Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for security audit
security-audit
x
394 search results found
Lynis
⭐
12,150
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Vuls
⭐
10,487
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Prowler
⭐
9,547
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
Wazuh
⭐
8,176
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Scanners Box
⭐
7,972
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Ecapture
⭐
7,730
Capture SSL/TLS text content without a CA certificate using eBPF. This tool is compatible with Linux/Android x86_64/Aarch64.
Brakeman
⭐
6,840
A static analysis security vulnerability scanner for Ruby on Rails applications
Dependencycheck
⭐
5,870
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Osv Scanner
⭐
5,632
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
Faraday
⭐
4,422
Open Source Vulnerability Management Platform
Epic
⭐
4,105
Dynamic java method AOP hook for Android(continution of Dexposed on ART), Supporting 5.0~11
Arachni
⭐
3,632
Web Application Security Scanner Framework
Gda Android Reversing Tool
⭐
3,519
the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc.
Cloudsploit
⭐
3,155
Cloud Security Posture Management (CSPM)
Cobra
⭐
3,111
Source Code Security Audit (源代码安全审计)
Vulscan
⭐
2,983
Advanced vulnerability scanning with Nmap NSE
Xunfeng
⭐
2,946
巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Nosqlmap
⭐
2,728
Automated NoSQL database enumeration and web application exploitation tool.
Bundler Audit
⭐
2,625
Patch-level verification for Bundler
Github Dorks
⭐
2,546
Find leaked secrets via github search
Dockle
⭐
2,534
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Gscan
⭐
2,497
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化
Find Sec Bugs
⭐
2,160
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Reconnoitre
⭐
2,053
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Owasp Masvs
⭐
1,938
The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
Little Rat
⭐
1,842
🐀 Small chrome extension to monitor (and optionally block) other extensions' network calls
Pwndoc
⭐
1,827
Pentest Report Generator
Sn0int
⭐
1,749
Semi-automatic OSINT framework and package manager
Diamorphine
⭐
1,639
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
Bearer
⭐
1,554
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Dsinternals
⭐
1,476
Directory Services Internals (DSInternals) PowerShell Module and Framework
W5
⭐
1,378
Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Inql
⭐
1,378
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
Secure Ios App Dev
⭐
1,338
Collection of the most common vulnerabilities found in iOS applications
Rails Security Checklist
⭐
1,305
🔑 Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)
Cset
⭐
1,243
Cybersecurity Evaluation Tool
Graudit
⭐
1,182
grep rough audit - source code auditing tool
Ssh Mitm
⭐
1,176
SSH-MITM - ssh audits made simple
Pythem
⭐
1,172
pentest framework
Repo Security Scanner
⭐
1,132
CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys
Cs Suite
⭐
1,118
Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
Vhostscan
⭐
1,114
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Sysreptor
⭐
979
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
Enum4linux Ng
⭐
896
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Pip Audit
⭐
882
Audits Python environments and dependency trees for known vulnerabilities
Habu
⭐
853
Hacking Toolkit
Cansina
⭐
852
Web Content Discovery Tool
Advisory Db
⭐
849
Security advisory database for Rust crates published through crates.io
Cli
⭐
833
The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.
Wordpress Exploit Framework
⭐
822
A Ruby framework designed to aid in the penetration testing of WordPress systems.
Npq
⭐
811
🎖safely* install packages with npm or yarn by auditing them as part of your install process
Skf Flask
⭐
794
Security Knowledge Framework (SKF) Python Flask / Angular project
Electriceye
⭐
794
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
Golang Tls
⭐
788
Simple Golang HTTPS/TLS Examples
Nfcgate
⭐
770
An NFC research toolkit application for Android
Web Cache Vulnerability Scanner
⭐
756
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
Smart Contract Security Audits
⭐
745
Certified Smart Contract Audits for Ethereum, Solana, Near, Cardano, Aptos, Sui, Binance Smart Chain, Fantom, EOS, Tezos by softstack (formerly Chainsulting)
Kube Scan
⭐
734
kube-scan: Octarine k8s cluster risk assessment tool
Dawnscanner
⭐
714
Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
Ossa
⭐
711
Open-Source Security Architecture | 开源安全架构
Linux_kernel_cves
⭐
691
Tracking CVEs for the linux Kernel
Gourdscanv2
⭐
683
被动式漏洞扫描系统
Dep Scan
⭐
673
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
Betterscan Ce
⭐
673
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)
Objectivepgp
⭐
644
ObjectivePGP is an open-source library for iOS and macOS that provides developers with tools for implementing OpenPGP encryption and decryption, digital signing, and signature verification in their applications, thereby enhancing security and data integrity.
Sqliscanner
⭐
640
Automatic SQL injection with Charles and sqlmap api
Rockyou2021.txt
⭐
636
RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!
Dradis Ce
⭐
608
Dradis Framework: Colllaboration and reporting for IT Security teams
Packj
⭐
573
Packj stops ⚡ Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain
Jok3r
⭐
564
Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Smart Contract Audits
⭐
558
Smart Contract security audit reports
Kubehound
⭐
552
Kubernetes Attack Graph
Hellraiser
⭐
545
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Cargo Auditable
⭐
539
Make production Rust binaries auditable
Tlsfuzzer
⭐
536
SSL and TLS protocol test suite and fuzzer
0xsp Mongoose
⭐
529
a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Klar
⭐
504
Integration of Clair and Docker Registry
Kubestriker
⭐
500
A Blazing fast Security Auditing tool for Kubernetes
Archstrike
⭐
487
An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Django Secure
⭐
479
This project was merged into Django 1.8, and is now unsupported and unmaintained as a third-party app.
Fwanalyzer
⭐
475
a tool to analyze filesystem images for security
Aura
⭐
468
Python source code auditing and static analysis on a large scale
Ssti Payloads
⭐
465
🎯 Server Side Template Injection Payloads
Securitymanageframwork
⭐
421
Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Badkarma
⭐
408
network reconnaissance toolkit
Aws Cloudsaga
⭐
406
AWS CloudSaga - Simulate security events in AWS
Otseca
⭐
384
Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Smart Contract Auditor Tools And Techniques
⭐
384
This repo contains a comprehensive list of smart contract auditor tools and techniques that can be utilized by both smart contract auditors and blockchain developers for developing secure smart contracts
Ehids Agent
⭐
374
A Linux Host-based Intrusion Detection System based on eBPF.
Super
⭐
373
Secure, Unified, Powerful and Extensible Rust Android Analyzer
Taipan
⭐
369
Web application vulnerability scanner
Sippts
⭐
347
Set of tools to audit SIP based VoIP Systems
Dependency Check Gradle
⭐
340
The dependency-check gradle plugin is a Software Composition Analysis (SCA) tool that allows projects to monitor dependent libraries for known, published vulnerabilities.
Powershellisfun
⭐
338
Repository with the scripts that I have used in my blogs on https://powershellisfun.com. If you like these, please sponsor this project using the Sponsor button below
Sec Admin
⭐
329
分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
Quillaudit_reports
⭐
312
QuillAudits Smart Contracts, deFi, NFT, tokens,Dao , Dex and DApps Audit Reports
Webapp Checklist
⭐
302
Technical details that a programmer of a web application should consider before making the site public.
Raptor
⭐
294
Web-based Source Code Vulnerability Scanner
Mix_audit
⭐
291
🕵️♀️ MixAudit provides a mix deps.audit task to scan a project Mix dependencies for known Elixir security vulnerabilities
Opencspm
⭐
285
Open Cloud Security Posture Management Engine
1-100 of 394 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.