Skip to content
#

security-tools

Star

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

Here are 2,879 public repositories matching this topic...

Language: All
Filter by language
All 2,879 Python 989 Go 278 Shell 228 JavaScript 171 Java 122 C 101 C# 77 PHP 76 HTML 70 C++ 62
Sort: Best match
Sort options
Best match Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

aquasecurity / trivy

Star 13.2k
Open

docs site version selector should omit patch version

itaysk
itaysk commented Jun 8, 2022

currently we have a version selector for every git tag, which is unnecessary overhead on the user. It is not needed from documentation perspective as there aren't (shouldn't be) any docs change in patch versions, only for new/changed features.

before:
v0.27.0, v0.27.1, v0.27.2, v0.28.0
after
v0.27, v0.28

Read more
good first issue kind/documentation kind/feature
Find more good first issues

zricethezav / gitleaks

Sponsor
Star 10.4k
Open

Support for Microsoft Webhooks

1
Viajaz
Viajaz commented Sep 7, 2021

Support for Microsoft Incoming Webhooks (Eg: Microsoft Teams Channel Webhooks) would be useful

Example:
https://customertenantname.webhook.office.com/webhookb2/ffffffff-ffff-ffff-ffff-ffffffffffff@ffffffff-ffff-ffff-ffff-ffffffffffff/IncomingWebhook/ffffffffffffffffffffffffffffffff/ffffffff-ffff-ffff-ffff-ffffffffffff

Possible Regex:

https:\/\/[a-z0-9A-Z]+\.webhook\.office\.com
Read more
enhancement good first issue

CISOfy / lynis

Star 9.9k

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

linux shell auditing devops unix security-audit pci-dss compliance hardening security-vulnerability security-hardening devops-tools hipaa vulnerability-detection vulnerability-scanners security-scanner vulnerability-assessment gdpr security-tools system-hardening
  • Updated Aug 5, 2022
  • Shell

zinclabs / zinc

Star 9.9k
Open

GUI: Add refresh button on Index page

prabhatsharma
prabhatsharma commented Jul 12, 2022

Is your feature request related to a problem? Please describe.
Currently a hard refresh of the Index page is required in order to load the new index list and stats.

Describe the solution you'd like
A refresh button will help get the latest index list and stats.

Describe alternatives you've considered
None

Additional context
None

Read more
good first issue

future-architect / vuls

Star 9.4k

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

go linux golang freebsd security security-audit administrator cybersecurity security-vulnerability vulnerabilities security-hardening vulnerability-detection vulnerability-management vulnerability-scanners security-scanner vulnerability-assessment vuls security-automation security-tools vulnerability-scanner
  • Updated Aug 8, 2022
  • Go

secdev / scapy

Star 7.8k
Open

Contribute to Scapy: a master list of good first issues

3
gpotter2
gpotter2 commented Dec 18, 2016

Hi & welcome to Scapy's github ! This page lists issues that you can try to fix if you want to start contributing to Scapy.

Disclaimer

The BEST way to contribute to Scapy is to play around with it, to find and fix broken stuff by yourself, i.e. Before you attempt to fix one of those pesky issues, just HAVE FUN with Scapy !😺

By using Scapy in your work, experiments, hacks, course

Read more
help wanted good first issue
RustScan

RustScan / RustScan

Star 6.9k
Open

Write CI that checks for specific outputs in the terminal

4
bee-san
bee-san commented Oct 18, 2020

RustScan has an accessible mode, rustscan --accessible which should promise not to have any weird ASCII text in it.

Write CI that runs RustScan with --accessible a few times, with different flags / options and check the terminal output to see if it contains one of these:

  1. [!]
  2. [~]
  3. [>]
  4. | {}

If any of these characters appear in any of the tests, fail the CI. E

Read more
good first issue feature_request hacktoberfest
Find more good first issues
prowler

prowler-cloud / prowler

Star 6.4k

Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

aws security cis security-audit cloud aws-cli assessment forensics compliance hardening security-hardening hipaa cloudtrail hacktoberfest gdpr security-tools devsecops cis-benchmark aws-auditing well-architected
  • Updated Aug 9, 2022
  • Shell
certificates

smallstep / certificates

Star 4.5k
Open

Add `Cache-Control: private, no-store` headers where appropriate

tashian
tashian commented Jan 10, 2022

The recommendation is to set Cache-Control: private, no-store on any endpoint with sensitive information. Because while you can protect the traffic with TLS, you also need to keep sensitive information out of a client's (unencrypted) HTTP cache. I'm not sure how relevant this is to the API context of step-ca though—I've never seen an HTTP client library that caches content. But I guess the poi

Read more
enhancement good first issue quickfix
Find more good first issues

PyCQA / bandit

Star 4.4k
Open

config file as described in README.rst does not work

4
davidak
davidak commented Jun 18, 2018

Describe the bug
A clear and concise description of what the bug is.

To Reproduce
Steps to reproduce the behavior:

  1. create .bandit file with content:
[bandit]
tests: B101,B102,B301
  1. run bandit -c .bandit -r module/
  2. get error:
    [main] ERROR .bandit : Error parsing file.

Expected behavior
working as described in readme

Bandit version

ba
Read more
bug good first issue
Wikipedia
Wikipedia