security-tools

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets

ZincSearch. A lightweight alternative to elasticsearch that requires minimal resources, written in Go.

Protect and discover secrets using Gitleaks 🔑

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2022

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.

Daemon to ban hosts that cause multiple authentication errors

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

🤖 The Modern Port Scanner 🤖

Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

A static analysis security vulnerability scanner for Ruby on Rails applications

Golang security checker

Infection Monkey - An automated pentest tool

Attack Surface Management Platform | Sn1perSecurity LLC

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.