Topic: security-tools Goto Github

Some thing interesting about security-tools

👇 Here are 4000 public repositories matching this topic...

1n3 / sn1per

security-tools,Attack Surface Management Platform

User: 1n3

sn1per sn1per-professional bugbounty-platform attack-surface cybersecurity pentest-tool pentesting-tools pentest-scripts pentest-tools hacking-tools

a-poc / redteam-tools

security-tools,Tools and Techniques for Red Team / Penetration Testing

User: a-poc

cheatsheet cybersecurity hacking penetration-testing red-team security-tools linux resources tools windows

aquasecurity / trivy

security-tools,Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Organization: aquasecurity

Home Page: https://aquasecurity.github.io/trivy

security security-tools docker containers vulnerability-scanners vulnerability-detection vulnerability golang go kubernetes hacktoberfest devsecops misconfiguration infrastructure-as-code iac

authzed / spicedb

security-tools,Open Source, Google Zanzibar-inspired permissions database to enable fine-grained access control for customer applications

Organization: authzed

Home Page: https://authzed.com/docs

zanzibar permissions database scale latency production distributed-systems grpc security security-tools

bishopfox / sliver

security-tools,Adversary Emulation Framework

Organization: bishopfox

security-tools implant golang dns-server http c2 command-and-control red-team red-teaming red-team-engagement

security-tools,一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术，作为反向代理接入，保护你的网站不受黑客攻击。 A free WAF that is sufficiently simple, effective, and powerful. Utilizing industry-leading semantic engine detection technology, it operates as a reverse proxy to protect your website from hacker attacks.

Organization: chaitin

Home Page: https://waf-ce.chaitin.cn/

acl cc firewall http-flood security security-tools sql-injection waf web-application-firewall web-security

cisofy / lynis

security-tools,Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Organization: cisofy

Home Page: https://cisofy.com/lynis/

shell linux pci-dss compliance security-audit security-hardening security-scanner security-vulnerability hipaa unix

decalage2 / awesome-security-hardening

security-tools,A collection of awesome security hardening guides, tools and other resources

User: decalage2

awesome-list security security-hardening security-tools windows-hardening cybersecurity cyber-security infosec best-practices cis-benchmarks

deepfence / threatmapper

security-tools,Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.

Organization: deepfence

Home Page: https://deepfence.io

cloud-native vulnerability-management threat-analysis devsecops secops registry-scanning security-tools cwpp observability cloudsecurity

drk1wi / modlishka

security-tools,Modlishka. Reverse Proxy.

User: drk1wi

phishing penetration-testing-tools mitm reverse-proxy security-tools

edoardottt / awesome-hacker-search-engines

security-tools,A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

User: edoardottt

Home Page: https://awesome-hacker-search-engines.com/

awesome awesome-list hacking search-engine osint awesome-lists dns hacking-tools exploit security

fail2ban / fail2ban

security-tools,Daemon to ban hosts that cause multiple authentication errors

Organization: fail2ban

Home Page: http://www.fail2ban.org

linux macos security intrusion-prevention fail2ban bsd gplv2 python ban-hosts intrusion-detection

ffffffff0x / 1earn

security-tools,ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Organization: ffffffff0x

Home Page: https://home.ffffffff0x.com/

markdown-article linux-learning pentest study security collection blueteam redteam post-penetration ics-security

future-architect / vuls

security-tools,Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Organization: future-architect

Home Page: https://vuls.io/

vuls vulnerability-scanners golang go linux freebsd vulnerability-detection security security-tools cybersecurity

ghosttroops / scan4all

security-tools,Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

Organization: ghosttroops

Home Page: https://scan4all.51pwn.com

attack auto golang hacker tools nuclei bugbounty bugbounty-tools hacktools pentest-tool

gitleaks / gitleaks

security-tools,Protect and discover secrets using Gitleaks 🔑

Organization: gitleaks

Home Page: https://gitleaks.io

security security-tools git golang go secret gitleaks devsecops hacktoberfest

google / osv-scanner

security-tools,Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Organization: google

Home Page: https://google.github.io/osv-scanner/

scanner security-audit security-tools vulnerability-scanner

google / syzkaller

security-tools,syzkaller is an unsupervised coverage-guided kernel fuzzer

Organization: google

linux kernel fuzz-testing fuzzing fuzzer testing security security-vulnerability security-tools

guardicore / monkey

security-tools,Infection Monkey - An open-source adversary emulation platform

Organization: guardicore

Home Page: https://www.guardicore.com/infectionmonkey/

adversary-emulation infection-monkey penetration-testing security-automation security-tools

infisical / infisical

security-tools,♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure and prevent secret leaks.

Organization: infisical

Home Page: https://infisical.com

cli end-to-end-encryption environment-variables go golang nextjs nodejs open-source postgres react secret-management secret-manager secret-scanning secrets security security-tools typescript

j3ssie / osmedeus

security-tools,A Workflow Engine for Offensive Security

User: j3ssie

Home Page: https://osmedeus.org/

scanning reconnaissance penetration-testing security-tools pentest-tool hacking-tool information-gathering hacking osint bugbounty

jakejarvis / awesome-shodan-queries

security-tools,🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

User: jakejarvis

Home Page: https://jarv.is/notes/shodan-search-queries/

shodan infosec pentesting iot internet-of-things security awesome awesome-list hacking penetration-testing

k8gege / ladon

security-tools,Ladon大型内网渗透工具，可PowerShell模块化、可CS插件化、可内存加载，无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息，高危漏洞检测16个含MS17010、Zimbra、Exchange

