m3ssap0's Stars
nexB/scancode-toolkit
:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
ngalongc/openapi_security_scanner
0xInfection/XSRFProbe
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
xtiankisutsa/MARA_Framework
MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a toolkit that puts together commonly used mobile application reverse engineering and analysis tools to assist in testing mobile applications against the OWASP mobile security threats.
aquasecurity/cloudsploit
Cloud Security Posture Management (CSPM)
trustedsec/ptf
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
aquasecurity/kube-bench
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
Shopify/kubeaudit
kubeaudit helps you audit your Kubernetes clusters against common security controls
controlplaneio/kubesec
Security risk analysis for Kubernetes resources
aquasecurity/kube-hunter
Hunt for security weaknesses in Kubernetes clusters
jsoverson/hackium
facebook/pyre-check
Performant type-checking for python.
google/tsunami-security-scanner
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
soprasteria/sonar-report
Generates an html report from SonarQube
secureCodeBox/secureCodeBox
secureCodeBox (SCB) - continuous secure delivery out of the box
gauntlt/gauntlt
a ruggedization framework that embodies the principle "be mean to your code"
lc/230-OOB
An Out-of-Band XXE server for retrieving file contents over FTP.
OWASP/Docker-Security
Getting a handle on container security
411Hall/JAWS
JAWS - Just Another Windows (Enum) Script
peass-ng/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
1N3/Sn1per
Attack Surface Management Platform
frizb/Vanquish
Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
codingo/Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
robertdavidgraham/masscan
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
gentilkiwi/mimikatz
A little tool to play with Windows security
PowerShellMafia/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
flipkart-incubator/Astra
Automated Security Testing For REST API's
Fuzzapi/fuzzapi
Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
arthaud/git-dumper
A tool to dump a git repository from a website
cr0hn/dockerscan
Docker security analysis & hacking tools