Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for security tools
security-tools
x
1,760 search results found
Privacy Respecting
⭐
1,818
Curated List of Privacy Respecting Services and Software
Awesome Golang Security
⭐
1,768
Awesome Golang Security resources 🕶🔐
Vulnx
⭐
1,763
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
Vxscan
⭐
1,711
python3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释
Dirhunt
⭐
1,700
Find web directories without bruteforce
Hacking With Golang
⭐
1,693
Golang安全资源合集
Subdomainizer
⭐
1,650
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Alternative Frontends
⭐
1,643
🔐🌐 Privacy-respecting web frontends for popular services
Diamorphine
⭐
1,639
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
Netexec
⭐
1,596
The Network Execution Tool
Bearer
⭐
1,554
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Opencve
⭐
1,536
CVE Alerting Platform
Rapidscan
⭐
1,489
🆕 The Multi-Tool Web Vulnerability Scanner.
Xattacker
⭐
1,486
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Cloakify
⭐
1,483
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Ksubdomain
⭐
1,457
无状态子域名爆破工具
Appmon
⭐
1,433
Documentation:
Ladongo
⭐
1,423
Ladon for Kali 全平台开源内网渗透扫描器,Windows/Linux/Mac/路由器内网渗透,使用它可轻松一键批量探
Ghorg
⭐
1,409
Quickly clone an entire org/users repositories into one directory - Supports GitHub, GitLab, Bitbucket, and more 🥚
Owasp Web Checklist
⭐
1,404
OWASP Web Application Security Testing Checklist
Osv.dev
⭐
1,389
Open source vulnerability DB and triage service.
Gitgot
⭐
1,384
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Fhe Toolkit Linux
⭐
1,383
IBM Fully Homomorphic Encryption Toolkit For Linux. This toolkit is a Linux based Docker container that demonstrates computing on encrypted data without decrypting it! The toolkit ships with two demos including a fully encrypted Machine Learning inference with a Neural Network and a Privacy-Preserving key-value search.
W5
⭐
1,378
Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Inql
⭐
1,378
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
Fofa_viewer
⭐
1,377
A simple FOFA client written in JavaFX. Made by WgpSec, Maintained by f1ashine.
Sprayingtoolkit
⭐
1,360
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Lunasec
⭐
1,355
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunase
Gotestwaf
⭐
1,354
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
Pocassist
⭐
1,341
傻瓜式漏洞PoC测试框架
Noseyparker
⭐
1,313
Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
Dronesploit
⭐
1,306
Drone pentesting framework console
A Red Teamer Diaries
⭐
1,294
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Forseti Security
⭐
1,283
Forseti Security
Matano
⭐
1,259
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
Hardening
⭐
1,252
Hardening Ubuntu. Systemd edition.
Log4j Scanner
⭐
1,250
log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
Cariddi
⭐
1,228
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
Goblin
⭐
1,182
一款适用于红蓝对抗中的仿真钓鱼系统
Graudit
⭐
1,182
grep rough audit - source code auditing tool
Ssh Mitm
⭐
1,176
SSH-MITM - ssh audits made simple
Interlace
⭐
1,161
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Toxic
⭐
1,157
A Tox-based instant messaging and video chat client
Fbi Tools
⭐
1,153
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
Pygod
⭐
1,138
A Python Library for Graph Outlier Detection (Anomaly Detection)
Tabby
⭐
1,137
A CAT called tabby ( Code Analysis Tool )
Github Search
⭐
1,121
A collection of tools to perform searches on GitHub.
Cs Suite
⭐
1,118
Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
Vhostscan
⭐
1,114
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Requests Ip Rotator
⭐
1,109
A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
Springboot Scan
⭐
1,108
针对SpringBoot的开源渗透框架,以及Spring相关高危漏洞利用工具
Bypass Firewalls By Dns History
⭐
1,104
Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
Captfencoder
⭐
1,088
Captfencoder is opensource a rapid cross platform network security tool suite, providing network security related code conversion, classical cryptography, cryptography, asymmetric encryption, miscellaneous tools, and aggregating all kinds of online tools.