User: k8gege

Home Page: http://k8gege.org/Ladon/

brute-force exp exploit getshell hack hacking ipscanner ladon netscan password pentest poc portscan scanner security security-scanner security-tools tools

liamg / traitor

security-tools,:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

User: liamg

gtfobins exploit privesc privilege-escalation hackthebox infosec redteam-tools security-tools cve-2021-3560 dirtypipe

lissy93 / personal-security-checklist

security-tools,🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024

User: lissy93

Home Page: https://digital-defense.io

privacy security censorship cybersecurity checklist awesome surveillance defense open-source protection

lissy93 / web-check

security-tools,🕵️‍♂️ All-in-one OSINT tool for analysing any website

User: lissy93

Home Page: https://web-check.xyz

osint privacy security security-tools sysadmin

microsoft / applicationinspector

security-tools,A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

Organization: microsoft

static-analysis software-characterization application-inspector detection security-tools security-scanner

nullarray / autosploit

security-tools,Automated Mass Exploiter

User: nullarray

automation exploit exploitation metasploit offsec python security security-tools

olivierlaflamme / cheatsheet-god

security-tools,Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

User: olivierlaflamme

awesome cheatsheet cheatsheet-god hacking hacking-code hacking-tool howto-tutorial information-security oscp oscp-journey oscp-tools oscp5 penetration penetration-test penetration-testing pentesting refresher security security-tools security-vulnerability

presidentbeef / brakeman

security-tools,A static analysis security vulnerability scanner for Ruby on Rails applications

User: presidentbeef

Home Page: https://brakemanscanner.org/

ruby rails security static-analysis vulnerabilities brakeman security-vulnerability security-tools security-audit

prowler-cloud / prowler

security-tools,Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

Organization: prowler-cloud

Home Page: https://prowler.com

security security-tools security-audit security-hardening hardening aws cis-benchmark compliance gdpr forensics

pycqa / bandit

security-tools,Bandit is a tool designed to find common security issues in Python code.

Organization: pycqa

Home Page: https://bandit.readthedocs.io

linter bandit security-tools security-scanner security static-code-analysis python

qeeqbox / social-analyzer

security-tools,API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

Organization: qeeqbox

osint social-media analyzer username profile reconnaissance pentest information-gathering pentesting social-analyzer

rustscan / rustscan

security-tools,🤖 The Modern Port Scanner 🤖

Organization: rustscan

security pentesting hacking port scanning networking security-tools nmap rust docker hacktoberfest

secdev / scapy

security-tools,Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.

Organization: secdev

Home Page: https://scapy.net

scapy python network network-analysis network-visualization network-discovery python2 python3 pcap packet-capture

securego / gosec

security-tools,Go security checker

Organization: securego

Home Page: https://securego.io

golang security security-tools security-automation static-analysis static-code-analysis

six2dez / reconftw

security-tools,reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

User: six2dez

bugbounty hacking recon pentest subdomain nuclei vulnerabilities scanner fuzzing osint

smallstep / certificates

security-tools,🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

Organization: smallstep

Home Page: https://smallstep.com/certificates

tls x509 certificates security security-tools certificate-authority pki ca go acme-server

smicallef / spiderfoot

security-tools,SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

User: smicallef

Home Page: http://www.spiderfoot.net

footprinting osint threatintel python infosec intelligence-gathering osint-reconnaissance pentesting threat-intelligence security-tools

tenable / terrascan

security-tools,Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Organization: tenable

Home Page: https://runterrascan.io

security-tools infrastructure-as-code devsecops devops security terraform aws cloudsecurity cloud-security terrascan infrastructure security-violations architecture kubernetes iac sast azure-security aws-security gcp-security scans

the-z-labs / linux-exploit-suggester

security-tools,Linux privilege escalation auditing tool

Organization: the-z-labs

exploits privilege-escalation-exploits kernel-exploitation applicable-exploits security-tools hacking-tool linux-exploits linux-kernel published-exploits

toniblyx / my-arsenal-of-aws-security-tools

security-tools,List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

User: toniblyx

cloud auditing incident-response aws-inventory iam dfir cloudtrail aws-infrastructure aws-lambda security

tophanttechnology / arl

security-tools,ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

Organization: tophanttechnology

security-tools pentest-tool recon python bugbounty asset-reconnaissance-lighthouse arl

trickest / cve

security-tools,Gather and update all available and newest CVEs with their PoC.

Organization: trickest

Home Page: https://trickest.com

poc cve cve-poc latest-cve vulnerability vulnerabilities software-vulnerabilities software-security exploit security

trufflesecurity / trufflehog

security-tools,Find and verify secrets

Organization: trufflesecurity

Home Page: https://trufflesecurity.com

secret trufflehog credentials security devsecops dynamic-analysis security-tools secrets verification hacktoberfest secret-management precommit scanning

ullaakut / cameradar

security-tools,Cameradar hacks its way into RTSP videosurveillance cameras

User: ullaakut

penetration-testing security hacking infosec rtsp cctv cameras hacking-tool pentesting security-tools

urbanadventurer / whatweb

security-tools,Next generation web scanner

User: urbanadventurer

Home Page: https://www.morningstarsecurity.com/research/whatweb

security web scanner ruby penetration-testing kali-linux owasp penetration-testing-tools penetration-test hacking

wazuh / wazuh

security-tools,Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Organization: wazuh

Home Page: https://wazuh.com/

security compliance log-analysis vulnerability-detection cybersecurity file-integrity-monitoring infosec malware-detection cloud-security container-security

x64dbg / x64dbg

security-tools,An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Organization: x64dbg

Home Page: http://x64dbg.com

debugger windows x64 disassembler reverse-engineering security x86 x86-64 cpp malware-analysis

yogeshojha / rengine

security-tools,reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

User: yogeshojha

Home Page: https://yogeshojha.github.io/rengine/

security-tools osint recon recon-engine reconnaissance scanner scanner-web rengine information-gathering bugbounty