Topic: security-tools Goto Github

Some thing interesting about security-tools

👇 Here are 4240 public repositories matching this topic...

1n3 / sn1per

security-tools,Attack Surface Management Platform

User: 1n3

sn1per sn1per-professional bugbounty-platform attack-surface cybersecurity pentest-tool pentesting-tools pentest-scripts pentest-tools hacking-tools

a-poc / redteam-tools

security-tools,Tools and Techniques for Red Team / Penetration Testing

User: a-poc

cheatsheet cybersecurity hacking penetration-testing red-team security-tools linux resources tools windows enumeration payload pentest pentest-tools red-team-tools mitre-attack redteam

aquasecurity / trivy

security-tools,Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Organization: aquasecurity

Home Page: https://aquasecurity.github.io/trivy

security security-tools docker containers vulnerability-scanners vulnerability-detection vulnerability golang go kubernetes

authzed / spicedb

security-tools,Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications

Organization: authzed

Home Page: https://authzed.com/docs

zanzibar permissions database scale latency production distributed-systems grpc security security-tools

bishopfox / sliver

security-tools,Adversary Emulation Framework

Organization: bishopfox

security-tools implant golang dns-server http c2 command-and-control red-team red-teaming red-team-engagement

blacklanternsecurity / bbot

security-tools,A recursive internet scanner for hackers.

Organization: blacklanternsecurity

Home Page: https://www.blacklanternsecurity.com/bbot/

hacking neo4j osint osint-framework python subdomain-enumeration automation recon command-line-tool cli

security-tools,Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Organization: cisofy

Home Page: https://cisofy.com/lynis/

shell linux pci-dss compliance security-audit security-hardening security-scanner security-vulnerability hipaa unix

decalage2 / awesome-security-hardening

security-tools,A collection of awesome security hardening guides, tools and other resources

User: decalage2

awesome-list security security-hardening security-tools windows-hardening cybersecurity cyber-security infosec best-practices cis-benchmarks

deepfence / threatmapper

security-tools,Open Source Cloud Native Application Protection Platform (CNAPP)

Organization: deepfence

Home Page: https://deepfence.io

cloud-native vulnerability-management threat-analysis devsecops secops registry-scanning security-tools cwpp observability cloudsecurity

drk1wi / modlishka

security-tools,Modlishka. Reverse Proxy.

User: drk1wi

phishing penetration-testing-tools mitm reverse-proxy security-tools

edoardottt / awesome-hacker-search-engines

security-tools,A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

User: edoardottt

Home Page: https://awesome-hacker-search-engines.com/

awesome awesome-list hacking search-engine osint awesome-lists dns hacking-tools exploit security

fail2ban / fail2ban

security-tools,Daemon to ban hosts that cause multiple authentication errors

Organization: fail2ban

Home Page: http://www.fail2ban.org

linux macos security intrusion-prevention fail2ban bsd gplv2 python ban-hosts intrusion-detection

ffffffff0x / 1earn

security-tools,ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Organization: ffffffff0x

Home Page: https://home.ffffffff0x.com/

markdown-article linux-learning pentest study security collection blueteam redteam post-penetration ics-security

future-architect / vuls

security-tools,Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Organization: future-architect

Home Page: https://vuls.io/

vuls vulnerability-scanners golang go linux freebsd vulnerability-detection security security-tools cybersecurity

ghosttroops / scan4all

security-tools,Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

Organization: ghosttroops

Home Page: https://scan4all.51pwn.com

attack auto golang hacker tools nuclei bugbounty bugbounty-tools hacktools pentest-tool

gitleaks / gitleaks

security-tools,Protect and discover secrets using Gitleaks 🔑

Organization: gitleaks

Home Page: https://gitleaks.io

security security-tools git golang go secret gitleaks devsecops hacktoberfest

google / osv-scanner

security-tools,Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Organization: google