Metabigor
⭐
1,087
OSINT tools and more but without API ke
Goby
⭐
1,081
Attack surface mapping
Terraform Aws Secure Baseline
⭐
1,078
Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Git Hound
⭐
1,076
Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos and orgs.
Awesome Flipperzero Withmodules
⭐
1,074
A collection of awesome resources & modules for the Flipper Zero device. Best used with Rogue Master Flipper Zero Custom Firmware.
Changeme
⭐
1,058
A default credential scanner.
Flowmeter
⭐
1,058
⭐ ⭐ Use ML to classify flows and packets as benign or malicious. ⭐ ⭐
Satansword
⭐
1,048
红队综合渗透框架
Esd
⭐
1,045
Enumeration sub domains(枚举子域名)
Anti Ddos
⭐
1,043
🔒 Anti DDOS | Bash Script Project 🔒
Sentinel Attack
⭐
1,038
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Perun
⭐
1,037
Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫
Moonwalk
⭐
1,033
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
Qu1cksc0pe
⭐
1,021
All-in-One malware analysis tool.
Inventory
⭐
1,019
Asset inventory of over 800 public bug bounty programs.
Cherrybomb
⭐
1,009
Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
Dexcalibur
⭐
1,003
[Official] Android reverse engineering tool focused on dynamic instrumentation automation leveraging Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
Cve Bin Tool
⭐
997
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
Doublepulsar Detection Script
⭐
993
A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
Gogo
⭐
961
面向红队的, 高度可控可拓展的自动化引擎
Eyeballer
⭐
959
Convolutional neural network for analyzing pentest screenshots
Allin
⭐
955
A flexible scanner
Ios
⭐
943
Most usable tools for iOS penetration testing
Whaler
⭐
942
Program to reverse Docker images into Dockerfiles
Thug
⭐
941
Python low-interaction honeyclient
Extract_otp_secrets
⭐
940
Extract one time password (OTP) secrets from QR codes exported by two-factor authentication (2FA) apps such as "Google Authenticator". The exported QR codes from authentication apps can be captured by camera, read from images, or read from text files. The secrets can be exported to JSON or CSV, or printed as QR codes to console.
Evillimiter
⭐
928
Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Deimosc2
⭐
926
DeimosC2 is a Golang command and control framework for post-exploitation.
Bluespawn
⭐
912
An Active Defense and EDR software to empower Blue Teams
Athena Iso
⭐
902
Athena OS is an Arch Linux-based distro focused on Cybersecurity. Learn, practice and enjoy with any hacking tool!
Security Cheatsheets
⭐
901
🔒 A collection of cheatsheets for various infosec tools and topics.
Security Checklist
⭐
901
A checklist for staying safe on the internet
Awesome Php Security
⭐
886
Awesome PHP Security Resources 🕶🐘🔐
Trivy Operator
⭐
886
Kubernetes-native security toolkit
Awesome Aws Security
⭐
878
Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
Swiftnessx
⭐
877
A cross-platform note-taking & target-tracking app for penetration testers.
Ssh Snake
⭐
874
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
Simple Security Toolkit
⭐
873
A collection of practical security-focused guides and checklists for smart contract development
Awesome Python Security
⭐
867
Awesome Python Security resources 🕶🐍🔐
Template
⭐
866
Next generation RedTeam heuristic intranet scanning | 下一代RedTeam启发式内网扫描
Red Baron
⭐
860
Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
Habu
⭐
853
Hacking Toolkit
Cloudpeler
⭐
841
CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.
Sipvicious
⭐
835
SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA and developers test SIP-based VoIP systems and applications. This toolset is useful in simulating VoIP hacking attacks against PBX systems especially through identification, scanning, extension enumeration and password cracking.
Cli
⭐
833
The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.
Hosthunter
⭐
826
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stacoan
⭐
816
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Related Searches
Python Security Tools (592)
101-200 of 1,760 search results
< Previous
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.
