security-scanner

There are 394 repositories under security-scanner topic.

  • projectdiscovery/nuclei

    Fast and customizable vulnerability scanner based on simple YAML based DSL.

    Language:Go17.6k2152.2k2.3k

  • CISOfy/lynis

    Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

    Language:Shell12.6k3468231.4k

  • zaproxy/zaproxy

    The ZAP core project

    Language:Java12.1k3955k2.2k

  • future-architect/vuls

    Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

    Language:Go10.7k3295811.2k

  • wpscanteam/wpscan

    WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com

    Language:Ruby8.3k2651.4k1.2k
  • bandit

    PyCQA/bandit

    Bandit is a tool designed to find common security issues in Python code.

    Language:Python6.1k66638583

  • GhostTroops/scan4all

    Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

    Language:Go5.3k62107635
  • awesome-shodan-queries

    jakejarvis/awesome-shodan-queries

    🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

    5.1k1658809
  • Ladon

    k8gege/Ladon

    Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange

    Language:PowerShell4.6k8777855

  • microsoft/ApplicationInspector

    A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

    Language:C#4.2k80244350

  • toolswatch/blackhat-arsenal-tools

    Official Black Hat Arsenal Security Tools Repository

    3.8k343111.1k

  • webhintio/hint

    💡 A hinting engine for the web

    Language:TypeScript3.6k741.8k626

  • scipag/vulscan

    Advanced vulnerability scanning with Nmap NSE

    Language:Lua3.3k1360661

  • FeeiCN/Cobra

    Source Code Security Audit (源代码安全审计)

    Language:Python3.1k156980953

  • evyatarmeged/Raccoon

    A high performance offensive security tool for reconnaissance and vulnerability scanning

    Language:Python3k10936392
  • kube-score

    zegl/kube-score

    Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.

    Language:Go2.6k23170173

  • ajinabraham/nodejsscan

    nodejsscan is a static security code scanner for Node.js applications.

    Language:CSS2.3k5987325

  • FeeiCN/GSIL

    GitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)

    Language:Python2.1k6269486

  • codingo/Reconnoitre

    A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

    Language:Python2.1k8953460
  • sn0int

    kpcyrd/sn0int

    Semi-automatic OSINT framework and package manager

    Language:Rust1.9k42105175
  • bearer

    Bearer/bearer

    Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

    Language:Go1.8k1932282

  • AV1080p/Hacking-With-Golang

    Golang安全资源合集

    1.7k482347

  • skavngr/rapidscan

    :new: The Multi-Tool Web Vulnerability Scanner.

    Language:Python1.7k6833382
  • XAttacker

    Moham3dRiahi/XAttacker

    X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

    Language:Perl1.5k1010465

  • Adminisme/ServerScan

    ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。

    Language:Go1.5k338215
  • inql

    doyensec/inql

    InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

    Language:Python1.5k29105152

  • shekyan/slowhttptest

    Application Layer DoS attack simulator

    Language:C++1.5k5763298

  • ztgrace/changeme

    A default credential scanner.

    Language:Python1.4k6459248

  • BishopFox/GitGot

    Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

    Language:Python1.4k4212201

  • intrigueio/intrigue-core

    Discover Your Attack Surface!

    Language:Ruby1.3k76112259

  • denji/golang-tls

    Simple Golang HTTPS/TLS Examples

    1.2k346150

  • fkie-cad/cwe_checker

    cwe_checker finds vulnerable patterns in binary executables

    Language:Rust1.1k28100116

  • FeeiCN/ESD

    Enumeration sub domains(枚举子域名)

    Language:Python1.1k2661163

  • WithSecureLabs/doublepulsar-detection-script

    A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

    Language:Python1k9020318

  • protofire/solhint

    Solhint is an open-source project to provide a linting utility for Solidity code.

    Language:JavaScript99722265153

  • bloodzer0/ossa

    Open-Source Security Architecture | 开源安全架构

    925666221