Automated Security Testing For REST API's
Support
Quality
Security
License
Reuse
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
Support
Quality
Security
License
Reuse
Kubernetes object analysis with recommendations for improved reliability and security
Support
Quality
Security
License
Reuse
白卷是一款使用 Vue+Spring Boot 开发的前后端分离项目,附带全套开发教程。(A simple CMS developed by Spring Boot and Vue.js with development tutorials)
Support
Quality
Security
License
Reuse
R
RMS-Runtime-Mobile-Securityby m0bilesecurity
JavaScript 
2199 Version:Current License: Strong Copyleft (GPL-3.0)
Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
Support
Quality
Security
License
Reuse
Application Security Verification Standard
Support
Quality
Security
License
Reuse
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Support
Quality
Security
License
Reuse
A repository of sysmon configuration modules
Support
Quality
Security
License
Reuse
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
Support
Quality
Security
License
Reuse
Network recon framework.
Support
Quality
Security
License
Reuse
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
Support
Quality
Security
License
Reuse
Rapidly Search and Hunt through Windows Forensic Artefacts
Support
Quality
Security
License
Reuse
A Python program to scrape secrets from GitHub through usage of a large repository of dorks.
Support
Quality
Security
License
Reuse
GitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
Support
Quality
Security
License
Reuse
s
securityonionby Security-Onion-Solutions
Shell 1998 Version:Current
License: No License (No License)
License: No License (No License)Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, and case management. It also includes other tools such as Playbook, osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
Support
Quality
Security
License
Reuse
XRay is a tool for recon, mapping and OSINT gathering from public networks.
Support
Quality
Security
License
Reuse
FireEye Labs Obfuscated String Solver - Automatically extract obfuscated strings from malware.
Support
Quality
Security
License
Reuse
GitHub 泄露监控系统(GitHub Sensitive Information Leakage Monitor Spider)
Support
Quality
Security
License
Reuse
Hand-crafted Frida examples
Support
Quality
Security
License
Reuse
Cloud Exploitation Framework 云环境利用框架,方便安全人员在获得 AK 的后续工作
Support
Quality
Security
License
Reuse
EMBA - The firmware security analyzer
Support
Quality
Security
License
Reuse
A forensic evidence collection & analysis toolkit for OS X
Support
Quality
Security
License
Reuse
Open EDR public repository
Support
Quality
Security
License
Reuse
Efficient and advanced man in the middle framework
Support
Quality
Security
License
Reuse
Security automation content in SCAP, Bash, Ansible, and other formats
Support
Quality
Security
License
Reuse
This project has stopped to maintenance, please to https://github.com/knownsec/pocsuite3 project.
Support
Quality
Security
License
Reuse
Checklist of security precautions for Ruby on Rails applications.
Support
Quality
Security
License
Reuse
Application security for express apps.
Support
Quality
Security
License
Reuse
Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues involving the implementation of deprecated libraries.
Support
Quality
Security
License
Reuse
Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell
Support
Quality
Security
License
Reuse
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
Support
Quality
Security
License
Reuse
The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
Support
Quality
Security
License
Reuse
Spring Boot的基础教程,由浅入深,一步一步学习Spring Boot,最后学到的不单单是基础!Spring Cloud基础教程请看:https://github.com/roncoo/spring-cloud-demo
Support
Quality
Security
License
Reuse
Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and private keys.
Support
Quality
Security
License
Reuse
The Python Code Tutorials
Support
Quality
Security
License
Reuse
A simple keylogger for Windows, Linux and Mac
Support
Quality
Security
License
Reuse
A proposed standard that allows websites to define security policies.
Support
Quality
Security
License
Reuse
t
tut-spring-security-and-angular-jsby spring-guides
TypeScript 1669 Version:Current License: No License (No License)
License: No License (No License)Spring Security and Angular:: A tutorial on how to use Spring Security with a single page application with various backend architectures, ranging from a simple single server to an API gateway with OAuth2 authentication.
Support
Quality
Security
License
Reuse
Find interesting Amazon S3 Buckets by watching certificate transparency logs.
Support
Quality
Security
License
Reuse
Golang for Security Professionals
Support
Quality
Security
License
Reuse
Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
Support
Quality
Security
License
Reuse
kubeaudit helps you audit your Kubernetes clusters against common security controls
Support
Quality
Security
License
Reuse
python3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Support
Quality
Security
License
Reuse
XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
Support
Quality
Security
License
Reuse
Quick and simple security for Flask applications
Support
Quality
Security
License
Reuse
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
Support
Quality
Security
License
Reuse
A Proof-Of-Concept for the CVE-2021-44228 vulnerability.
Support
Quality
Security
License
Reuse
A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.
