Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for security tools
security-tools
x
1,760 search results found
Revshellgen
⭐
441
Reverse shell generator written in Python 3.
Graphql Armor
⭐
440
🛡️ The missing GraphQL security security layer for Apollo GraphQL and Yoga / Envelop servers 🛡️
Shodansploit
⭐
437
🔎 shodansploit > v1.3.0
Eraser
⭐
436
🧹 Cleaning up images from Kubernetes nodes
Alanframework
⭐
435
A C2 post-exploitation framework
Awesome Ruby Security
⭐
433
Awesome Ruby Security resources
Sharkjack Payloads
⭐
432
The Official Hak5 Shark Jack Payload Repository
Dgfraud
⭐
432
A Deep Graph-based Toolbox for Fraud Detection
Awesome Dotnet Security
⭐
430
Awesome .NET Security Resources
Github Subdomains
⭐
426
Find subdomains on GitHub.
Xss Listener
⭐
425
🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
Hackertarget
⭐
422
🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯
Honggfuzz Rs
⭐
422
Fuzz your Rust code with Google-developed Honggfuzz !
Gadgetprobe
⭐
420
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Webshell Sniper
⭐
416
🔨 Manage your website via terminal
Gtfonow
⭐
414
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
Sec Tools
⭐
412
🍉一款基于Python-Django的多功能Web安全渗透测试工具,包含漏洞扫描,端口扫描,指纹识
H2csmuggler
⭐
408
HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Jfscan
⭐
407
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.
Rta
⭐
407
Red team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.
Bomber
⭐
406
Scans Software Bill of Materials (SBOMs) for security vulnerabilities
Gradejs
⭐
399
GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Telemetrysourcerer
⭐
397
Enumerate and disable common sources of telemetry used by AV/EDR.
Mquery
⭐
395
YARA malware query accelerator (web frontend)
Awesome Bbht
⭐
390
A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Iot Pt
⭐
389
A Virtual environment for Pentesting IoT Devices
Local Log4j Vuln Scanner
⭐
386
Simple local scanner for vulnerable log4j instances
Otseca
⭐
384
Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Vulscan
⭐
382
vulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命
Pdfrip
⭐
382
A multi-threaded PDF password cracking utility equipped with commonly encountered password format builders and dictionary attacks.
Pyup
⭐
376
A tool to update your project's dependencies on GitHub. Runs on pyup.io, comes with a command line interface.
Recon Pipeline
⭐
374
An automated target reconnaissance pipeline.
Myscan
⭐
374
myscan 被动扫描
Super
⭐
373
Secure, Unified, Powerful and Extensible Rust Android Analyzer
Packetsquirrel Payloads
⭐
372
The Official Packet Squirrel Payload Repository
Cookie_crimes
⭐
371
Read local Chrome cookies without root or decrypting
Spicypass
⭐
371
A light-weight password manager with a focus on simplicity and security
Taipan
⭐
369
Web application vulnerability scanner
Domain Protect
⭐
369
OWASP Domain Protect - prevent subdomain takeover
Gpgfrontend
⭐
368
A free, open-source, robust yet user-friendly, compact and cross-platform tool for OpenPGP encryption. It stands out as an exceptional GUI frontend for the modern GnuPG (gpg).
Wssat
⭐
367
WEB SERVICE SECURITY ASSESSMENT TOOL
Dotdotslash
⭐
366
Search for Directory Traversal Vulnerabilities
Red Baron
⭐
366
Automate creating resilient, disposable, secure and agile infrastructure for Red Teams
Pentester Fully Automatic Scanner
⭐
366
DNS Subdomain● Brute force ● Web Spider ● Nmap Scan ● etc
Bridge
⭐
365
无回显漏洞测试辅助平台,平台使用Java编写,提供DNSLOG,HTTPLOG等功能,辅助渗透测试过
Vulnrepo
⭐
364
VULNRΞPO - Free vulnerability report generator and repository end-to-end encrypted. Complete templates of issues, CWE, CVE, MITRE ATT&CK, PCI DSS, issues import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/PDF report, attachments, automatic changelog, statistics, vulnerability management, methodologies and much more!
Red_team_attack_lab
⭐
360
Red Team Attack Lab for TTP testing & research
Witness
⭐
359
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.
Bfac
⭐
358
BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source code.
Artemis
⭐
357
A modular vulnerability scanner with automatic report generation capabilities.
