PT Application Inspector Application Scanner Framework ✔️

Scanners:

Software Category Update Last 6 mouth
Tsunami Scanner ✔️
WATOBO Web Scanner ✔️
Osmedeus Scanner ✔️
OneForAll Scanner ✔️
osprey Web Scanner
Xray Web Scanner ✔️
AZScanner Scanner
faraday Scanner ✔️
GroundScan Scanner
BBScan Scanner
AnyScan Scanner
WAScan Web Scanner ✔️
YukiChan Scanner
Poscan Scanner
w3af Web Scanner
sn1per Scanner ✔️
Scanless Scanner ✔️
NoSQLMap NoSQL Scanner ✔️
Nmap Scanner ✔️
NetSparker Scanner ✔️
Wapiti Web Scanner ✔️
Golismero Scanner ✔️
Nexpose Scanner ✔️
Raccoon Scanner
WhatWeb Web Scanner ✔️
Puma Scan Scanner Analysis ✔️
Arachni Web Scanner
Legion Scanner ✔️
Nessus Scanner ✔️
OpenVAS Scanner ✔️
Acuentrix Scanner ✔️
Nikto Web Scanner ✔️
Sqlmap SQL Scanner ✔️
Striker Scanner
Zaproxy Web Scanner ✔️
AutoRecon Scanner ✔️

📂 Vulnerability Database:

Data Description
CVE Common Vulnerabilities and Exposures system provides a reference-method for publicly known information-security vulnerabilities and exposures
Exploitdb The Exploit Database - Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more
0day 0day Today is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals
NVD NIST NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP)
Vuldb Vulnerability database documenting and explaining security vulnerabilities and exploits
Synk Vulnerability database detailed information and remediation guidance for known vulnerabilities

📋 ATT&CK tests by @atomic-red-team



Alternative Project Comparisons
Related Awesome Lists
Top Programming Languages
Top Projects

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
Python (806,114
Web (37,375
Vulnerabilities (15,535
Scanner (13,984
Exploitation (4,658
Penetration Testing (3,119
Subdomain (1,993
Security Tools (1,891
Osint (1,135
Vulnerability Scanner (496
Pentest Tool (438
Scanner Web (52
Secdevops (19