Support
Quality
Security
License
Reuse
TCP/IP packet demultiplexer. Download from:
Support
Quality
Security
License
Reuse
🔥🔥🔥FlyClould 微服务实战项目框架,在该框架中,包括了用 Spring Cloud 构建微服务的一系列基本组件和框架,对于后台服务框架的搭建有很大的参考价值,大家可以参考甚至稍加修改可以直接应用于自己的实际的项目开发中,该项目没有采用Maven进行项目构建,Maven通过xml进行依赖管理,导致整个配置文件太过臃肿,另外灵活性也不是很强,所以我采用Gradle进行项目构建和依赖管理,在FlyTour项目中我们见证了Gradle的强大,通过简单的一些配置就可以轻松的实现组件化的功能。该项目共有11个Module工程。其中10个位微服务工程,这10个微服务工程构成了一个完整的微服务系统,微服务系统包含了8个基础服务,提供了一整套微服务治理功能,他们分别是配置中心module_config、注册中心module_eureka、认证授权中心module_uaa、Turbine聚合监控服务module_monitor、链路追踪服务module_zipken、聚合监控服务module_admin、路由网关服务module_gateway、日志服务module_log。另外还包含了两个资源服务:用户服务module_user和blog服务module_blog,另外还有一个common的Module,为资源服务提供一些一本的工具类
Support
Quality
Security
License
Reuse
A
Astraby flipkart-incubator
Automated Security Testing For REST API's
Python 2248Updated: 1 y ago License: Permissive (Apache-2.0)
2248Updated: 1 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
m
malwoverviewby alexandreborges
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
Python 2231Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
2231Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
k
kube-scoreby zegl
Kubernetes object analysis with recommendations for improved reliability and security
Go 2224Updated: 2 y ago License: Permissive (MIT)
2224Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
W
White-Jotterby Antabot
白卷是一款使用 Vue+Spring Boot 开发的前后端分离项目,附带全套开发教程。(A simple CMS developed by Spring Boot and Vue.js with development tutorials)
Java 2221Updated: 2 y ago License: Permissive (MIT)
2221Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
R
RMS-Runtime-Mobile-Securityby m0bilesecurity
Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
JavaScript 2199Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
2199Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
A
ASVSby OWASP
Application Security Verification Standard
HTML 2192Updated: 1 y ago License: Strong Copyleft (CC-BY-SA-4.0)
2192Updated: 1 y ago License: Strong Copyleft (CC-BY-SA-4.0)Support
Quality
Security
License
Reuse
r
ritaby activecm
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Go 2186Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
2186Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
s
sysmon-modularby olafhartong
A repository of sysmon configuration modules
PowerShell 2181Updated: 2 y ago License: Permissive (MIT)
2181Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
G
GScanby grayddq
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
Python 2172Updated: 1 y ago License: No License (No License)
2172Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
i
ivreby cea-sec
Network recon framework.
Python 2126Updated: 3 y ago License: Strong Copyleft (GPL-3.0)
2126Updated: 3 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
P
Packer-Fuzzerby rtcatc
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
Python 2102Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
2102Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
c
chainsawby WithSecureLabs
Rapidly Search and Hunt through Windows Forensic Artefacts
Rust 2099Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
2099Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
G
GitDorkerby obheda12
A Python program to scrape secrets from GitHub through usage of a large repository of dorks.
Python 2054Updated: 1 y ago License: No License (No License)
2054Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
G
GSILby FeeiCN
GitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
Python 2016Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
2016Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
s
securityonionby Security-Onion-Solutions
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, and case management. It also includes other tools such as Playbook, osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
Shell 1998Updated: 1 y ago License: No License (No License)
1998Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
x
xrayby evilsocket
XRay is a tool for recon, mapping and OSINT gathering from public networks.
Go 1977Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
1977Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
f
flare-flossby fireeye
FireEye Labs Obfuscated String Solver - Automatically extract obfuscated strings from malware.
Python 1931Updated: 3 y ago License: Permissive (Apache-2.0)
1931Updated: 3 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
H
Hawkeyeby 0xbug
GitHub 泄露监控系统(GitHub Sensitive Information Leakage Monitor Spider)
JavaScript 1901Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1901Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
f
frida-snippetsby iddoeldor
Hand-crafted Frida examples
JavaScript 1882Updated: 1 y ago License: No License (No License)
1882Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
c
cfby teamssix
Cloud Exploitation Framework 云环境利用框架,方便安全人员在获得 AK 的后续工作
Go 1873Updated: 1 y ago License: Permissive (Apache-2.0)
1873Updated: 1 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
e
embaby e-m-b-a
EMBA - The firmware security analyzer
Shell 1869Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
1869Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
o
osxcollectorby Yelp
A forensic evidence collection & analysis toolkit for OS X
Python 1850Updated: 2 y ago License: Proprietary (Proprietary)
1850Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
o
openedrby ComodoSecurity
Open EDR public repository
C++ 1829Updated: 1 y ago License: Proprietary (Proprietary)
1829Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
x
xerosploitby LionSec
Efficient and advanced man in the middle framework
Ruby 1817Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1817Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
c
contentby ComplianceAsCode
Security automation content in SCAP, Bash, Ansible, and other formats
Shell 1809Updated: 1 y ago License: Proprietary (Proprietary)
1809Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
P
Pocsuiteby knownsec
This project has stopped to maintenance, please to https://github.com/knownsec/pocsuite3 project.
Python 1807Updated: 1 y ago License: No License (No License)
1807Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
z
zen-rails-security-checklistby brunofacca
Checklist of security precautions for Ruby on Rails applications.
