Skip to content
#

security-tools

Star

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

Here are 2,289 public repositories matching this topic...

Language: All
Filter by language
All 2,289 Python 789 Go 213 Shell 189 JavaScript 139 Java 102 C 80 PHP 70 C# 62 C++ 56 HTML 52
Sort: Best match
Sort options
Best match Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

CISOfy / lynis

Star

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

linux shell auditing devops unix security-audit pci-dss compliance hardening security-vulnerability security-hardening devops-tools hipaa vulnerability-detection vulnerability-scanners security-scanner vulnerability-assessment gdpr security-tools system-hardening
  • Updated Sep 1, 2021
  • Shell

future-architect / vuls

Star

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

go linux golang freebsd security security-audit administrator cybersecurity security-vulnerability vulnerabilities security-hardening vulnerability-detection vulnerability-management vulnerability-scanners security-scanner vulnerability-assessment vuls security-automation security-tools vulnerability-scanner
  • Updated Sep 1, 2021
  • Go
gitleaks

zricethezav / gitleaks

Sponsor Star
Open

Gitleaks misses quite a few Azure rules.

5
jessehouwing
jessehouwing commented Mar 16, 2021

Gitleaks is missing quite a few rules for the Microsoft ecosystem, including Visual Studio, Azure and Azure DevOps.

Microsoft used to have a competing product called credscan, but it was recently deprecated in favor of the GitHub Security offerings.

I've ported most of the rules from credscan to the gitleaks format and put them in a repo here:
https://github.com/jessehouwing/gitleaks-azur

Read more
enhancement help wanted good first issue

secdev / scapy

Star
Open

Contribute to Scapy: a master list of good first issues

3
gpotter2
gpotter2 commented Dec 18, 2016

Hi & welcome to Scapy's github ! This page lists issues that you can try to fix if you want to start contributing to Scapy.

This list includes wishes and things added by the maintainers based on the issues that we get, but also issues marked with TODO or XXX that already exist in Scapy's code base (layers). If you want to contribute to the project you might just take care one of the bugs.

Read more
help wanted good first issue
RustScan

RustScan / RustScan

Star
Open

Write CI that checks for specific outputs in the terminal

1
bee-san
bee-san commented Oct 18, 2020

RustScan has an accessible mode, rustscan --accessible which should promise not to have any weird ASCII text in it.

Write CI that runs RustScan with --accessible a few times, with different flags / options and check the terminal output to see if it contains one of these:

  1. [!]
  2. [~]
  3. [>]
  4. | {}

If any of these characters appear in any of the tests, fail the CI. E

Read more
good first issue feature_request hacktoberfest
Find more good first issues

toniblyx / prowler

Star

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls and many more additional checks that help on GDPR, HIPAA and other security frameworks.

aws security cis security-audit cloud aws-cli assessment forensics compliance hardening security-hardening hipaa cloudtrail gdpr security-tools devsecops cis-benchmark aws-auditing prowler well-architected
  • Updated Sep 1, 2021
  • Shell

PyCQA / bandit

Star
Find more good first issues
certificates

smallstep / certificates

Star
Open

Store Attributes of Certificates in x509_certs alongside the whole certificate

7
mkkeffeler
mkkeffeler commented Aug 28, 2021

What would you like to be added

We can't query smallstep for anything related to certs because the only thing in the DB is the bytes of the cert. Storing the cert alongside more columns like the common name, not after date, and more, would let us enable more complex queries, and optimize performance for future use cases.

Why this is needed

Enable searching of Certificates signed by attrib

Read more
area/cert-observability good first issue
Find more good first issues
rengine

yogeshojha / rengine

Star
Open

Informational Vulnerabilities are notified to disclord

2
rakesh6927
rakesh6927 commented Aug 27, 2021

Issue Summary

By default rEngine says "Informational Vulnerabilities will not be notified". however for every info vulnerability found it sends to discord server.

Steps to Reproduce

  1. Configure notification settings with discord webhook
  2. scan a URL and observe the discord channel for info vulns notification

Any other relevant information. For example, why do you consider th

Read more
good first issue
Ladon

k8gege / Ladon

Star

大型内网渗透扫描器&Cobalt Strike,Ladon7.2内置94个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0

security tools hack exploit scanner hacking password poc brute-force pentest portscan security-scanner exp security-tools ladon ipscanner getshell netscan
  • Updated Jul 15, 2021
  • C#
Wikipedia
Wikipedia