Home Page: https://google.github.io/osv-scanner/

scanner security-audit security-tools vulnerability-scanner

google / syzkaller

security-tools,syzkaller is an unsupervised coverage-guided kernel fuzzer

Organization: google

linux kernel fuzz-testing fuzzing fuzzer testing security security-vulnerability security-tools

guardicore / monkey

security-tools,Infection Monkey - An open-source adversary emulation platform

Organization: guardicore

Home Page: https://www.guardicore.com/infectionmonkey/

adversary-emulation infection-monkey penetration-testing security-automation security-tools

infisical / infisical

security-tools,♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure, prevent secret leaks, and manage internal PKI

Organization: infisical

Home Page: https://infisical.com

cli end-to-end-encryption environment-variables secret-management secrets security open-source golang nextjs nodejs react typescript secret-manager go postgres secret-scanning security-tools

j3ssie / osmedeus

security-tools,A Workflow Engine for Offensive Security

User: j3ssie

Home Page: https://osmedeus.org/

scanning reconnaissance penetration-testing security-tools pentest-tool hacking-tool information-gathering hacking osint bugbounty pentesting golang security go bug-bounty attack-surface attack-surface-management

jakejarvis / awesome-shodan-queries

security-tools,🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

User: jakejarvis

Home Page: https://jarv.is/notes/shodan-search-queries/

shodan infosec pentesting iot internet-of-things security awesome awesome-list hacking penetration-testing

k8gege / ladon

security-tools,Ladon大型内网渗透工具，可PowerShell模块化、可CS插件化、可内存加载，无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息，高危漏洞检测16个含MS17010、Zimbra、Exchange

User: k8gege

Home Page: http://k8gege.org/Ladon/

scanner portscan pentest hacking security security-tools security-scanner poc getshell brute-force

liamg / traitor

security-tools,:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

User: liamg

gtfobins exploit privesc privilege-escalation hackthebox infosec redteam-tools security-tools cve-2021-3560 dirtypipe

lissy93 / personal-security-checklist

security-tools,🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024

User: lissy93

Home Page: https://digital-defense.io

privacy security censorship cybersecurity checklist awesome surveillance defense open-source protection

lissy93 / web-check

security-tools,🕵️‍♂️ All-in-one OSINT tool for analysing any website

User: lissy93

Home Page: https://web-check.xyz

osint privacy security security-tools sysadmin

microsoft / applicationinspector

security-tools,A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

Organization: microsoft

static-analysis software-characterization application-inspector detection security-tools security-scanner

nullarray / autosploit

security-tools,Automated Mass Exploiter

User: nullarray

metasploit python exploit exploitation offsec automation security-tools security

olivierlaflamme / cheatsheet-god

security-tools,Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

User: olivierlaflamme

penetration-testing security hacking cheatsheet oscp information-security pentesting howto-tutorial refresher penetration-test cheatsheet-god oscp5 oscp-tools oscp-journey penetration security-tools security-vulnerability hacking-tool hacking-code awesome

presidentbeef / brakeman

security-tools,A static analysis security vulnerability scanner for Ruby on Rails applications

User: presidentbeef

Home Page: https://brakemanscanner.org/

brakeman rails ruby security security-audit security-tools security-vulnerability static-analysis vulnerabilities

prowler-cloud / prowler

security-tools,Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

Organization: prowler-cloud

Home Page: https://prowler.com

security security-tools security-audit security-hardening hardening aws cis-benchmark compliance gdpr forensics

pycqa / bandit

security-tools,Bandit is a tool designed to find common security issues in Python code.

Organization: pycqa

Home Page: https://bandit.readthedocs.io

linter bandit security-tools security-scanner security static-code-analysis python

qeeqbox / social-analyzer

security-tools,API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

Organization: qeeqbox

osint social-media analyzer username profile reconnaissance pentest information-gathering pentesting social-analyzer

rustscan / rustscan

security-tools,🤖 The Modern Port Scanner 🤖

Organization: rustscan

security pentesting hacking port scanning networking security-tools nmap rust docker

secdev / scapy

security-tools,Scapy: the Python-based interactive packet manipulation program & library.