Ruby 1799Updated: 2 y ago License: Permissive (MIT)
1799Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
l
luscaby krakenjs
Application security for express apps.
JavaScript 1772Updated: 2 y ago License: Proprietary (Proprietary)
1772Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
b
blackhat-python3by EONRaider
Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues involving the implementation of deprecated libraries.
Python 1755Updated: 1 y ago License: No License (No License)
1755Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
L
Logout4Shellby Cybereason
Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell
Java 1731Updated: 2 y ago License: Permissive (MIT)
1731Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
c
cloudsplainingby salesforce
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
JavaScript 1726Updated: 1 y ago License: Permissive (BSD-3-Clause)
1726Updated: 1 y ago License: Permissive (BSD-3-Clause)Support
Quality
Security
License
Reuse
o
owasp-masvsby OWASP
The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
Python 1718Updated: 2 y ago License: Proprietary (Proprietary)
1718Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
s
spring-boot-demoby roncoo
Spring Boot的基础教程,由浅入深,一步一步学习Spring Boot,最后学到的不单单是基础!Spring Cloud基础教程请看:https://github.com/roncoo/spring-cloud-demo
Java 1701Updated: 2 y ago License: No License (No License)
1701Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
t
talismanby thoughtworks
Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and private keys.
Go 1692Updated: 2 y ago License: Permissive (MIT)
1692Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
p
pythoncode-tutorialsby x4nth055
The Python Code Tutorials
Jupyter Notebook 1679Updated: 1 y ago License: Permissive (MIT)
1679Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
K
Keyloggerby GiacomoLaw
A simple keylogger for Windows, Linux and Mac
C 1676Updated: 1 y ago License: Permissive (MIT)
1676Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
s
security-txtby securitytxt
A proposed standard that allows websites to define security policies.
HTML 1675Updated: 1 y ago License: Proprietary (Proprietary)
1675Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
t
tut-spring-security-and-angular-jsby spring-guides
Spring Security and Angular:: A tutorial on how to use Spring Security with a single page application with various backend architectures, ranging from a simple single server to an API gateway with OAuth2 authentication.
TypeScript 1669Updated: 2 y ago License: No License (No License)
1669Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
b
bucket-streamby eth0izzle
Find interesting Amazon S3 Buckets by watching certificate transparency logs.
Python 1660Updated: 2 y ago License: Permissive (MIT)
1660Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
H
Hacking-with-Goby parsiya
Golang for Security Professionals
Go 1639Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
1639Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
o
owtfby owtf
Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
Python 1635Updated: 2 y ago License: Permissive (BSD-3-Clause)
1635Updated: 2 y ago License: Permissive (BSD-3-Clause)Support
Quality
Security
License
Reuse
k
kubeauditby Shopify
kubeaudit helps you audit your Kubernetes clusters against common security controls
Go 1616Updated: 2 y ago License: Permissive (MIT)
1616Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
V
Vxscanby al0ne
python3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Python 1614Updated: 1 y ago License: Permissive (Apache-2.0)
1614Updated: 1 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
x
xvwaby s4n7h0
XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
PHP 1605Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1605Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
f
flask-securityby mattupstate
Quick and simple security for Flask applications
Python 1594Updated: 2 y ago License: Permissive (MIT)
1594Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
d
dismapby zhzyker
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
Go 1592Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
1592Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
l
log4j-shell-pocby kozmer
A Proof-Of-Concept for the CVE-2021-44228 vulnerability.
Python 1591Updated: 1 y ago License: Permissive (MIT)
1591Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
l
log4jscannerby google
A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.
Go 1575Updated: 2 y ago License: Permissive (Apache-2.0)
1575Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
t
tcpflowby simsong
TCP/IP packet demultiplexer. Download from:
C++ 1559Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1559Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
s
spring-cloud-flycloudby mxdldev
🔥🔥🔥FlyClould 微服务实战项目框架,在该框架中,包括了用 Spring Cloud 构建微服务的一系列基本组件和框架,对于后台服务框架的搭建有很大的参考价值,大家可以参考甚至稍加修改可以直接应用于自己的实际的项目开发中,该项目没有采用Maven进行项目构建,Maven通过xml进行依赖管理,导致整个配置文件太过臃肿,另外灵活性也不是很强,所以我采用Gradle进行项目构建和依赖管理,在FlyTour项目中我们见证了Gradle的强大,通过简单的一些配置就可以轻松的实现组件化的功能。该项目共有11个Module工程。其中10个位微服务工程,这10个微服务工程构成了一个完整的微服务系统,微服务系统包含了8个基础服务,提供了一整套微服务治理功能,他们分别是配置中心module_config、注册中心module_eureka、认证授权中心module_uaa、Turbine聚合监控服务module_monitor、链路追踪服务module_zipken、聚合监控服务module_admin、路由网关服务module_gateway、日志服务module_log。另外还包含了两个资源服务:用户服务module_user和blog服务module_blog,另外还有一个common的Module,为资源服务提供一些一本的工具类
Java 1545Updated: 2 y ago License: Permissive (Apache-2.0)
1545Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse