security-tools

There are 4572 repositories under security-tools topic.

  • x64dbg

    x64dbg/x64dbg

    An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

    Language:C++45k2.7k2.5k2.5k
  • aquasecurity/trivy

    Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

    Language:Go23.9k1712.7k2.4k
  • web-check

    Lissy93/web-check

    🕵️‍♂️ All-in-one OSINT tool for analysing any website

    Language:TypeScript22.7k1361051.7k
  • gitleaks/gitleaks

    Protect and discover secrets using Gitleaks 🔑

    Language:Go18.1k1607881.5k
  • trufflehog

    trufflesecurity/trufflehog

    Find, verify, and analyze leaked credentials

    Language:Go17.5k1797291.7k
  • personal-security-checklist

    Lissy93/personal-security-checklist

    🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024

    Language:TypeScript17.4k216871.2k
  • infisical

    Infisical/infisical

    ♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure, prevent secret leaks, and manage internal PKI

    Language:TypeScript15.9k47809997
  • RustScan

    RustScan/RustScan

    🤖 The Modern Port Scanner 🤖

    Language:Rust14.9k1342641k
  • CISOfy/lynis

    Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

    Language:Shell13.5k3428611.5k
  • smicallef/spiderfoot

    SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

    Language:Python13.3k3676082.3k
  • fail2ban/fail2ban

    Daemon to ban hosts that cause multiple authentication errors

    Language:Python12.5k2522.3k1.3k
  • social-analyzer

    qeeqbox/social-analyzer

    API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

    Language:JavaScript11.8k36072924
  • wazuh/wazuh

    Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

    Language:C++11.2k22118.4k1.7k
  • future-architect/vuls

    Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

    Language:Go11k3265991.2k
  • prowler

    prowler-cloud/prowler

    Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.

    Language:Python10.9k1319661.6k
  • secdev/scapy

    Scapy: the Python-based interactive packet manipulation program & library.

    Language:Python10.8k2341.7k2k
  • toniblyx/my-arsenal-of-aws-security-tools

    List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

    Language:Shell9k396331.5k
  • BishopFox/sliver

    Adversary Emulation Framework

    Language:Go8.6k1507481.1k
  • Sn1per

    1N3/Sn1per

    Attack Surface Management Platform

    Language:Shell8.2k3303351.9k
  • edoardottt/awesome-hacker-search-engines

    A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

    Language:Shell7.9k121118758
  • securego/gosec

    Go security checker

    Language:Go7.9k86463617
  • rengine

    yogeshojha/rengine

    reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

    Language:HTML7.6k1418701.1k
  • brakeman

    presidentbeef/brakeman

    A static analysis security vulnerability scanner for Ruby on Rails applications

    Language:Ruby7k166765732
  • certificates

    smallstep/certificates

    🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

    Language:Go6.8k77590448
  • traitor

    liamg/traitor

    :arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

    Language:Go6.7k12342578
  • monkey

    guardicore/monkey

    Infection Monkey - An open-source adversary emulation platform

    Language:Python6.7k2391.5k788
  • trickest/cve

    Gather and update all available and newest CVEs with their PoC.

    Language:HTML6.6k35050843
  • bandit

    PyCQA/bandit

    Bandit is a tool designed to find common security issues in Python code.

    Language:Python6.5k65653614
  • google/osv-scanner

    Vulnerability scanner written in Go which uses the data provided by https://osv.dev

    Language:Go6.3k58314364
  • RedTeam-Tools

    A-poc/RedTeam-Tools

    Tools and Techniques for Red Team / Penetration Testing

  • awesome-shodan-queries

    jakejarvis/awesome-shodan-queries

    🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

  • reconftw

    six2dez/reconftw

    reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

    Language:Shell5.8k108456932
  • The-Z-Labs/linux-exploit-suggester

    Linux privilege escalation auditing tool

    Language:Shell5.7k128301.1k
  • GhostTroops/scan4all

    Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

    Language:Go5.6k65107666
  • urbanadventurer/WhatWeb

    Next generation web scanner

    Language:Ruby5.6k176216911
  • decalage2/awesome-security-hardening

    A collection of awesome security hardening guides, tools and other resources