Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for security tools
security-tools
x
1,760 search results found
X64dbg
⭐
42,376
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Trivy
⭐
20,160
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Gitleaks
⭐
15,221
Protect and discover secrets using Gitleaks 🔑
Trufflehog
⭐
13,788
Find and verify credentials
Personal Security Checklist
⭐
13,306
🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2023
Rustscan
⭐
12,153
🤖 The Modern Port Scanner 🤖
Lynis
⭐
12,150
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Zaproxy
⭐
11,661
The ZAP core project
Spiderfoot
⭐
11,035
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Social Analyzer
⭐
10,841
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
Vuls
⭐
10,487
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Scapy
⭐
9,725
Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.
Fail2ban
⭐
9,695
Daemon to ban hosts that cause multiple authentication errors
Prowler
⭐
9,534
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
My Arsenal Of Aws Security Tools
⭐
8,549
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
Wazuh
⭐
8,176
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Safeline
⭐
7,795
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。
Sn1per
⭐
7,480
Attack Surface Management Platform
Gosec
⭐
7,276
Go security checker
Sliver
⭐
7,152
Adversary Emulation Framework
Brakeman
⭐
6,840
A static analysis security vulnerability scanner for Ruby on Rails applications
Web Check
⭐
6,508
🕵️♂️ All-in-one OSINT tool for analysing any website
Rengine
⭐
6,446
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Monkey
⭐
6,414
Infection Monkey - An open-source adversary emulation platform
Traitor
⭐
6,329
⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
Awesome Hacker Search Engines
⭐
6,307
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Bandit
⭐
5,989
Bandit is a tool designed to find common security issues in Python code.
Certificates
⭐
5,887
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
Cve
⭐
5,806
Gather and update all available and newest CVEs with their PoC.
Osv Scanner
⭐
5,632
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
Reconftw
⭐
5,204
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Linux Exploit Suggester
⭐
5,139
Linux privilege escalation auditing tool
Whatweb
⭐
5,096
Next generation web scanner
Osmedeus
⭐
5,076
A Workflow Engine for Offensive Security
Syzkaller
⭐
5,008
syzkaller is an unsupervised coverage-guided kernel fuzzer
Scan4all
⭐
4,909
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
Autosploit
⭐
4,858
Automated Mass Exploiter
1earn
⭐
4,841
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Awesome Security Hardening
⭐
4,670
A collection of awesome security hardening guides, tools and other resources
Modlishka
⭐
4,670
Modlishka. Reverse Proxy.
Awesome Shodan Queries
⭐
4,597
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Ladon
⭐
4,564
Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SM
Cheatsheet God
⭐
4,540
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Threatmapper
⭐
4,534
Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.
Arl
⭐
4,502
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Terrascan
⭐
4,500
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Applicationinspector
⭐
4,152
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Spicedb
⭐
4,131
Open Source, Google Zanzibar-inspired permissions database to enable fine-grained access control for customer applications
Redteam Tools
⭐
4,019
Tools and Techniques for Red Team / Penetration Testing
Cameradar
⭐
3,626
Cameradar hacks its way into RTSP videosurveillance cameras
Blackhat Arsenal Tools
⭐
3,551
Official Black Hat Arsenal Security Tools Repository
Htrace.sh
⭐
3,514
My simple Swiss Army knife for http/https troubleshooting and profiling.
Pocsuite3
⭐
3,412
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Cli
⭐
3,403
🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
Android Pin Bruteforce
⭐
3,291
Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)
Usbrubberducky Payloads
⭐
3,242
The Official USB Rubber Ducky Payload Repository
Privacy.sexy
⭐
3,241
Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy
Stegcloak
⭐
3,158
Hide secrets with invisible characters in plain text securely using passwords 🧙🏻♂️⭐
Bbot
⭐
3,155
A recursive internet scanner for hackers.
Cobra
⭐
3,111
Source Code Security Audit (源代码安全审计)
Intelowl
⭐
3,108
IntelOwl: manage your Threat Intelligence at scale
Consoleme
⭐
3,025
A Central Control Plane for AWS Permissions and Access
Vulmap
⭐
2,935
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
Nettacker
⭐
2,915
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
Secretscanner
⭐
2,900
🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓
Chipsec
⭐
2,771
Platform Security Assessment Framework
Nosqlmap
⭐
2,728
Automated NoSQL database enumeration and web application exploitation tool.
Awesome Hacking
⭐
2,716
Awesome hacking is an awesome collection of hacking tools.
Black Hat Rust
⭐
2,662
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
Pentest Tools
⭐
2,652
A collection of custom security tools for quick needs.
Bundler Audit
⭐
2,625
Patch-level verification for Bundler
Attacksurfaceanalyzer
⭐
2,616
Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.
Securityonion
⭐
2,589
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, and case management. It also includes other tools such as Playbook, osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
Awesome Bugbounty Tools
⭐
2,580
A curated list of various bug bounty tools
Dockle
⭐
2,534
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Awesome Mobile Security
⭐
2,511
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Containerssh
⭐
2,504
ContainerSSH: Launch containers on demand
Bashbunny Payloads
⭐
2,499
The Official Bash Bunny Payload Repository
Hyperdbg
⭐
2,457
State-of-the-art native debugging tool
Gscan
⭐
2,412
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化
Sysmon Modular
⭐
2,364
A repository of sysmon configuration modules
Torbot
⭐
2,338
Dark Web OSINT Tool
Emba
⭐
2,229
EMBA - The firmware security analyzer
Stowaway
⭐
2,195
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Gokart
⭐
2,141
A static analysis tool for securing Go code
Gsil
⭐
2,103
GitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
Silenttrinity
⭐
2,087
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Easyprotector
⭐
2,075
一行代码检测XP/调试/多开/模拟器/root
Content
⭐
2,065
Security automation content in SCAP, Bash, Ansible, and other formats
Reconnoitre
⭐
2,053
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Picocrypt
⭐
2,043
A very small, very simple, yet very secure encryption tool.
Appinfoscanner
⭐
1,975
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网
Jaeles
⭐
1,951
The Swiss Army knife for automated Web Application Testing
Apisecuritybestpractices
⭐
1,890
Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.
Kics
⭐
1,882
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Gitgraber
⭐
1,870
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
W13scan
⭐
1,851
Passive Security Scanner (被动式安全扫描器)
Packetstreamer
⭐
1,851
⭐ ⭐ Distributed tcpdump for cloud native environments ⭐ ⭐
Dismap
⭐
1,840
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
Pwndoc
⭐
1,827
Pentest Report Generator
Related Searches
Python Security Tools (592)
1-100 of 1,760 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.