Firefly
⭐
352
Black box fuzzer for web applications
Tartufo
⭐
351
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
Unwebpack Sourcemap
⭐
350
Extract uncompiled, uncompressed SPA code from Webpack source maps.
Heralding
⭐
349
Credentials catching honeypot
H1domains
⭐
347
HackerOne "in scope" domains
Sippts
⭐
347
Set of tools to audit SIP based VoIP Systems
Gosint
⭐
345
Gosint is a distributed asset information collection and vulnerability scanning platform
Aws Sso Cli
⭐
341
A powerful tool for using AWS Identity Center for the CLI and web console.
Koko Moni
⭐
338
一个网络空间搜索引擎监控平台,可定时进行资产信息爬取,及时发现新增资产,本项目聚合了 Fofa、Hunter、Quake、Zoomeye 和 Threatbook 的数据源,并对获取到的数据进行去重与清洗
Powershellisfun
⭐
338
Repository with the scripts that I have used in my blogs on https://powershellisfun.com. If you like these, please sponsor this project using the Sponsor button below
Apk Medit
⭐
337
memory search and patch tool on debuggable apk without root & ndk
Slsa Github Generator
⭐
335
Language-agnostic SLSA provenance generation for Github Actions
Authz0
⭐
331
🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
Mssqlproxy
⭐
329
mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse
Ostorlab
⭐
327
Ostorlab is a security scanning orchestrator for the modern age.
Rebuilderd
⭐
327
Independent verification of binary packages - reproducible builds
S3 Buckets Finder
⭐
325
Find AWS S3 buckets and test their permissions.
Susanoo
⭐
324
A REST API security testing framework.
Pcapviz
⭐
320
Visualize network topologies and collect graph statistics based on pcap files
Superman
⭐
319
🤖 Kill The Protected Process 🤖
Njsscan
⭐
318
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Kube Psp Advisor
⭐
317
Help building an adaptive and fine-grained pod security policy
Sbscan
⭐
316
SBSCAN是一款专注于spring框架的渗透测试工具,可以对指定站点进行springboot未授权 [SBSCAN is a penetration testing tool focused on the spring framework that can scan springboot sensitive information/unauthorized for specified sites and scan and validate spring related vulnerabilities]
Ggshield Action
⭐
313
GitGuardian Shield GitHub Action - Find exposed credentials in your commits
Grc2
⭐
312
grim reaper c2
Watchdog
⭐
309
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Yaklang
⭐
308
A programming language exclusively designed for cybersecurity
Findwebshell
⭐
306
findWebshell是一款基于python开发的webshell检测工具。
Vulny Code Static Analysis
⭐
301
Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Smogcloud
⭐
299
Find cloud assets that no one wants exposed 🔎 ☁️
Rescope
⭐
298
A scope generation tool for Burp Suite & ZAP
Werdlists
⭐
296
⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases
Second Order
⭐
295
Second-order subdomain takeover scanner
Slack
⭐
295
一款Go Wails实现的GUI工具,功能涵盖网站扫描、端口扫描、企业信息收集、子域名暴破、空间引擎搜索、CD
Raptor
⭐
294
Web-based Source Code Vulnerability Scanner
Eyejo
⭐
294
EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快
Lit Bb Hack Tools
⭐
293
Little Bug Bounty & Hacking Tools⚔️
East
⭐
293
Exploits and Security Tools Framework 2.0.1
Pentoo Overlay
⭐
292
Gentoo overlay for security tools as well as the heart of the Pentoo Livecd
Awesome Java Security
⭐
291
Awesome Java Security Resources 🕶☕🔐
Msrc Microsoft Security Updates Api
⭐
290
Repo with getting started projects for the Microsoft Security Updates API (msrc.microsoft.com/update-guide)
Dnsmonster
⭐
290
Passive DNS Capture and Monitoring Toolkit
Reveil
⭐
289
Bringing back the most advanced system and security analysis tool.
Bytecodedl
⭐
289
A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
Progpilot
⭐
288
A static analysis tool for security
Polichombr
⭐
287
Collaborative malware analysis framework
Credential Digger
⭐
287
A Github scanning tool that identifies hardcoded credentials while filtering the false positive data through machine learning models 🔒
Knary
⭐
282
A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support
Githubmonitor
⭐
279
根据关键字与 hosts 生成的关键词,利用 github 提供的 api,监控 git 泄漏。
Wsltools
⭐
278
Web Scan Lazy Tools - Python Package
Related Searches
Python Security Tools (592)
301-400 of 1,760 search results
< Previous
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.