Organization: secdev

Home Page: https://scapy.net

scapy python network network-analysis network-visualization network-discovery pcap packet-capture packet-sniffer packet-analyser

securego / gosec

security-tools,Go security checker

Organization: securego

Home Page: https://securego.io

golang security security-tools security-automation static-analysis static-code-analysis

six2dez / reconftw

security-tools,reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

User: six2dez

bugbounty hacking recon pentest subdomain nuclei vulnerabilities scanner fuzzing osint penetration-testing pentesting reconnaissance dns pentest-tool security security-tools bug-bounty

smallstep / certificates

security-tools,🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

Organization: smallstep

Home Page: https://smallstep.com/certificates

tls x509 certificates security security-tools certificate-authority pki ca go acme-server ssh acme

smicallef / spiderfoot

security-tools,SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

User: smicallef

Home Page: http://www.spiderfoot.net

footprinting osint threatintel python infosec intelligence-gathering osint-reconnaissance pentesting threat-intelligence security-tools

tenable / terrascan

security-tools,Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Organization: tenable

Home Page: https://runterrascan.io

security-tools infrastructure-as-code devsecops devops security terraform aws cloudsecurity cloud-security terrascan

the-z-labs / linux-exploit-suggester

security-tools,Linux privilege escalation auditing tool

Organization: the-z-labs

exploits privilege-escalation-exploits kernel-exploitation applicable-exploits security-tools hacking-tool linux-exploits linux-kernel published-exploits

toniblyx / my-arsenal-of-aws-security-tools

security-tools,List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

User: toniblyx

cloud auditing incident-response aws-inventory iam dfir cloudtrail aws-infrastructure aws-lambda security

trickest / cve

security-tools,Gather and update all available and newest CVEs with their PoC.

Organization: trickest

Home Page: https://trickest.com

poc cve cve-poc latest-cve vulnerability vulnerabilities software-vulnerabilities software-security exploit security

trufflesecurity / trufflehog

security-tools,Find, verify, and analyze leaked credentials

Organization: trufflesecurity

Home Page: https://trufflesecurity.com

secret trufflehog credentials security devsecops dynamic-analysis security-tools secrets verification hacktoberfest secret-management precommit scanning

ullaakut / cameradar

security-tools,Cameradar hacks its way into RTSP videosurveillance cameras

User: ullaakut

penetration-testing security hacking infosec rtsp cctv cameras hacking-tool pentesting security-tools netsec

urbanadventurer / whatweb

security-tools,Next generation web scanner

User: urbanadventurer

Home Page: https://www.morningstarsecurity.com/research/whatweb

security web scanner ruby penetration-testing kali-linux owasp penetration-testing-tools penetration-test hacking

vavkamil / awesome-bugbounty-tools

security-tools,A curated list of various bug bounty tools

User: vavkamil

awesome awesome-list bugbounty tools security-tools web-security

wazuh / wazuh

security-tools,Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Organization: wazuh

Home Page: https://wazuh.com/

security compliance log-analysis vulnerability-detection cybersecurity file-integrity-monitoring infosec malware-detection cloud-security container-security

x64dbg / x64dbg

security-tools,An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Organization: x64dbg

Home Page: http://x64dbg.com

debugger windows x64 disassembler reverse-engineering security x86 x86-64 cpp malware-analysis security-tools binary-analysis ctf dynamic-analysis exploit-development hacking oscp debugging program-analysis cybersecurity

yogeshojha / rengine

security-tools,reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

User: yogeshojha

Home Page: https://yogeshojha.github.io/rengine/

security-tools osint recon recon-engine reconnaissance scanner scanner-web rengine information-gathering bugbounty