CISOfy / lynis Star 12.6k Code Issues Pull requests Discussions Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional. linux shell auditing devops unix security-audit pci-dss compliance hardening security-vulnerability security-hardening devops-tools hipaa vulnerability-detection vulnerability-scanners security-scanner vulnerability-assessment gdpr security-tools system-hardening Updated May 14, 2024 Shell
future-architect / vuls Star 10.7k Code Issues Pull requests Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices go linux golang freebsd security security-audit administrator cybersecurity security-vulnerability vulnerabilities security-hardening vulnerability-detection vulnerability-management vulnerability-scanners security-scanner vulnerability-assessment vuls security-automation security-tools vulnerability-scanner Updated May 14, 2024 Go
prowler-cloud / prowler Star 9.6k Code Issues Pull requests Discussions Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more python aws security security-audit cloud azure iam gcp forensics compliance hardening security-hardening gdpr multi-cloud security-tools devsecops cis-benchmark well-architected Updated May 14, 2024 Python
wazuh / wazuh Star 9.3k Code Issues Pull requests Discussions Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads. security security-audit log-analysis incident-response cybersecurity pci-dss infosec compliance xdr siem security-hardening vulnerability-detection security-automation security-tools wazuh cloud-security malware-detection container-security file-integrity-monitoring configuration-assessement Updated May 14, 2024 C
gojue / ecapture Star 8.2k Code Issues Pull requests Discussions Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64. android linux tls golang ssl security-audit https ebpf tcpdump network-capture ssldump android-https-capture ebpf-uprobe ebpf-tc ebpf-go Updated May 13, 2024 C
We5ter / Scanners-Box Star 8k Code Issues Pull requests A powerful and open-source toolkit for hackers and security automation - 安全行???者自??源?描器合? security-audit static-analysis smart-contracts penetration-testing malware-analysis binary-analysis information-security exploitation-framework vulnerability-scanners wifi-security hacker-tools security-automation devsecops apk-analysis wifi-hacking pentesting-tools redteam-tools code-analyzer privacy-compliance Updated Apr 19, 2024
presidentbeef / brakeman Star 6.9k Code Issues Pull requests Discussions A static analysis security vulnerability scanner for Ruby on Rails applications ruby rails security security-audit static-analysis security-vulnerability vulnerabilities brakeman security-tools Updated Apr 30, 2024 Ruby
jeremylong / DependencyCheck Sponsor Star 5.9k Code Issues Pull requests OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies. security security-audit maven-plugin jenkins-plugin gradle-plugin build-tool ant-task vulnerability-detection software-composition-analysis Updated May 14, 2024 Java
google / osv-scanner Star 5.9k Code Issues Pull requests Discussions Vulnerability scanner written in Go which uses the data provided by https://osv.dev security-audit scanner security-tools vulnerability-scanner Updated May 14, 2024 Go
infobyte / faraday Star 4.6k Code Issues Pull requests Open Source Vulnerability Management Platform security devops security-audit collaboration orchestration cybersecurity nmap penetration-testing vulnerability infosec pentesting cve nessus appsec vulnerability-management vulnerability-scanners burpsuite security-automation devsecops continuous-scanning Updated Apr 29, 2024 Python
charles2gan / GDA-android-reversing-Tool Star 3.9k Code Issues Pull requests the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory ext… security-audit decompiler malware-analysis mobile-security vulnerability-scanners privacy-protection Updated May 8, 2024 Java
Arachni / arachni Star 3.7k Code Issues Pull requests Web Application Security Scanner Framework javascript ruby crawler security-audit modular hack dom analysis scanner detection hacking xss audit web-application penetration-testing sql-injection vulnerability-detection arachni scanners Updated May 24, 2023 Ruby
ysrc / xunfeng Star 3.5k Code Issues Pull requests 巡?是一款适用于企???的漏洞快速?急,巡航?描系?。 security security-audit scanner exploits infosec pentesting vulnerability-detection vulnerability-scanners vulnerability-assessment Updated Apr 16, 2024 Python
scipag / vulscan Star 3.3k Code Issues Pull requests Advanced vulnerability scanning with Nmap NSE security security-audit lua exploit lua-script nmap penetration-testing vulnerability vulnerability-databases vulnerability-detection nse vulnerability-identification vulnerability-scanners security-scanner vulnerability-assessment nmap-scripts nsescript nmap-scan-script vulnerability-scanning vulnerability-database-entry Updated Jul 23, 2023 Lua
aquasecurity / cloudsploit Star 3.2k Code Issues Pull requests Cloud Security Posture Management (CSPM) aws security security-audit cloud azure gcp oracle oci alibaba aqua cspm Updated May 14, 2024 JavaScript
FeeiCN / Cobra Star 3.1k Code Issues Pull requests Source Code Security Audit (源代?安全??) security-audit cobra security-scanner security-tools sourcecode-analysis code-audit Updated Sep 16, 2022 Python
codingo / NoSQLMap Star 2.8k Code Issues Pull requests Automated NoSQL database enumeration and web application exploitation tool. couchdb redis security-audit mongodb nosql scanner hacking databases enumeration penetration-testing nosql-databases sql-injection bugbounty mongodb-database offensive-security hacktoberfest hacking-tool security-tools web-application-security security-toolset Updated Apr 8, 2024 Python
techgaun / github-dorks Sponsor Star 2.7k Code Issues Pull requests Find leaked secrets via github search security-audit hacking hacktoberfest dork dorker github-dork Updated Dec 19, 2023 Python
goodwithtech / dockle Sponsor Star 2.7k Code Issues Pull requests Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start go docker kubernetes golang security security-audit containers linter vulnerability security-tools Updated Apr 11, 2024 Go
rubysec / bundler-audit Star 2.7k Code Issues Pull requests Discussions Patch-level verification for Bundler ruby security security-audit bundler-audit patch-management security-tools dependency-checker ruby-advisory-db Updated Jan 18, 2024 Ruby