Skip to content
#

security-tools

Star

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

Here are 2,498 public repositories matching this topic...

Language: All
Filter by language
All 2,498 Python 856 Go 234 Shell 204 JavaScript 145 Java 114 C 89 PHP 72 C# 67 HTML 61 C++ 60
Sort: Best match
Sort options
Best match Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

aquasecurity / trivy

Star 10k
Open

NPM v7 lockFileVersion = 2 is not supported in Trivy filesystem scan

10
hideme4u
hideme4u commented Nov 1, 2021

Description

we have NPM7 generated package-lock.json with lockFileVersion = 2. Now when we scan Node.js project using Trivy filesystem scan, Trivy does not find out packages from package-lock.json.
It is working with lockFileVersion = 1

What did you expect to happen?

It should find out packages in package-lock.json

What happened instead?

It did not find out packages from pack

Read more
help wanted good first issue kind/feature
Find more good first issues

CISOfy / lynis

Star 9.2k

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

linux shell auditing devops unix security-audit pci-dss compliance hardening security-vulnerability security-hardening devops-tools hipaa vulnerability-detection vulnerability-scanners security-scanner vulnerability-assessment gdpr security-tools system-hardening
  • Updated Jan 1, 2022
  • Shell

future-architect / vuls

Star 8.9k

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

go linux golang freebsd security security-audit administrator cybersecurity security-vulnerability vulnerabilities security-hardening vulnerability-detection vulnerability-management vulnerability-scanners security-scanner vulnerability-assessment vuls security-automation security-tools vulnerability-scanner
  • Updated Jan 6, 2022
  • Go

zricethezav / gitleaks

Sponsor
Star 8.8k
Open

config validation

4
zricethezav
zricethezav commented Dec 3, 2021

Is your feature request related to a problem? Please describe.
It would be nice if gitleaks had a validate command that would validate examples found in the config rules. Introducing such a feature would speed up rule development and help with debugging.

Describe the solution you'd like
example entry in the rules tables
ex:

[[rules]]
id = "discord-client-secret"
des
Read more
enhancement help wanted good first issue
Find more good first issues
RustScan

RustScan / RustScan

Star 5.4k
Open

Write CI that checks for specific outputs in the terminal

4
bee-san
bee-san commented Oct 18, 2020

RustScan has an accessible mode, rustscan --accessible which should promise not to have any weird ASCII text in it.

Write CI that runs RustScan with --accessible a few times, with different flags / options and check the terminal output to see if it contains one of these:

  1. [!]
  2. [~]
  3. [>]
  4. | {}

If any of these characters appear in any of the tests, fail the CI. E

Read more
good first issue feature_request hacktoberfest
Find more good first issues
prowler

toniblyx / prowler

Star 4.6k

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

aws security cis security-audit cloud aws-cli assessment forensics compliance hardening security-hardening hipaa cloudtrail hacktoberfest gdpr security-tools devsecops cis-benchmark aws-auditing well-architected
  • Updated Jan 6, 2022
  • Shell

PyCQA / bandit

Star 3.8k
Find more good first issues
certificates

smallstep / certificates

Star 3.8k
Open

Add pidfile support for FreeBSD

1
basilhendroff
basilhendroff commented Nov 21, 2021

FreeBSD uses an rc.d framework for starting up applications. The pidfile is a special case because it is used by the rc system itself. It's used to tell rc how to check the status of the controlled program, or how to stop it. It's not the responsibility of rc to write the pidfile. That falls to the controlled program.

step-ca appears to lack support for creating a pidfile, It's a desirable enha

Read more
enhancement good first issue
Find more good first issues
Ladon

k8gege / Ladon

Star 3k

大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0

security tools hack exploit scanner hacking password poc brute-force pentest portscan security-scanner exp security-tools ladon ipscanner getshell netscan
  • Updated Oct 30, 2021
  • C#
Wikipedia
Wikipedia