security-audit
There are 878 repositories under security-audit topic.
cset
Cybersecurity Evaluation Tool
ssh-mitm
SSH-MITM - ssh audits made simple
golang-tls
Simple Golang HTTPS/TLS Examples
sysreptor
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
pythem
pentest framework
VHostScan
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
repo-security-scanner
CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys
cs-suite
Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
enum4linux-ng
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
wordpress-exploit-framework
A Ruby framework designed to aid in the penetration testing of WordPress systems.
jok3r
Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
kubestriker
A Blazing fast Security Auditing tool for Kubernetes
ApkAnalyser
一键提取安卓应用中可能存在的敏感信息。
pip-audit
Audits Python environments, requirements files and dependency trees for known security vulnerabilities, and can automatically fix them
ossa
Open-Source Security Architecture | 开源安全架构
nfcgate
An NFC research toolkit application for Android
dep-scan
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
npq
🎖safely* install packages with npm or yarn by auditing them as part of your install process
advisory-db
Security advisory database for Rust crates published through crates.io
cli
The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.
ElectricEye
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
GourdScanV2
被动式漏洞扫描系统
cansina
Web Content Discovery Tool
habu
Hacking Toolkit
Web-Cache-Vulnerability-Scanner
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
RockYou2021.txt
RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!
skf-flask
Security Knowledge Framework (SKF) Python Flask / Angular project
kube-scan
kube-scan: Octarine k8s cluster risk assessment tool
SQLiScanner
Automatic SQL injection with Charles and sqlmap api
Smart-Contract-Security-Audits
Certified Smart Contract Audits for Ethereum, Solana, Near, Cardano, Aptos, Sui, Binance Smart Chain, Fantom, EOS, Tezos by softstack (formerly Chainsulting)
dawnscanner
Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
betterscan-ce
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)
linux_kernel_cves
Tracking CVEs for the linux Kernel
KubeHound
Kubernetes Attack Graph
dradis-ce
Dradis Framework: Collaboration and reporting for IT Security teams
packj
Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain